Problem with openssh?

• Previous message: Jerome Dsilva: "Re: OpenSSH 3.6.1 with PAM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
Date: Wed, 27 Aug 2003 12:22:11 +0200

Hi @all!

I found this in my messages logfile:

Aug 24 03:17:40 proxy sshd[23521]: Did not receive identification string
from 62.154.183.115
Aug 24 03:17:47 proxy sshd[23522]: Could not reverse map address
62.154.183.115.
Aug 24 03:17:47 proxy sshd[23523]: Could not reverse map address
62.154.183.115.
Aug 24 03:17:47 proxy sshd[23522]: Accepted password for mysql from
62.154.183.115 port 2642 ssh2
Aug 24 03:17:48 proxy sshd(pam_unix)[23526]: session opened for user mysql
by (uid=100)
Aug 24 03:17:49 proxy sshd(pam_unix)[23526]: session closed for user mysql

The really strange thing about this is, that the user
mysql has no password. It is locked with "!!" in /etc/shadow.
So, how can somebody login to this account (even if it
is only for 1 second)??

Is this a problem of openssh or pam?

This happened with openssh version 3.4p1 and pam version
0.75. In the meantime I've updated to openssh 3.6.1p2 and
pam 0.77.

Regards,
Tom

• Previous message: Jerome Dsilva: "Re: OpenSSH 3.6.1 with PAM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]