Fedora 9: 2009-3627 Moderate: pam_ssh SSH Authentication Improvement
fedora
May 2, 2009
Summary
This PAM module provides single sign-on behavior for UNIX using SSH keys.
Users are authenticated by decrypting their SSH private keys with the
password provided. In the first PAM login session phase, an ssh-agent
process is started and keys are added. The same agent is used for the
following PAM sessions. In any case the appropriate environment variables
are set in the session phase.
ChangeLog:
* Thu Mar 26 2009 Dmitry Butskoy
- Always use standard "Password:" prompt for the first password's inquire
in a PAM chain (#492153)
References:
[ 1 ] Bug #492153 - CVE-2009-1273 pam_ssh: Password prompt varies for existent and non-existent users https://bugzilla.redhat.com/show_bug.cgi?id=492153
This update can be installed with the "yum" update program. Use
su -c 'yum update pam_ssh' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: pam_ssh
Product: Fedora 9
Version: 1.92
Release: 10.fc9
Summary: PAM module for use with SSH keys and ssh-agent
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!