From integer@mail.bsbsolutions.com.br  Sat Nov 22 09:13:40 2003
Return-Path: <integer@mail.bsbsolutions.com.br>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 04CA016A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 22 Nov 2003 09:13:40 -0800 (PST)
Received: from mail.bsbsolutions.com.br (200-096-170-206.bsace7024.e.brasiltelecom.net.br [200.96.170.206])
	by mx1.FreeBSD.org (Postfix) with SMTP id 012C643F93
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 22 Nov 2003 09:13:38 -0800 (PST)
	(envelope-from integer@mail.bsbsolutions.com.br)
Received: (qmail 69209 invoked by uid 1000); 22 Nov 2003 14:15:45 -0000
Message-Id: <20031122141545.69208.qmail@mail.bsbsolutions.com.br>
Date: 22 Nov 2003 14:15:45 -0000
From: Ivo R.Tonev <integer@mail.bsbsolutions.com.br>
Reply-To: Ivo R.Tonev <integer@mail.bsbsolutions.com.br>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject:
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         59593
>Category:       i386
>Synopsis:       SSHD uses 8-char user password for authentication
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Nov 22 09:20:13 PST 2003
>Closed-Date:    Sat Apr 24 01:13:04 PDT 2004
>Last-Modified:  Sat Apr 24 01:13:04 PDT 2004
>Originator:     Ivo R. Tonev
>Release:        FreeBSD 4.9-RELEASE i386
>Organization:
>Environment:
>Description:
My upgraded prom src ( 4.8 -> 4.9 ) FreeBSD box sshd authenticate users with only
first 8-char password.  sshd version OpenSSH_3.5p1 FreeBSD-20030924.
 
>How-To-Repeat:
Add user with >8 char password and login via ssh with only first 8-char of password

>Fix:
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat Nov 22 23:57:03 PST 2003 
Responsible-Changed-Why:  
Fix formatting to retrieve this from the pending category. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=59593 
State-Changed-From-To: open->feedback 
State-Changed-By: kris 
State-Changed-When: Mon Nov 24 01:33:03 PST 2003 
State-Changed-Why:  
As Sergey says, it sounds like you're using DES passwords, which are 
documented to have the 8-character limit.  Can you confirm whether this 
is the case? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=59593 
State-Changed-From-To: feedback->closed 
State-Changed-By: kris 
State-Changed-When: Sat Apr 24 01:12:54 PDT 2004 
State-Changed-Why:  
Feedback timeout 

http://www.freebsd.org/cgi/query-pr.cgi?pr=59593 
>Unformatted:
  System: FreeBSD mail.xxxxxxxxx.com.br 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Wed Nov 5 12:22:35 GMT 2003 root@mail.xxxxxx.com.br:/usr/src/sys/compile/integer-4.9 i386
