Nick_Chi at manulife.com
2003-Oct-31 01:56 UTC
Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Resent! Rgds, Nick CHI Regional Technology Team, Regional I.T., I.T. Asia, Manulife International Limited Tel: (852) 2510 3273 Fax: (852) 2510 0244 Email: Nick_Chi at manulife.com ----- Forwarded by Nick Chi/Asia Division/Manulife on 10/31/2003 09:56 AM ----- To: openssh-unix-dev at mindrot.org Nick Chi cc: Subject: Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c 10/28/2003 installation on HP-UX11.0 02:33 PM Hi all, I found that OpenSSL 3.7.1p2 has problem with PAM (HP-UX) system (with setting of account deacticating by 3 invalid login attempts). User enters wrong password more than twice through SSH, his/her account will not be deactivated. User enters wrong password more than twice through FTP, his/her account will be deactivated . However, only further FTP session is blocked. SSH session can be established even the account is deactivated. Besides, I deactivate an account through SAM, both new FTP and SSH sessions will be blocked. I check that there is no such problem in OpenSSH 3.4p1. Any comments / suggestions? Thanks. Best Regards, Nick CHI Regional Technology Team, Regional I.T., I.T. Asia, Manulife International Limited Tel: (852) 2510 3273 Fax: (852) 2510 0244 Email: Nick_Chi at manulife.com ========================================================= This message is confidential and may also be privileged. If you are not the intended recipient, please notify me by return e-mail and delete this message from your system. If you are not the intended recipient, any use by you of this message is strictly prohibited. ========================================================= This message is confidential and may also be privileged. If you are not the intended recipient, please notify me by return e-mail and delete this message from your system. If you are not the intended recipient, any use by you of this message is strictly prohibited.
Nick_Chi at manulife.com
2003-Nov-03 04:29 UTC
Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Hi all, I found that OpenSSL 3.7.1p2 has problem with PAM (HP-UX) system (with setting of account deacticating by 3 invalid login attempts). User enters wrong password more than twice through SSH, his/her account will not be deactivated. User enters wrong password more than twice through FTP, his/her account will be deactivated . However, only further FTP session is blocked. SSH session can be established even the account is deactivated. Besides, I deactivate an account through SAM, both new FTP and SSH sessions will be blocked. I check that there is no such problem in OpenSSH 3.4p1. Any comments / suggestions? Thanks. Best Regards, Nick CHI Regional Technology Team, Regional I.T., I.T. Asia, Manulife International Limited Tel: (852) 2510 3273 Fax: (852) 2510 0244 Email: Nick_Chi at manulife.com ========================================================= This message is confidential and may also be privileged. If you are not the intended recipient, please notify me by return e-mail and delete this message from your system. If you are not the intended recipient, any use by you of this message is strictly prohibited.
Nick Chi
2003-Nov-03 06:29 UTC
Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Hi all, I found that OpenSSL 3.7.1p2 has problem with PAM (HP-UX) system (with setting of account deacticating by 3 invalid login attempts). User enters wrong password more than twice through SSH, his/her account will not be deactivated. User enters wrong password more than twice through FTP, his/her account will be deactivated . However, only further FTP session is blocked. SSH session can be established even the account is deactivated. Besides, I deactivate an account through SAM, both new FTP and SSH sessions will be blocked. I check that there is no such problem in OpenSSH 3.4p1. Any comments / suggestions? Thanks. Best Regards, Nick CHI _________________________________________________________ ??????????????... ???? ???? http://ringtone.yahoo.com.hk/
Nick_Chi at manulife.com
2003-Nov-07 01:39 UTC
Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Dear Sir. I am using Darren's HP patches. Thanks. Rgds, Nick CHI Regional Technology Team, Regional I.T., I.T. Asia, Manulife International Limited Tel: (852) 2510 3273 Fax: (852) 2510 0244 Email: Nick_Chi at manulife.com To: Nick_Chi at manulife.com The Alchemist cc: openssh-unix-dev at mindrot.org <nospam at magest Subject: Re: Problem found in OpenSSH 3.7.1p2 with OpenSSL ower.net> 0.9.7c installation on HP-UX11.0 11/06/2003 08:59 PM *This message was transferred with a trial version of CommuniGate(tm) Pro* Are you using Darren's HP patches? Also, are these trusted or untrusted configurations? Nick_Chi at manulife.com wrote:>*This message was transferred with a trial version of CommuniGate(tm) Pro* >Hi all, > >I found that OpenSSL 3.7.1p2 has problem with PAM (HP-UX) system (with >setting of account deacticating by 3 invalid login attempts). > >User enters wrong password more than twice through SSH, his/her account >will not be deactivated. > >User enters wrong password more than twice through FTP, his/her account >will be deactivated . However, only further FTP session is blocked. SSH >session can be established even the account is deactivated. > >Besides, I deactivate an account through SAM, both new FTP and SSHsessions>will be blocked. > >I check that there is no such problem in OpenSSH 3.4p1. > >Any comments / suggestions? > >Thanks. > >Best Regards, > >Nick CHI >Regional Technology Team, >Regional I.T., >I.T. Asia, >Manulife International Limited >Tel: (852) 2510 3273 >Fax: (852) 2510 0244 >Email: Nick_Chi at manulife.com > >=========================================================> >This message is confidential and may also be privileged. If you are not >the intended recipient, please notify me by return e-mail and delete this >message from your system. If you are not the intended recipient, any use >by you of this message is strictly prohibited. > > >_______________________________________________ >openssh-unix-dev mailing list >openssh-unix-dev at mindrot.org >http://www.mindrot.org/mailman/listinfo/openssh-unix-dev > >========================================================= This message is confidential and may also be privileged. If you are not the intended recipient, please notify me by return e-mail and delete this message from your system. If you are not the intended recipient, any use by you of this message is strictly prohibited.
Nick Chi
2003-Nov-12 10:34 UTC
Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Dear Sir. I am using Darren's HP patches in order to solve some problem found in HP-UX platform. Thanks. Rgds, Nick CHI Regional Technology Team, Regional I.T., I.T. Asia, Manulife International Limited Tel: (852) 2510 3273 Fax: (852) 2510 0244 Email: Nick_Chi at manulife.com _________________________________________________________ Shining Friends??????????... ???? ???? http://ringtone.yahoo.com.hk/
Apparently Analagous Threads
- OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX 11.0 enquiry?
- OpenSSH 3.7.1p1 installation on AIX 4.3.3 enquiry?
- [Bug 810] TZ environment variable not being set
- OpenSSH 3.7.1p2 AIX loginsuccess() issue
- PAM_LDAP fails with 3.7.1p2 when Shadow password installed on HP-UX 11.11