Possible security problem in hostbased user authentication?

This is a discussion on Possible security problem in hostbased user authentication? within the OpenSSH Development forums, part of the Networking and Network Related category; In auth2-hostbased.c, line #146 if (auth_rhosts2(pw, cuser, chost, chost) == 0) ^^^^^ shouldn't this be if (auth_rhosts2(pw, ...

		Usenet Forums > Networking and Network Related > OpenSSH Development
Possible security problem in hostbased user authentication?

LinkBack

Thread Tools

Display Modes

#1 (permalink)

10-06-2005

Choung S. Park / Choung Networks

Posts: n/a

Possible security problem in hostbased user authentication?

In auth2-hostbased.c, line #146

if (auth_rhosts2(pw, cuser, chost, chost) == 0)
^^^^^

shouldn't this be

if (auth_rhosts2(pw, cuser, chost, ipaddr) == 0)
^^^^^^

The code was found in 4.2.

Best regards,
Choung S.Park

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are Off [IMG] code is Off HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

All times are GMT +1. The time now is 07:22 PM.