ssh and root on 4.10 = password discovery (maybe)

• Previous message: Jon DeShirley: "Re: Root users shell == no existantshell /bin/bash"
• Next in thread: Konrad Heuer: "Re: ssh and root on 4.10 = password discovery (maybe)"
• Reply: Konrad Heuer: "Re: ssh and root on 4.10 = password discovery (maybe)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 Jul 2004 19:35:27 +1000
To: freebsd-security@freebsd.org

Hello. I'm not 100% sure if this is a configuration error on my side or
a 'bad idea' on sshd/FreeBSD sides.

A remote root ssh connection to a FreeBSD 4.10 server (with no remote
root access) will allow you to 'work out' the root password. However, if
you try the same against 5.2.1 FreeBSD, you have little chance. The
following are pretty clear examples.

If this is a config mistake on my side, please let me know as I have
clearly done something wrong.

Correct root password - 4.10
tigger@piglet:~% ssh root@4.10-FreeBSD
Password:
Connection to 4.10-FreeBSD closed by remote host.
Connection to 4.10-FreeBSD closed.
tigger@piglet:~%

Incorrect root password - 4.10
tigger@piglet:~% ssh root@4.10-FreeBSD
Password:
Password:
Password:
root@lilypie.com's password:
Permission denied, please try again.
root@lilypie.com's password:
Permission denied, please try again.
root@lilypie.com's password:
Permission denied (publickey,password,keyboard-interactive).
tigger@piglet:~%

Correct root password - 5.2.1
tigger@piglet:~% ssh root@5.2.1-FreeBSD
Password:
Password:
Password:
root@eeeor.goo's password:
Permission denied, please try again.
root@eeeor.goo's password:
Permission denied, please try again.
root@eeeor.goo's password:
Permission denied (publickey,password,keyboard-interactive).

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Jon DeShirley: "Re: Root users shell == no existantshell /bin/bash"
• Next in thread: Konrad Heuer: "Re: ssh and root on 4.10 = password discovery (maybe)"
• Reply: Konrad Heuer: "Re: ssh and root on 4.10 = password discovery (maybe)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Problem connecting to SSH, OpenVMS7.3-2, HP TCP/IP v5.4 patched ... warning: Authentication failed. ... connection lost (Connection closed by remote host.). ... So, as you can see, I am trying to make an ssh connection with the ... (comp.os.vms) RE: Re: Remote connections ... Compliments of Cygwin you can setup a SSH server on ... connection through the SSH connection. ... Aside from creating a VPN tunnel and then performing a Remote Desktop ... Server Terminal Services and XP and 2003 server Remote Desktop machines. ... (Focus-Microsoft) Re: PermitRootLogin=yes versus su ... > a regular user and using su to become root. ... > Back in the days before strong encryption, when remote access was done ... > However, we now have SSH. ... (comp.security.ssh) Reasoning behind a default remote root login ? ... using ssh. ... remote root logins alltogether. ... Does anyone know why OpenBSD allows remote root ... (comp.unix.bsd.openbsd.misc) Re: Remote GUI Login between Solaris machines? ... specific remote host, either as root or by impersonating my uid, can steal ... fake the SSH_* (by guessing? ... connection and do stuff with X windows on MY machine as ME. ... problem is on the remote machine, where the sshd is ... (comp.unix.solaris)