Basically, using the Sun bundled SSH daemon on Solaris 9, the daemon first goes through "none" authentication phase, then "public-key" authentication phase, then "password" authentication phase.
On "none" authentication phase it sends the blank password before it even prompts me for a password. I am guessing this is a bug in the Sun SSH daemon. I'm not much of a C programmer, and the patches I've tried on my own have had the wrong results -- but is there an easy way to tell pam_radius_auth not to send a radius request if the password is blank? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
