Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#2558 - sshd and pam
Attached to Project:
Arch Linux
Opened by Ćukasz Fibinger (lucke) - Wednesday, 13 April 2005, 07:21 GMT
Opened by Ćukasz Fibinger (lucke) - Wednesday, 13 April 2005, 07:21 GMT
|
Details http://bbs.archlinux.org/viewtopic.php?p=81404
In default, sshd (openssh) has no pam support enabled in config file, therefore it doesn't respect limits set in limits.conf file, making the box vulnerable to forkbombs (remote users can bomb the box even with sane limits set). Thus, I suggest sedding the sshd_config file while the build process, setting UsePam to Yes (and probably ChallengeResponseAuthentication to No as well, to make sshd use only account and sessions pam modules) in order to enable pam. |
This task depends upon
Closed by Judd Vinet (judd)
Monday, 02 May 2005, 03:14 GMT
Reason for closing: Implemented
Additional comments about closing: Added for next build
Monday, 02 May 2005, 03:14 GMT
Reason for closing: Implemented
Additional comments about closing: Added for next build
Comment by eliott (cactus) -
Sunday, 17 April 2005, 04:58 GMT
I second.