openssh: fix login fails for ssh -o Batchmode=yes with empty passwords
The patch fixes the login fails for ssh -o Batchmode=yes when passwords is empty and without authorized_keys file even if set "PermitEmptyPasswords yes" in sshd_config file. Here, to fix this issue, we remove the file auth2-none.c-avoid-authenticate- empty-passwords-to-m.patch, that fixed broken pipe while sshd with pam, but it isn't needed any more now, because we make it has gone by change ChallengeResponseAuthentication value in sshd_config file. (From OE-Core rev: f879a7406d8fce37e8baf5fe724d7ed0042d57f8) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
aa2b6362ef
commit
90972c9518
|
@ -1,30 +0,0 @@
|
|||
Upstream-Status: Pending
|
||||
|
||||
Subject: auth2-none.c: avoid authenticate empty passwords to mess up with PAM
|
||||
|
||||
If UsePAM, PermitEmptyPasswords, PasswordAuthentication are enabled. The ssh daemon
|
||||
will try to authenticate an empty password, resulting in login failures of any user.
|
||||
If PAM is enabled, then we should leave the task of password authentication to PAM.
|
||||
|
||||
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
||||
|
||||
---
|
||||
auth2-none.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/auth2-none.c b/auth2-none.c
|
||||
index c8c6c74..b48b2fd 100644
|
||||
--- a/auth2-none.c
|
||||
+++ b/auth2-none.c
|
||||
@@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt)
|
||||
{
|
||||
none_enabled = 0;
|
||||
packet_check_eom();
|
||||
- if (options.permit_empty_passwd && options.password_authentication)
|
||||
+ if (options.permit_empty_passwd && options.password_authentication && !options.use_pam)
|
||||
return (PRIVSEP(auth_password(authctxt, "")));
|
||||
return (0);
|
||||
}
|
||||
--
|
||||
1.7.9.5
|
||||
|
|
@ -73,7 +73,7 @@ AuthorizedKeysFile .ssh/authorized_keys
|
|||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to no to disable s/key passwords
|
||||
#ChallengeResponseAuthentication yes
|
||||
ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
#KerberosAuthentication no
|
||||
|
|
|
@ -20,8 +20,7 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
|
|||
file://sshdgenkeys.service \
|
||||
file://volatiles.99_sshd \
|
||||
file://add-test-support-for-busybox.patch \
|
||||
file://run-ptest \
|
||||
file://auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch"
|
||||
file://run-ptest"
|
||||
|
||||
PAM_SRC_URI = "file://sshd"
|
||||
|
||||
|
|
Loading…
Reference in New Issue