From mboxrd@z Thu Jan  1 00:00:00 1970
Path: main.gmane.org!not-for-mail
From: Clemens Fischer <ino@despammed.com>
Newsgroups: gmane.emacs.help
Subject: Re: tramp: password prompt
Date: Sun, 29 Sep 2002 21:06:13 +0200
Sender: help-gnu-emacs-admin@gnu.org
Message-ID: <bs6gsjiy.fsf@ID-23066.news.dfncis.de>
References: <amdlqo$8t$1@news.storm.ca> <vafhegkpybg.fsf@lucy.cs.uni-dortmund.de>
 <lm5tdelb.fsf@ID-23066.news.dfncis.de>
 <vaf4rcgvola.fsf@lucy.cs.uni-dortmund.de>
NNTP-Posting-Host: localhost.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=latin-iso8859-9
Content-Transfer-Encoding: 8bit
X-Trace: main.gmane.org 1033326994 15302 127.0.0.1 (29 Sep 2002 19:16:34 GMT)
X-Complaints-To: usenet@main.gmane.org
NNTP-Posting-Date: Sun, 29 Sep 2002 19:16:34 +0000 (UTC)
Return-path: <help-gnu-emacs-admin@gnu.org>
Original-Received: from monty-python.gnu.org ([199.232.76.173])
	by main.gmane.org with esmtp (Exim 3.35 #1 (Debian))
	id 17vjYO-0003yP-00
	for <gnu-help-gnu-emacs@m.gmane.org>; Sun, 29 Sep 2002 21:16:32 +0200
Original-Received: from localhost ([127.0.0.1] helo=monty-python.gnu.org)
	by monty-python.gnu.org with esmtp (Exim 4.10)
	id 17vjYb-0006rm-00; Sun, 29 Sep 2002 15:16:45 -0400
Original-Path: shelby.stanford.edu!nntp.stanford.edu!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!newsfeed.icl.net!newsfeed.fjserv.net!newsfeed.freenet.de!fu-berlin.de!uni-berlin.de!p3e9baac7.dip.t-dialin.NET!not-for-mail
Original-Newsgroups: gnu.emacs.help
Original-Lines: 22
Original-NNTP-Posting-Host: p3e9baac7.dip.t-dialin.net (62.155.170.199)
Original-X-Trace: fu-berlin.de 1033326398 12337436 62.155.170.199 (16 [23066])
X-Orig-Path: ID-23066.news.dfncis.de!not-for-mail
User-Agent: Gnus/5.090008 (Oort Gnus v0.08) Emacs/21.2 (i386--freebsd)
Cancel-Lock: sha1:xTKCH5o9Ladr8lb22kuLASadK5k=
Original-Xref: nntp.stanford.edu gnu.emacs.help:105498
Original-To: help-gnu-emacs@gnu.org
Errors-To: help-gnu-emacs-admin@gnu.org
X-BeenThere: help-gnu-emacs@gnu.org
X-Mailman-Version: 2.0.11
Precedence: bulk
List-Help: <mailto:help-gnu-emacs-request@gnu.org?subject=help>
List-Post: <mailto:help-gnu-emacs@gnu.org>
List-Subscribe: <http://mail.gnu.org/mailman/listinfo/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=subscribe>
List-Id: Users list for the GNU Emacs text editor <help-gnu-emacs.gnu.org>
List-Unsubscribe: <http://mail.gnu.org/mailman/listinfo/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://mail.gnu.org/pipermail/help-gnu-emacs/>
Xref: main.gmane.org gmane.emacs.help:2043
X-Report-Spam: http://spam.gmane.org/gmane.emacs.help:2043

grossjoh@ls6.informatik.uni-dortmund.de (Kai Großjohann) writes:

> Clemens Fischer <ino@despammed.com> writes:
>
>> the situation changes, of course, if the users identity is rejected by
>> the remote sshd, eg. because he tries to enter from a root account.
>> although i don't see a specific reason to do so, sshd can be
>> configured to reject anybody beeing root at home.
>
> Can you expand on this?  I don't understand what you're trying to
> say.

well, i thought the OP might have tried to access an account without
switching to a "normal" user under unix.  if the remote sshd is so
configured, it silently rejects people if the accessor is root.  you
wouldn't notice that, only very recent sshd daemons expand on their
reasons.  version 1.5 ssh installations often allow anybody in,
whereas version 2's are more picky.  this is arguably to prevent later
escalation of priviledges, and might be due to the blessings of
getpeereud(2).

clemens