On Thu, Feb 25, 1999 at 05:16:34PM -0600, Chris Garrigues wrote:
> > From: Pierre Belanger <[EMAIL PROTECTED]>
> > Date: Thu, 25 Feb 1999 15:17:43 -0500
> > | they will be set. I have a patch for this but have heard that the ssh
> > | developers will not accept patches from anyone that resides in a country
> > with
> > | export restrictions, like the US.
> > |
> > Just change your FROM ;-)
> >
> > Ok, lets be serious ... can you send me the patch.
>
> As a paranoid, I don't think he can. He can describe the algorithm, however.
Well I kind of did. . . like I said in my previous post this one is REALLY
simple and has nothing to do with any of the encryption algorithms. This
is more of a bad choice in error messages; or they forgot to change it after
they tested the function.
To reproduce edit your sshd_config file and add this line
PermitRootLogin nopwd
This will "disable password-authenticated root logins" as per the man page.
If you try and login to the box as root it will prompt you for a password if
you type the wrong password it gives you this:
Permission denied.
If you type the correct root password it gives you this:
ROOT LOGIN REFUSED FROM [hostname]
I consider this bad, but I am paranoid. If you want to fix this the two
offending lines are located in sshd.c
I would like to post a patch but somewhere I am thinking that the ssh authors
do not take patches from anyone in the US, for example, because of our
wonderful :) policy on encryption; no matter what the patch is.
Does this make more sense now?
---
Andrew
