Date: Sun, 20 Jul 2003 22:27:41 +0200 From: Farid Hajji <me@farid-hajji.de> To: Doug White <dwhite@gumbysoft.com> Cc: freebsd-current@freebsd.org Subject: Re: login(1) doesn't enforce times.allow/times.deny over ssh(1) Message-ID: <200307202227.41390.me@farid-hajji.de> In-Reply-To: <20030720123716.V65450@carver.gumbysoft.com> References: <200307202032.02281.me@farid-hajji.de> <20030720123716.V65450@carver.gumbysoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 20 July 2003 09:38 pm, Doug White wrote: > On Sun, 20 Jul 2003, Farid Hajji wrote: > > When using ssh, I'm not trying public/private keys, > > just plain unix passwords. Doesn't ssh access login(1) > > in this case? > > sshd does not use login unless requested to do so by the UseLogin config > parameter. Yessss, that was it. > There have been security vulnerabilities exposed by using this option in > the past. You have been warned :) So we need an additional pam module for such policy settings. That's reasonable. Many thanks. -- Farid Hajji. http://www.farid-hajji.net/address.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200307202227.41390.me>