search for: afstokenpassing

Displaying 20 results from an estimated 39 matches for "afstokenpassing".

2008 Feb 15
0
Protocol 2 AfsTokenPassing
Possibly someone might be interested in Protocol 2 AfsTokenPassing. Best regards Rainer Laatsch ________________________________ ______________________ E-mail: Laatsch at Uni-Koeln.DE Universitaet zu Koeln Reg. Rechenzentrum (ZAIK/RRZK) Fax : (0221) 478-5590 Robert-Koch-Str. 10 Tel : (0221) 478-5582 D-50931 Koeln == README.openssh-4.7p1+AFS == Pa...
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH compiled with AFS/Kerberos support and ticket/token passing enabled contain a buffer overflow. Ticket/Token passing is disabled by d...
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH compiled with AFS/Kerberos support and ticket/token passing enabled contain a buffer overflow. Ticket/Token passing is disabled by d...
2002 May 02
0
[Bug 234] New: OpenSSH does not compile on OpenBSD 3.1
..._config: line 68: Bad configuration option: KerberosAuthentication /usr/local/etc/sshd_config: line 69: Bad configuration option: KerberosOrLocalPasswd /usr/local/etc/sshd_config: line 70: Bad configuration option: KerberosTicketCleanup /usr/local/etc/sshd_config: line 74: Bad configuration option: AFSTokenPassing /usr/local/etc/sshd_config: line 77: Bad configuration option: KerberosTgtPassing /usr/local/etc/sshd_config: terminating, 5 bad configuration options Experimentation reveals that these are the only options that sshd does not recognize. ssh does not like these configuration options, either: /usr...
2002 May 03
0
AFS/Kerberos authentication problems on IRIX 6.5.15
...rdAuthentication yes PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options # KerberosAuthentication automatically enabled if keyfile exists KerberosAuthentication yes KerberosOrLocalPasswd no KerberosTicketCleanup yes # AFSTokenPassing automatically enabled if k_hasafs() is true AFSTokenPassing yes # Kerberos TGT Passing only works with the AFS kaserver KerberosTgtPassing yes # Set this to 'yes' to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of 'PasswordAuthen...
2000 Apr 09
2
Password Login Failing... (Not sure this went through)
...ntication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #SkeyAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes CheckMail no UseLogin no
2002 Jan 23
1
Fix AFS and Kerberos interaction
...,4 +211,4 @@ return 1; } -#endif /* AFS */ +#endif /* AFS && KRB4 */ --- readconf.c 2002/01/23 12:18:23 1.1 +++ readconf.c 2002/01/23 12:23:17 @@ -102,7 +102,7 @@ #if defined(AFS) || defined(KRB5) oKerberosTgtPassing, #endif -#ifdef AFS +#if defined(AFS) && defined(KRB4) oAFSTokenPassing, #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, @@ -147,7 +147,7 @@ #if defined(AFS) || defined(KRB5) { "kerberostgtpassing", oKerberosTgtPassing }, #endif -#ifdef AFS +#if defined(AFS) && defined(KRB4) { "afstokenpassing", oAFST...
2003 Nov 13
1
SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE
...# To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # Change to no to disable PAM authentication #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no #X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #KeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #MaxStartups 10 # no...
2004 Sep 17
3
sftp-server debug output
...sponseAuthentication no # Uncomment to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of ''PasswordAuthentication'' #PAMAuthenticationViaKbdInt yes # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes X11Forwarding yes X11DisplayOffset 256 PrintMotd no #PrintLastLog no KeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net #ReverseMappingCheck yes Subsystem...
2001 Feb 21
1
further problems with OpenSSH 2.5.1p1 on RH 6.2
...RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #ChallengeResponseAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes #CheckMail yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net #ReverseMappingCheck yes Subsystem sftp /usr/libexec/openssh/sftp-server Carl
2003 Dec 16
11
[Bug 774] banner is displaying twice (/etc/issue)
http://bugzilla.mindrot.org/show_bug.cgi?id=774 Summary: banner is displaying twice (/etc/issue) Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: Solaris Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:
2002 Apr 26
0
Revised OpenSSH Security Advisory (adv.token)
This is the 2nd revision of the Advisory. Buffer overflow in OpenSSH's sshd if AFS has been configured on the system or if KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH with AFS/Kerberos token passing compiled in and enabled (either in the system or in sshd_config) contain a buffer overflow....
