"Emsweller, Patrick J" <[EMAIL PROTECTED]> writes: > I was wondering if anyone else may have noticed or run into this. > Recently I changed the the password on a nessus account. The nessus scanner > itself worked fine, logged in as the user with the new password. However > I'm also using a script that implements NTP. NTP on the other hand did not > recognize the change and only worked with the old password.
I changed the way passwords are stored on the server some time ago. They used to be stored in clear text in a "password" file. Now we keep only a hash in a file named "hash" (surprise!) I suspected a bug when both files exists but "password" is never read if "hash" exists. Odd... Could you repeat your test with the debug code in check_user() enabled? (in nessus-core/nessusd/users.c)
