I wrote:
Has anyone patched SSH so that it works correctly with enhanced
security?
The current version authenticates correctly against enhanced
security, but doesn't seem to observe things like administrative
lockout of accounts.
I received two responses. One, from the author of current SSH C2 patches,
confirmed that administrative lockout of accounts was not observed.
Another person sent patches against an earlier version of SSH that
added some C2 compliance as part of a (failed) attempt to do DCE.
So the answer seems to be "no". Given the abysmal state of the
enhanced security programming documentation, this is no surprise.
Thanks to:
Steve VanDevender
Ville-Pertti Keinonen
for their responses.
- Saul
--
Saul Tannenbaum, Manager, Academic Systems |"Every year, I get more and more
stannenb_at_emerald.tufts.edu | cynical, but somehow I just can't
Tufts University Computing and | keep up." - Lilly Tomlin
Communications Services |
Finger for PGP Public Key |http://www.tufts.edu/~stannenb
Received on Mon Jul 14 1997 - 01:56:57 NZST