From c59dc6bdf51924101f1e28ee0846ef32fdc98f5f Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 30 Jan 2001 23:50:49 +0000 Subject: [PATCH] - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain passwords. --- ChangeLog | 2 ++ auth2-pam.c | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 0e854e2f..7ac2bf35 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,8 @@ - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from Philipp Buehler and Kevin Steves respectively. + - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain + passwords. 20000130 - (djm) OpenBSD CVS Sync: diff --git a/auth2-pam.c b/auth2-pam.c index 455f7f40..a6ac2012 100644 --- a/auth2-pam.c +++ b/auth2-pam.c @@ -152,7 +152,6 @@ input_userauth_info_response_pam(int type, int plen, void *ctxt) for (i = 0; i < nresp; i++) { int j = context_pam2.prompts[i]; resp = packet_get_string(&rlen); - debug("response ssh-%d(pam-%d) = \"%s\"", i, j, resp); context_pam2.responses[j].resp_retcode = PAM_SUCCESS; context_pam2.responses[j].resp = xstrdup(resp); xfree(resp); -- 2.45.2