Re: Solaris root login only at console question

From: Darren J Moffat (Darren.Moffat@Sun.COM)
Date: 01/23/02


Date: Tue, 22 Jan 2002 16:39:53 -0800
From: Darren J Moffat <Darren.Moffat@Sun.COM>
To: martha.crocker@philips.com

On 01/21/02 12:42, martha.crocker@philips.com wrote:

> I was just running through my machines checking to make sure they had all been changed
> so that direct root login isn't allowed except on the console. I noticed an interesting thing
> with Solaris 2.5 & Sol 8, if I attempt a login as root, either with the correct password or with an
> incorrect password, I get the same message:

Which is correct behaviour, otherwise there is information leakage about
the root credentials.

 
> UNIX(r) System V Release 4.0 (nodename)
>
> login: root
> Password:
> Not on system console
> Connection closed by foreign host.
>
> BUT, if I do the same on Solaris 2.6 and 7, I only get this message if I supply the correct
> root password. If I supply the incorrect password, I get another prompt for username:

> Has anyone else ever noticed this?

yes.

> Is this perhaps a bug?

yes, 4116699. The part of the bug that deals with which message is
displayed is in 2.6 and & not 2.5.1 and 8. However it was acutually
much more subtle than that because you could time how long it took to
get the message displayed and work out if the password was likely to be
correct or not.

> Is there a cure?

That depends on which behaviour you wanted to have ;-) 2.5.1 and 8 have
the correct behaviour - ie no difference between correct and incorrect
passwords.

There is no patch for 2.6 or 7 for the incorrect behaviour.

-- 
Darren J Moffat



Relevant Pages

  • Re: Urgent help needed with Login problems after installation of FC1
    ... >su: incorrect password ... >>symptom trying to su back to root. ... I was unable to boot using the boot floppy. ... >>I did a minimal install and was able to login as root, ...
    (Fedora)
  • su issues
    ... prompt me to type a password and automatically jumps to reporting it as ... EXAMPLE USER TO ROOT FAILURE: ... su: incorrect password ...
    (linux.redhat)
  • Re: su issues ADDITIONAL INFORMATION
    ... you a bulk list of addional information ... SU fails regardless of what user you are and what user you try to switch ... > EXAMPLE USER TO ROOT FAILURE: ... > su: incorrect password ...
    (linux.redhat)
  • [opensuse] My root password has changed!
    ... (11.0 doesn't restart the network after a suspend-to-disk), and the root ... su: incorrect password ...
    (SuSE)
  • Re: blocking ssh Root Logins
    ... The other little wrinkle that can ... ``without-password'' had the effect of making the root password not ... work for a direct root login just like the manual said. ...
    (Debian-User)