Bug 20372

Summary: ftp login incorrect when s/key active but not required
Product: Base System Reporter: pscott <pscott>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.0-RELEASE   
Hardware: Any   
OS: Any   

Description pscott 2000-08-03 07:00:01 UTC 
	If a userid has an s/key, but s/key is not required for login, ftp should allow
	a unix password, but it does not; only the s/key password works. This problem
	does not happen with telnet. telnet allows unix password, ftp does not. Problem
	first noticed on 4.0 release; another machine running 2.2.8 has no problems with
	s/key on either ftp or telnet.

Fix: 

Unknown.
How-To-Repeat: 
	Enable s/key for a userid dummy.

	Set up /etc/skey.access to allow unix passwords from intranet 192.168.168.0
	for dummy but not from another network.
	
	permit internet 192.168.168.0 255.255.255.0
	deny user dummy
	deny user root
	permit

	From another machine on the 192.168.168.0 network, start an ftp client to the 
	FreeBSD machine with an interface on the same network. 

	Log in as userid dummy. 

	The ftp server issues an s/key challenge BUT DOES NOT REQUIRE an skey, so a
	unix password should be accepted.

	Type in dummy's unix password. The ftp server barfs, saying login incorrect.
	That shouldn't happen. Type in dummy's correct s/key. Dummy gets logged in.
	
	Try telnet between the same two machines. No problem using a unix password.
Comment 1 Peter Wemm freebsd_committer freebsd_triage 2000-09-25 20:02:25 UTC 
Responsible Changed
From-To: gnats-admin->freebsd-bugs

Orphaned PR
Comment 2 pscott 2001-01-13 22:52:41 UTC 
This problem (bin/20372) appears to be a duplicate of misc/20333.

See http://www.freebsd.org/cgi/query-pr.cgi?20333 for more details.
Comment 3 Johan Karlsson freebsd_committer freebsd_triage 2001-02-25 12:24:51 UTC 
State Changed
From-To: open->closed

Duplicate of misc/20333.