search for: advax

...andom password Product: Portable OpenSSH Version: 3.6.1p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: advax at triumf.ca A RedHat 9.0 system (with RedHat's openssh-server-3.5p1-6) is configured with "PermitEmptyPasswords no". An account is created with an empty password (null in /etc/shadow). The intent is to allow console logins only. This works on A RedHat 8.0 system with OpenSSH open...

...andom password Product: Portable OpenSSH Version: 3.6.1p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: advax at triumf.ca A RedHat 9.0 system (with RedHat's openssh-server-3.5p1-6) is configured with "PermitEmptyPasswords no". An account is created with an empty password (null in /etc/shadow). The intent is to allow console logins only. This works on A RedHat 8.0 system with OpenSSH open...

...ation: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: advax at triumf.ca When testing the Debian SSH exploit against SSH-2.0-OpenSSH_4.1p1-hpn I noticed that sshd did not log key failures, only password failures. I just built SSH-2.0-OpenSSH_5.0 on Fedora Core 4 with no configure options (./configure; make) and again there is no logging $ ./ssh -p 8022...

I was trying to use rsync to send files to a fileserver using an rssh restricted server. It refuses, saying that trying to override the shell with -e is forbidden. I didn't type "-e". When I look at the source, I see /* Checking the pre-negotiated value allows --protocol=29 override. */ if (protocol_version >= 30) { /* We make use of the -e

(apologies for the length - there are questions at the end...) I've been running Linux for 20 years, and done a lot of dual-boots. I know that's old-school now, but I run Linux 95% of the time yet don't want to lose a Windows system I've paid for - but I've never tried removing it from a system and reinstalling the same licenced copy inside a virtual machine. I bought a

RedHat released sendmail-8.13.8-10.el5_11.src.rpm which includes sendmail-8.13.8-ssl-opts.patch which adds support for disabling SSLv3 and SSLv2 in sendmail.cf But as far as I can see there is no support in sendmail.mc - I can't see how to compile sendmail.mc to get the required line ServerSSLOptions in sendmail.cf Does anyone know how to do this ? -- Andrew Daviel, TRIUMF, Canada

I have Skype 2.1.0 running on CentOS 5, but it does not support video. At various times I have tried to install or run more recent versions on CentOS 5 and CentOS 6, but generally they fail for some reason, e.g. library requirements. We would like to run Skype in some conference rooms, for business reasons e.g. job interviews where some participants don't have access to more

We have a freeradius server using LDAP authentication against openldap. We have had freeradius-3.0.4-6 on CentOS 7 successfully communicating with openldap-servers-2.3.43 on CentOS 5. We need some features in freeradius-3.0.12. When I build that on CentOS 6, it initially works, but then develops TLS errors. We can search and authenticate against the LDAP server with Apache, and with

I want to set up a machine which has an account with no password that can only be used locally, i.e. you cannot login over the network. The machine is in a room which is normally locked. It needs access to the network for videoconferencing, and this seemed a reasonable way to do things rather than putting passwords on post-it notes or Web pages. This is on a PC running RedHat Linux (7.0) I

We had an incident recently where an openssh client and server were replaced with trojanned versions (it has SKYNET ASCII-art in the binary, if anyone's seen it. Anyone seen the source code ?). The trojan ssh & sshd both logged host/user/password, and probably had a login backdoor. Someone asked me what was their exposure if they used public/private keys instead of passwords. My