From 6f6b27d515a1807086e59a8918eb0ca8c1cea398 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 9 Aug 2007 14:31:53 +1000 Subject: [PATCH] - (dtucker) [README.platform] Document the interaction between PermitRootLogin and the AIX native login restrictions. --- ChangeLog | 4 +++- README.platform | 8 +++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 95a69597b..e78bbe558 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 20070809 - (dtucker) [openbsd-compat/port-aix.c] Comment typo. + - (dtucker) [README.platform] Document the interaction between PermitRootLogin + and the AIX native login restrictions. 20070808 - (djm) OpenBSD CVS Sync @@ -3138,4 +3140,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4719 2007/08/09 04:29:47 dtucker Exp $ +$Id: ChangeLog,v 1.4720 2007/08/09 04:31:53 dtucker Exp $ diff --git a/README.platform b/README.platform index 7accea48e..3d7db1494 100644 --- a/README.platform +++ b/README.platform @@ -30,6 +30,12 @@ define the environment variable blibpath before running configure, eg blibpath=/lib:/usr/lib:/opt/freeware/lib ./configure \ --with-ssl-dir=/opt/freeware --with-zlib=/opt/freeware +If sshd is built with the WITH_AIXAUTHENTICATE option (which is enabled +by default) then sshd checks that users are permitted via the +loginrestrictions() function, in particular that the user has the +"rlogin" attribute set. This check is not done for the root account, +instead the PermitRootLogin setting in sshd_config is used. + Cygwin ------ @@ -75,4 +81,4 @@ account stacks which will prevent authentication entirely, but will still return the output from pam_nologin to the client. -$Id: README.platform,v 1.8 2007/03/13 10:00:45 dtucker Exp $ +$Id: README.platform,v 1.9 2007/08/09 04:31:53 dtucker Exp $