http://qa.mandrakesoft.com/show_bug.cgi?id=5937
[EMAIL PROTECTED] changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |INVALID
------- Additional Comments From [EMAIL PROTECTED] 2003-24-09 17:46 -------
This is due to changes in the way openssh handles pam; it adds a delay so that someone
trying to
brute-force or probe a machine with different accounts can't tell if an account exists
or not due to
the length of time delayed before th next password prompt. Unfortunately, this is
something that
the openssh developers need to deal with; this isn't Mandrake-specific.
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
login into a remote computer results in a 3-4 sec delay.
Reason (/var/log/messages on remote computer):
Sep 24 11:16:59 Defiant sshd(pam_unix)[2572]: authentication failure; logname=
uid=0 euid=0 tty=NODEVssh ruser=
rhost=enterprise.theorie.physik.uni-goettingen.de user=holm
Sep 24 11:17:01 Defiant sshd[2572]: Accepted publickey for holm from
134.76.88.88 port 52988 ssh2
Sep 24 11:17:01 Defiant sshd(pam_unix)[2574]: session opened for user holm by
(uid=1425)
This problem doesen't exist in 3.5p1-7mdk and in the version before the latest
securuity update to 9.1
jh
