bugzilla-daemon at mindrot.org
2006-Sep-14 02:46 UTC
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228
Summary: kbd-int device for AIX authenticate
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: AIX
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at vintela.com
keyboard-interactive is currently only supported for PAM.
AIX's authenticate() function is only used by the 'none' and
'password'
methods and is pretty horrid (see bug 908).
This is an enhancement bug to provide a kbd-int device for AIX
authentication.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Sep-14 02:49 UTC
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228 ------- Comment #1 from dleonard at vintela.com 2006-09-14 12:49 ------- Created an attachment (id=1183) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1183&action=view) patch for AIX authenticate kbdint device Here's what i've written for use in Quest's openssh. It seems to work pretty well. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-03 09:14 UTC
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228 ------- Comment #2 from dtucker at zip.com.au 2006-10-03 19:14 ------- FWIW I wrote a similar patch a while back (didn't do privsep so was never published, though) but the problem I had was finding LAM modules that could actually exercise the multiple-step capability. What did you use to test this? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-03 21:33 UTC
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228 ------- Comment #3 from dleonard at vintela.com 2006-10-04 07:33 ------- I used our product's aix module (vas_aix). The module performs password expiry/change handling during the authenticate() loop, so 'password' method doesn't work for some customers. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.