Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Jul 2003 22:27:41 +0200
From:      Farid Hajji <me@farid-hajji.de>
To:        Doug White <dwhite@gumbysoft.com>
Cc:        freebsd-current@freebsd.org
Subject:   Re: login(1) doesn't enforce times.allow/times.deny over ssh(1)
Message-ID:  <200307202227.41390.me@farid-hajji.de>
In-Reply-To: <20030720123716.V65450@carver.gumbysoft.com>
References:  <200307202032.02281.me@farid-hajji.de> <20030720123716.V65450@carver.gumbysoft.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 20 July 2003 09:38 pm, Doug White wrote:
> On Sun, 20 Jul 2003, Farid Hajji wrote:
> > When using ssh, I'm not trying public/private keys,
> > just plain unix passwords. Doesn't ssh access login(1)
> > in this case?
>
> sshd does not use login unless requested to do so by the UseLogin config
> parameter.

Yessss, that was it.

> There have been security vulnerabilities exposed by using this option in
> the past.  You have been warned :)

So we need an additional pam module for such policy
settings. That's reasonable.

Many thanks.

-- 
Farid Hajji. http://www.farid-hajji.net/address.html 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200307202227.41390.me>