Discussion:
OpenSSH server does not accept passwords with digits and letters mixed
Add Reply
Andrew Brehm
2021-09-23 21:41:07 UTC
Reply
Permalink
I have two OpenVMS 9.1 VMs which I thought were pretty identical (set up in the same way).

Both of them have a system account with a password with digits and numbers.

But while both of them work with the account via serial port and telnet, on one of them the login via OpenSSH only works when the password is changed to digits only or letters only.

Any idea why that could be?

As a table: ssh login to Host2 doesn't work with mixed password:

Method Host1 Host2

serial abcd12 abcd12
telnet abcd12 abcd12
ssh abcd12 -

serial abcd abcd
telnet abcd abcd
ssh abcd abcd
Simon Clubley
2021-09-24 12:20:40 UTC
Reply
Permalink
Post by Andrew Brehm
I have two OpenVMS 9.1 VMs which I thought were pretty identical (set up in the same way).
Both of them have a system account with a password with digits and numbers.
But while both of them work with the account via serial port and telnet, on one of them the login via OpenSSH only works when the password is changed to digits only or letters only.
Any idea why that could be?
Method Host1 Host2
serial abcd12 abcd12
telnet abcd12 abcd12
ssh abcd12 -
serial abcd abcd
telnet abcd abcd
ssh abcd abcd
Report this to VSI as a field test issue as they may not see your post here.
Agreed. Is the work VSI did to enhance password hashing in this version ?

If so, there may be a TCP/IP Services related regression in this area,
especially given that one of the systems appears to be working ok.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
Andrew Brehm
2021-09-24 14:03:00 UTC
Reply
Permalink
Post by Andrew Brehm
I have two OpenVMS 9.1 VMs which I thought were pretty identical (set up in the same way).
Both of them have a system account with a password with digits and numbers.
But while both of them work with the account via serial port and telnet, on one of them the login via OpenSSH only works when the password is changed to digits only or letters only.
Any idea why that could be?
Method Host1 Host2
serial abcd12 abcd12
telnet abcd12 abcd12
ssh abcd12 -
serial abcd abcd
telnet abcd abcd
ssh abcd abcd
Report this to VSI as a field test issue as they may not see your post here.
Good idea. I reported it. Ta.

Loading...