SSH_CONNECTION security issue is back

boltgolt / howdy

🛡️ Windows Hello™ style facial authentication for Linux

MIT License

5.75k stars 299 forks source link

Closed yuhldr closed 5 months ago

yuhldr commented 5 months ago

like #74

use aur howdy-beta-git, The same thing happened: "Face recognition on login via ssh #74"

yuhldr commented 5 months ago

saidsay-so commented 5 months ago

It works, what program are you trying to authenticate?

yuhldr commented 5 months ago

It works, what program are you trying to authenticate?

in archlinux A,

install aur howdy-beta-git,
add auth sufficient /lib/security/pam_howdy.so try_first_pass nullok in /etc/pam.d/system-auth

then ssh A and sudo su via ssh , the face recognition is triggered. this is a big security issue.

maybe auth sufficient .. should be add other pam.d? but old version is work well.

saidsay-so commented 5 months ago

Thanks for your report, it indeed doesn't work on sudo while working with other programs. I created #903 to fix it.

yuhldr commented 5 months ago

Thanks for your report, it indeed doesn't work on sudo while working with other programs. I created #903 to fix it.

work well!