1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ssh password bug

Discussion in 'HyperWRT Firmware' started by lol24h, Apr 14, 2006.

  1. lol24h

    lol24h Network Guru Member

    I'm not sure that it has been reported, but there's a bug in security of HyperWRT +tofu13c , maybe also in thibor's realese...

    If you set once password like this :

    and changed it into :


    for ssh session it will work any password containg the first one,
    like : aaabbbccc3245345235325

    i.e. you want to harden the password and you add to your original one some more letters or signs. The old one will still work as well via ssh. :eek:
  2. grcore

    grcore Network Guru Member

    if you want to use a longer password for SSH, use a private key instead of regular password authentication.

    the firmware only stores 8 characters of the web password.


Share This Page