Re: ssh login with passwords!

From: Mikko (nomail_at_mail.invalid)
Date: 08/28/03 

Date: Thu, 28 Aug 2003 19:52:59 GMT

spanda wrote:

> Hi,
>
> While I wanted to login to a machine using ssh, it allowed me with 2
> passwords !!
>
> Actual Password: "test1234" ( 8 chars )
> Able to login as "test12345678" also !!
>
> Is this a valid behavior or is it a bug ?

You propably have DES encryption, it uses only 8 first characters.

MD5 can have longer passwords.

Relevant Pages

  • Re: security on linux
    ... Passwords can be guessed, public keys can't. ... login, and HDST denote the host TO which I want to login to. ... I'm running the ssh client on HSRC and the ssh server on HDST. ...
    (comp.os.linux.misc)
  • Re: [opensuse] RKHunter reports possible infection
    ... long obsolete versions of ssh. ... It has other reason - noone can do successfull dictionary attack on root ... account when it's not allowed to login as root. ... Symbian version of PuTTY only handles plaintext passwords) then this is ...
    (SuSE)
  • Re: Where are linux security questions discussed?
    ... They usually only try a few things on each login ... I wouldn't trust just passwords. ... I wouldn't allow anything but ssh as a service on the machine. ... > login as root except at the console - but I can't seem to find it now. ...
    (comp.os.linux.misc)
  • ssh login with passwords!
    ... While I wanted to login to a machine using ssh, ... Regards ...
    (comp.security.ssh)
  • UPDATE Re: rlogin - security question [expanded to smartcard technology]
    ... explinations of ssh etc. ... 0-13-100092-6) with the words "The Official Sun Microsystems Resource ... place root / users cannot set/change passwords. ... > we are required to allow rlogin access to all by means of .rhosts files. ...
    (SunManagers)