diff options
3 files changed, 2 insertions, 33 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch b/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch deleted file mode 100644 index ba13cd1919..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Pending - -Subject: auth2-none.c: avoid authenticate empty passwords to mess up with PAM - -If UsePAM, PermitEmptyPasswords, PasswordAuthentication are enabled. The ssh daemon -will try to authenticate an empty password, resulting in login failures of any user. -If PAM is enabled, then we should leave the task of password authentication to PAM. - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> - ---- - auth2-none.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/auth2-none.c b/auth2-none.c -index c8c6c74..b48b2fd 100644 ---- a/auth2-none.c -+++ b/auth2-none.c -@@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt) - { - none_enabled = 0; - packet_check_eom(); -- if (options.permit_empty_passwd && options.password_authentication) -+ if (options.permit_empty_passwd && options.password_authentication && !options.use_pam) - return (PRIVSEP(auth_password(authctxt, ""))); - return (0); - } --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 3553669aa0..d48bd2b98d 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -73,7 +73,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no diff --git a/meta/recipes-connectivity/openssh/openssh_6.8p1.bb b/meta/recipes-connectivity/openssh/openssh_6.8p1.bb index 8e07e00029..b00ef6f835 100644 --- a/meta/recipes-connectivity/openssh/openssh_6.8p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_6.8p1.bb @@ -20,8 +20,7 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar. file://sshdgenkeys.service \ file://volatiles.99_sshd \ file://add-test-support-for-busybox.patch \ - file://run-ptest \ - file://auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch" + file://run-ptest" PAM_SRC_URI = "file://sshd" |