2000 Apr 09
0
Non-member submission from [Keith Baker <ssh@par.dhs.org>] (fwd)
...ntication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #SkeyAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes CheckMail no UseLogin no
2002 Mar 09
0
krb5 problem: KRB5CCNAME is ""; possible fix for OpenSSH 3.0.2p1
...theaimsgroup.com/?l=openssh-unix-dev&m=98269278629018&w=2> mentions fixing it. This causes things like kinit to fail with a somewhat uninformative error message. The relevant sshd_config lines I use are: # To change Kerberos options KerberosAuthentication yes KerberosOrLocalPasswd yes #AFSTokenPassing no KerberosTicketCleanup yes # Kerberos TGT Passing does only work with the AFS kaserver KerberosTgtPassing no I'm using MIT Kerberos. As far as I can tell (after scanning the code for a few hours and I'm not a programmer) the problem is in auth_krb5_password. 244 problem =...
2002 Apr 26
0
Revised OpenSSH Security Advisory (adv.token)
This is the 2nd revision of the Advisory. Buffer overflow in OpenSSH's sshd if AFS has been configured on the system or if KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH with AFS/Kerberos token passing compiled in and enabled (either in the system or in sshd_config) contain a buffer overflow....
2003 Dec 10
1
GSSAPICleanupCredentials vs GSSAPICleanupCreds
...p2, the sshd_config manpage talks about GSSAPICleanupCredentials, while servconf.c uses GSSAPICleanupCreds. Here is a patch: --- openssh-3.7.1p2/servconf.c.orig 2003-12-10 10:43:52.000000000 -0200 +++ openssh-3.7.1p2/servconf.c 2003-12-10 10:44:13.000000000 -0200 @@ -310,10 +310,10 @@ { "afstokenpassing", sUnsupported }, #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication }, - { "gssapicleanupcreds", sGssCleanupCreds }, + { "gssapicleanupcredentials", sGssCleanupCreds }, #else { "gssapiauthentication", sUnsupported }, - { "gs...
2003 Feb 20
0
OpenSSH_3.5p1 server, PC clients cannot connect
...# To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no # Set this to 'yes' to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of 'PasswordAuthentication' #PAMAuthenticationViaKbdInt no #X11Forwarding no #X1...
2003 Dec 02
1
Sun Kerberos Password Expiration Problems with OpenSSH 3.7.1p2
...of OpenSSH. Therefore, I am submitting this e-mail in search of assistance from anyone who has any solutions for me. I am attaching my sshd_config file in line for troubleshooting purposes. Please let me know if you need any more information or have any ideas for me. Thanks, -Timothy P. Knox #AFSTokenPassing no AllowGroups * AllowTcpForwarding yes AllowUsers * AuthorizedKeysFile .ssh/authorized_keys Banner /etc/issue ChallengeResponseAuthentication yes Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-c bc ClientAliveInterval 0 ClientAliveCountMax 3 C...
2002 Aug 09
0
patch to ssh.c for KerberosTgtPassing and readability patches for config files and manpages
...es or Index: sshd_config =================================================================== RCS file: /cvs/openssh/sshd_config,v retrieving revision 1.53 diff -u -r1.53 sshd_config --- sshd_config 1 Aug 2002 01:28:39 -0000 1.53 +++ sshd_config 9 Aug 2002 21:43:30 -0000 @@ -66,7 +66,8 @@ #AFSTokenPassing no -# Kerberos TGT Passing only works with the AFS kaserver +# Specifies whether Kerberos V4/5 TGT's can be forwarded to the server. +# Kerberos V4 TGT passing only works when KDC is an AFS kaserver. #KerberosTgtPassing no # Set this to 'yes' to enable PAM keyboard-interactive aut...
2002 Jun 25
0
[Bug 289] New: mmap error when trying to use 3.3p1 with privsep
...# To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no # Set this to 'yes' to enable PAM keyboard-interactive authentication # Warning: enabling this may bypass the setting of 'PasswordAuthentication' #PAMAuthenticationViaKbdInt yes #X11Forwarding no #...