Hello, I have a Debian testing server on my network with OpenSSH running. If I try to log in as root but with wrong password I get the following:
[EMAIL PROTECTED] deniedfr $ ssh [EMAIL PROTECTED] Password: <wrong password here> Password: <the same wrong password> Password: <the same wrong password> [EMAIL PROTECTED]'s password: <the same wrong password> Last login: Wed Jun 16 17:03:11 2004 from dettnb80.tt.de.ifm dettlx18:~# uname -a Linux dettlx18 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 GNU/Linux dettlx18:~# The /var/log/auth.log: sshd[1335]: (pam_securetty) access denied: tty 'ssh' is not secure ! sshd[1335]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root sshd[1333]: error: PAM: Authentication failure sshd[1336]: (pam_securetty) access denied: tty 'ssh' is not secure ! sshd[1336]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root sshd[1333]: error: PAM: Authentication failure sshd[1337]: (pam_securetty) access denied: tty 'ssh' is not secure ! sshd[1337]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root sshd[1333]: error: PAM: Authentication failure sshd[1333]: Failed keyboard-interactive/pam for root from 172.16.15.80 port 32896 ssh2 sshd[1333]: Accepted password for root from 172.16.15.80 port 32896 ssh2 sshd[1338]: (pam_unix) session opened for user root by root(uid=0) If I try to use 'x' as wrong password, ssh won't let me in: [EMAIL PROTECTED]'s password: Permission denied (publickey,password,keyboard-interactive). Just as I would expect it. If I use a longer or similar password as the real root password, ssh will let me log in, example: real root password = linux4me -> success :) fake root password = fun4linux -> success! :( The ssh package version: ii ssh 3.8p1-3 Secure rlogin/rsh/rcp replacement (OpenSSH) Any idea about that behavor? Regards, Frank -- Mail: [EMAIL PROTECTED] XMPP: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]