On Wed, Dec 15, 1999 at 10:56:50PM +0000, Dorian Moore wrote:
> Is there an (easy:) way to change the prompt returned if you have
> PermitRootLogin no
> in
> /etc/ssh/sshd_config (ssh1.2.27)
> and you slogin with the correct password. At the moment I get
> Permission denied.
> If I get the password wrong, but
> ROOT LOGIN REFUSED FROM *.*
> if I get the password right....
>
> which basically mean someone could get a positive response from a
> password cracker (I know, the root password shouldn't be that insecure,
> but IMHO the program shouldn't return that verbose a message (or it
> should be configurable) in that instance)
Yes, just apply this patch and/or edit the code yourself
--
What the large print giveth, the small print taketh away.
Andrew L. Davis [EMAIL PROTECTED]
--- sshd.c.orig Wed May 12 07:19:29 1999
+++ sshd.c Thu May 13 18:38:32 1999
@@ -2711,7 +2711,7 @@
if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1)
{
if (authentication_type == SSH_AUTH_PASSWORD)
- packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
+ packet_disconnect("Permission denied.",
get_canonical_hostname());
}
else
@@ -2720,7 +2720,7 @@
if (forced_command)
log_msg("Root login accepted for forced command.", forced_command);
else
- packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
+ packet_disconnect("Permission denied.",
get_canonical_hostname());
}
