openssh: fix login fails for ssh -o Batchmode=yes with empty passwords
The patch fixes the login fails for ssh -o Batchmode=yes when passwords is empty and without authorized_keys file even if set "PermitEmptyPasswords yes" in sshd_config file. Here, to fix this issue, we remove the file auth2-none.c-avoid-authenticate- empty-passwords-to-m.patch, that fixed broken pipe while sshd with pam, but it isn't needed any more now, because we make it has gone by change ChallengeResponseAuthentication value in sshd_config file. (From OE-Core rev: f879a7406d8fce37e8baf5fe724d7ed0042d57f8) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
aa2b6362ef
commit
90972c9518
|
@ -1,30 +0,0 @@
|
||||||
Upstream-Status: Pending
|
|
||||||
|
|
||||||
Subject: auth2-none.c: avoid authenticate empty passwords to mess up with PAM
|
|
||||||
|
|
||||||
If UsePAM, PermitEmptyPasswords, PasswordAuthentication are enabled. The ssh daemon
|
|
||||||
will try to authenticate an empty password, resulting in login failures of any user.
|
|
||||||
If PAM is enabled, then we should leave the task of password authentication to PAM.
|
|
||||||
|
|
||||||
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
||||||
|
|
||||||
---
|
|
||||||
auth2-none.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/auth2-none.c b/auth2-none.c
|
|
||||||
index c8c6c74..b48b2fd 100644
|
|
||||||
--- a/auth2-none.c
|
|
||||||
+++ b/auth2-none.c
|
|
||||||
@@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt)
|
|
||||||
{
|
|
||||||
none_enabled = 0;
|
|
||||||
packet_check_eom();
|
|
||||||
- if (options.permit_empty_passwd && options.password_authentication)
|
|
||||||
+ if (options.permit_empty_passwd && options.password_authentication && !options.use_pam)
|
|
||||||
return (PRIVSEP(auth_password(authctxt, "")));
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
--
|
|
||||||
1.7.9.5
|
|
||||||
|
|
|
@ -73,7 +73,7 @@ AuthorizedKeysFile .ssh/authorized_keys
|
||||||
#PermitEmptyPasswords no
|
#PermitEmptyPasswords no
|
||||||
|
|
||||||
# Change to no to disable s/key passwords
|
# Change to no to disable s/key passwords
|
||||||
#ChallengeResponseAuthentication yes
|
ChallengeResponseAuthentication no
|
||||||
|
|
||||||
# Kerberos options
|
# Kerberos options
|
||||||
#KerberosAuthentication no
|
#KerberosAuthentication no
|
||||||
|
|
|
@ -20,8 +20,7 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
|
||||||
file://sshdgenkeys.service \
|
file://sshdgenkeys.service \
|
||||||
file://volatiles.99_sshd \
|
file://volatiles.99_sshd \
|
||||||
file://add-test-support-for-busybox.patch \
|
file://add-test-support-for-busybox.patch \
|
||||||
file://run-ptest \
|
file://run-ptest"
|
||||||
file://auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch"
|
|
||||||
|
|
||||||
PAM_SRC_URI = "file://sshd"
|
PAM_SRC_URI = "file://sshd"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue