Summary: | openssh 3.6.1_p2 does not allow nis logins. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Ryan Hadley <ryan> |
Component: | [OLD] Server | Assignee: | Daniel Ahlberg (RETIRED) <aliz> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Ryan Hadley
2003-07-31 12:44:13 UTC
This is an old version of Openssh with known security vulnerabilities. Ryan: Does 3.7.1_p2 have the same problems with nis? 3.7.1_p2 has a new problem for me. Seems that it's a feature in the latest version of openssh. I guess in order for PAM to work for 3.7.X, you have to use Keyboard Interactive mode. Almost all clients support this, but many of them don't seem to do it be default. Getting all my users to make these changes to their ssh clients will be a pain and take much time... Reference: http://marc.theaimsgroup.com/?l=secure-shell&m=106572058304139&w=2 Kinda sucks that they just threw that out there... So, I'll find out someday and when I do I'll update this bug. Not an issue in 3.7.1_p2 However additional work is still required to get this to work in 3.7.1_p2. Along with my previous comment, PAM is disabled by default now. You have to turn it on with "UsePAM yes" in the sshd_config file. Currently, all that's needed is that "UsePAM yes" has to be turned on. The question is really whether this is a good default or not. I think it is, but I didn't file the bug. Can we close this bug? Sorry for any misunderstanding, having to add UsePAM yes is not a problem, I was just adding aditional information for in case someone happened to search on nis problems with ssh. Since no one should be using 3.6.1_p2, I see no reason why this bug shouldn't be closed. Closing. |