I tried to duplicate this on a sid box and a sarge box (that hasn't been upgraded for awhile). I couldn't duplicate your results.
The sid box has ii ssh 3.8.1p1-4 Secure rlogin/rsh/rcp replacement (OpenSSH and the sarge box has ii ssh 3.6.1p2-3 Secure rlogin/rsh/rcp replacement (OpenSSH) Sarge box: [EMAIL PROTECTED]:~$ ssh -l root 10.224.112.121 [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied (publickey). [EMAIL PROTECTED]:~$ Sid box: [EMAIL PROTECTED]:~$ ssh -l root 66.122.133.154 Password: Password: Password: [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied (publickey,password,keyboard-interactive). [EMAIL PROTECTED]:~$ On Wed, 2004-06-16 at 08:43, Frank Niedermann wrote: > Hello, > > I have a Debian testing server on my network with OpenSSH running. If I > try to log in as root but with wrong password I get the following: > > [EMAIL PROTECTED] deniedfr $ ssh [EMAIL PROTECTED] > Password: <wrong password here> > Password: <the same wrong password> > Password: <the same wrong password> > [EMAIL PROTECTED]'s password: <the same wrong password> > Last login: Wed Jun 16 17:03:11 2004 from dettnb80.tt.de.ifm > dettlx18:~# uname -a > Linux dettlx18 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 > GNU/Linux > dettlx18:~# > > The /var/log/auth.log: > sshd[1335]: (pam_securetty) access denied: tty 'ssh' is not secure ! > sshd[1335]: (pam_unix) authentication failure; logname= uid=0 euid=0 > tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root > sshd[1333]: error: PAM: Authentication failure > sshd[1336]: (pam_securetty) access denied: tty 'ssh' is not secure ! > sshd[1336]: (pam_unix) authentication failure; logname= uid=0 euid=0 > tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root > sshd[1333]: error: PAM: Authentication failure > sshd[1337]: (pam_securetty) access denied: tty 'ssh' is not secure ! > sshd[1337]: (pam_unix) authentication failure; logname= uid=0 euid=0 > tty=ssh ruser= rhost=dettnb80.tt.de.ifm user=root > sshd[1333]: error: PAM: Authentication failure > sshd[1333]: Failed keyboard-interactive/pam for root from 172.16.15.80 > port 32896 ssh2 > sshd[1333]: Accepted password for root from 172.16.15.80 port 32896 ssh2 > sshd[1338]: (pam_unix) session opened for user root by root(uid=0) > > If I try to use 'x' as wrong password, ssh won't let me in: > [EMAIL PROTECTED]'s password: > Permission denied (publickey,password,keyboard-interactive). > > Just as I would expect it. If I use a longer or similar password as the > real root password, ssh will let me log in, example: > real root password = linux4me -> success :) > fake root password = fun4linux -> success! :( > > The ssh package version: > ii ssh 3.8p1-3 Secure rlogin/rsh/rcp replacement (OpenSSH) > > Any idea about that behavor? > > Regards, > Frank > -- > Mail: [EMAIL PROTECTED] > XMPP: [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]