Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Red Hat 7.3, Red Hat 9, Solaris8, Slackware 10, Slax on USB, AIX, FreeBSD, WinXP, AIX, Ubuntu
Posts: 418
Rep:
Help needed! BIG problem with security
Hi all,
I just found out I have a huge! security problem...
When connecting through SSH to my linux machine, i am prompted for my username (Sofar so good) and then my password.
There is where it goes wrong: I can type in any password I'd like, an I get access!!!!
So i.e.
User: myname
Passwd: blabla
Works...
User: myname
Passwd: somthingelse
User: myname
Passwd: AnythingITypeHere
All work, and I am logged in as user myname..
Fortunately, The access to this box is limited to internal traffic only, but still, I don't like this!!!!
Sounds like you are using host-based or stored key authentification? What distribution does this occur on, and have you changed anything in the sshd_conf file?
I commented everything out in the /etc/pam.d/sshd and then it seems to work as expected
OpenSSH's PAM file uses system-auth. First thing I would do is activate all statements in pam.d/sshd and add debug statements. If that doesn't show anything usefull I'd add debug statements to system-auth too. If that doesn't anything usefull, verify any changes you made in the past, post what you did accompanied by your sshd and system-auth files. One crude way to verify changed files would be to run rpm -Va and grep for /etc/pam.d, then extract those originals and diff.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.