My web server was hacked this week, apparently from a trusted (in the
physical sense) user whose account was hacked.
I''m running Redhat 6.0 and compiled the latest OpenSSH sources to install
sshd. However, when testing the installation with password authentication
I get "Password denied, please try again." on all accounts. The log file
shows "Failed password for <user> from <ip_address> port <#>" so it looks
like it's actually password failure somewhere. The log also shows
"PAM_pwdb session opened by user".
I've never done any configuration to 'pam'. Is this a 'pam' problem or is
there something else I need to look at?
-----------------------[ http://www.magpie.com ]-------=o&>o-------
Steve Manes
Brooklyn, N'Yawk
