alpine 3.9, openssh 8.0 & setting shell with usermod

cloudposse / bastion

🔒Secure Bastion implemented as Docker Container running Alpine Linux with Google Authenticator & DUO MFA support

https://cloudposse.com/accelerate

Apache License 2.0

643 stars 113 forks source link

Closed d-h1 closed 1 year ago

d-h1 commented 5 years ago

updated to alpine 3.9
updated to openssh 8.0
changed chsh to usermod chsh results in error Password: chsh: PAM: Authentication token manipulation error

because it asks for a password after alpine 3.8.4 and 3.9.2(?!) patched CVE-2019-5021 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5021)

osterman commented 5 years ago

@leostarcevic looks like the patches for openssh do not cleanly apply. Not sure why it doesn't fail the build.

Can we move the SSH upgrade to a new PR and triage that separately?

d-h1 commented 5 years ago

looks like the patches for openssh do not cleanly apply. Not sure why it doesn't fail the build.

@osterman hmm, correct! not sure why but it seems that they fail in existing master as well

Can we move the SSH upgrade to a new PR and triage that separately?

Sure, I can split it up!

max-lobur commented 1 year ago