Bug 1107

Summary: Honouring securetty file in HP-UX with UseLogin
Product: Portable OpenSSH Reporter: senthilkumar <senthilkumar_sen>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: normal CC: dtucker
Priority: P2    
Version: 4.2p1   
Hardware: Other   
OS: HP-UX   
Attachments:
Description Flags
Patch to honour securetty file in HP-UX none

Description senthilkumar 2005-10-26 16:18:57 AEST 
The /etc/securetty file is not honoured in HP-UX with UseLogin directive. This is because login(1) on invocation with -f option in OpenSSH skips this checking. Will attach the patch shortly.
Comment 1 senthilkumar 2005-10-26 16:27:37 AEST 
Created attachment 1012 [details]
Patch to honour securetty file in HP-UX
Comment 2 Darren Tucker 2005-10-26 17:39:54 AEST 
I'm not sure this is needed.  We don't do this on any other platforms and sshd already has a mechanism for controlling root access (PermitRootLogin) which has more functionality than securetty (eg "PermitRootLogin without-password" for pubkey only).

We went through this once before with the checks on AIX, and the result was that some people *like* being able to disable root logins via telnet but allow them via ssh.
Comment 3 Darren Tucker 2009-07-31 11:20:07 AEST 
Thanks, but we have decided that we're not going to do this.  There's already a mechanism for controlling root logins and some people find it useful to allow root logins via ssh while disallowing other method.
Comment 4 Damien Miller 2009-10-06 15:02:29 AEDT 
Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.