[9222] in bugtraq
Re: SSH 1.x and 2.x Daemon
daemon@ATHENA.MIT.EDU (KuRuPTioN)
Tue Jan 26 12:09:22 1999
Date: Mon, 25 Jan 1999 15:22:03 -0500
Reply-To: KuRuPTioN <kuruption@CHA0S.COM>
From: KuRuPTioN <kuruption@CHA0S.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.990125201512.8362C-100000@andercheran.aiind.upv.es>
Hello again.
I have been brainstorming with a few people and I have found a solution to
the problem I was experiencing. This solution works in both SSH 1.2.26 (not
1.2.27, as I was delusional that day) and SSH 2.0.11.
In SSH 1.2.26 adding the -DHAVE_STRUCT_SPWD_EXPIRE to the Makefile in the
top of the SSH tree with fix the problem.
In SSH 2.0.11 adding the same -DHAVE_STRUCT_SPWD_EXPIRE to
ssh-2.0.11/lib/sshsession/Makefile. In both case, I added it to the 'defs
=' section and it worked fine, but maybe there is a cleaner way to do this.
In regards to -with-login, I have tried it and gotten errors not allowing me
to login at all. I do not remember the exact problem, but I know it did not
work. (I am too lazy right now to replicate the error).
Thanks to everyone who responded and lent me a hand.
Raymond T Sundland
-----Original Message-----
From: Linux Mailing Lists [mailto:linux@aiind.upv.es]
Sent: Monday, January 25, 1999 2:40 PM
To: BUGTRAQ@NETSPACE.ORG
Cc: kuruption@CHA0S.COM
Subject: Re: SSH 1.x and 2.x Daemon
Hello,
> > There seems to be incomplete code in the SSH daemon in both versions
1.2.27
> > and 2.0.11 (only tested). The bug simply allows users who with expired
> > accounts (in /etc/shadow) to continue to login even though other such
> > services such as ftp and telnet deny access. Here is the log using
1.2.27
> > (but the same happens with 2.0.11).
>
> This is not the case with ssh 1.1.26 running on FreeBSD 2.2.8
> If I expire an account:
> Expire [month day year]: January 1, 1999
> Then when I try to ssh in I just get:
> Permission denied.
There's a configure parameter to use the "usual" /bin/login program
instead of the login procedure implemented with ssh:
--with-login[=PATH] Use login -f to finish login connections.
On one hand, a possible fix (temporal, of course) is to compile sshd with
support for /bin/login. The features of the shadow-suite will be back.
On the other hand, SSH 1.2.26 seems to implement the expiration date of
accounts (grep expire sshd.c), but I don't know if it does it ok.
Greetings,
Sergio
