Date: Fri, 27 Mar 2009 12:24:53 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Barney Cordoba <barney_cordoba@yahoo.com> Cc: mail25@bzerk.org, ed@FreeBSD.org, current@freebsd.org Subject: Re: Telnet root login Message-ID: <alpine.BSF.2.00.0903271204400.60642@fledge.watson.org> In-Reply-To: <370833.32038.qm@web63903.mail.re1.yahoo.com> References: <370833.32038.qm@web63903.mail.re1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 26 Mar 2009, Barney Cordoba wrote:
> Ok, I have some critical info here. When I set up ttys with the proper pts/0
> setting, I can login are root using
>
> login localhost
>
> however when telnet in from my iMAC, it doesn't work. It also doesn't give
> me the "Trying SRA secure login" from the mac. So it seems its using a
> different authentication when I telnet from the MAC.
Hi Barney (and now also Ed!),
This indeed appears to be the key. getttyent(3) appears to properly return
the /etc/ttys entry for pts devices, and the TTY_SECURE flag is properly
returned. However, pam_securetty isn't using a valid tty name string -- it
turns out login, invoked by telnet in the non-SRA case, assumes it can run the
following code to get back the tty name:
/*
* Get current TTY
*/
ttyn = ttyname(STDIN_FILENO);
if (ttyn == NULL || *ttyn == '\0') {
(void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY);
ttyn = tname;
}
if ((tty = strrchr(ttyn, '/')) != NULL)
++tty;
else
tty = ttyn;
The resulting string ("2" in my case) is passed on to PAM as the tty, and then
pam_securetty looks that up without any success.
Ed, is this something you could take a look at? It's not clear to me if the
above logic just needs fixing, or if there are more subtle considerations.
Thanks,
Robert N M Watson
Computer Laboratory
University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0903271204400.60642>