+++ This bug was initially created as a clone of Bug #214640 +++ OpenSSH has fixed a minor flaw that could allow a remote attacker to bypass normal authentication mechanisms if a flaw is ever found that allows an attacker to control the unprivileged process when privilege separation is enabled. This flaw is not exploitable by itself. It requires a flaw which allows the attacker to control the unprivileged process while privilege seperation is enabled. This issue also affects FC5
openssh-4.3p2-10.0.fc6 has been pushed for fc6, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.