diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch | 30 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd_config | 2 |
2 files changed, 1 insertions, 31 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch b/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch deleted file mode 100644 index ba13cd1919..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Pending - -Subject: auth2-none.c: avoid authenticate empty passwords to mess up with PAM - -If UsePAM, PermitEmptyPasswords, PasswordAuthentication are enabled. The ssh daemon -will try to authenticate an empty password, resulting in login failures of any user. -If PAM is enabled, then we should leave the task of password authentication to PAM. - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> - ---- - auth2-none.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/auth2-none.c b/auth2-none.c -index c8c6c74..b48b2fd 100644 ---- a/auth2-none.c -+++ b/auth2-none.c -@@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt) - { - none_enabled = 0; - packet_check_eom(); -- if (options.permit_empty_passwd && options.password_authentication) -+ if (options.permit_empty_passwd && options.password_authentication && !options.use_pam) - return (PRIVSEP(auth_password(authctxt, ""))); - return (0); - } --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 3553669aa0..d48bd2b98d 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -73,7 +73,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no |