[Samba] PAM sending wrong username to Winbind (fwd)
abartlet at samba.org
Sun Jan 2 03:46:57 GMT 2005
On Tue, 2004-12-28 at 21:06 +1100, Chew, Darren wrote:
> Hi All,
> I have tried logging into ftp using my NT username and password and it
> works. It is only SSH which has this problem.
Yes, this is part of a misguided attempt by OpenSSH's PAM code to avoid
giving away 'username ok, but wrong password' errors to remote
attackers. I think it actually gave away more information than it hid,
and I know at the very least this code has changed over a number of
Try the latest OpenSSH, and ensure that 'getpwnam domain\user' works, as
OpenSSH does this when it thinks the username is invalid.
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050102/7aa3edb2/attachment.bin
More information about the samba