search for: auth2

I configure as follows: ./configure --with-zlib=/usr/local/include cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o loginrec....

hello, little problem compiling openssh 4.6p1 on irix using mipspro 7.4.x. c99 -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o loginrec.o auth...

...any user idiocy involved, but I applied the OpenBSD 3.4 patch to the 3.9 sources on both my i386 and sparc64 OpenBSD 3.4 boxes, and get the same error: cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o -L/usr/src/usr....

...ws: CC=cc CFLAGS=-O LDFLAGS=-non_shared ./configure --prefix=/opt/ssh --with-prngd-socket =/var/run/egd-pool --with-ssl-dir=/opt/ssh --with-zlib=/opt/zlib cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5...

....o sshconnect2.o -L. -Lopenbsd-compat/ -L/usr/local/ssl/lib -L/usr/local/lib -lssh -lopenbsd-compat -lresolv -liaf -lcrypto -lsocket -lnsl -lgen -lz -lcrypt cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o loginrec.o auth...

...'m seeing this on a clean build after downloading 3.7 to my OpenBSD source tree... bash-2.05b# make [...] ===> lib ===> ssh ===> sshd cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5....

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter:...

...combination has not been verified. 3. Short-Term Solution: Disable ChallengeResponseAuthentication in sshd_config. or Enable UsePrivilegeSeparation in sshd_config. 4. Solution: Upgrade to OpenSSH 3.4 or apply the following patches. 5. Credits: ISS. Appendix: A: Index: auth2-chall.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth2-chall.c,v retrieving revision 1.18 diff -u -r1.18 auth2-chall.c --- auth2-chall.c 19 Jun 2002 00:27:55 -0000 1.18 +++ auth2-chall.c 26 Jun 2002 09:37:03 -0000 @@ -256,6 +256,8 @@ aut...

...ion in sshd_config. and Disable PAMAuthenticationViaKbdInt in sshd_config. Alternatively you can prevent privilege escalation if you enable UsePrivilegeSeparation in sshd_config. 4. Solution: Upgrade to OpenSSH 3.4 or apply the following patches. 5. Credits: ISS. Appendix: A: Index: auth2-chall.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth2-chall.c,v retrieving revision 1.18 diff -u -r1.18 auth2-chall.c --- auth2-chall.c 19 Jun 2002 00:27:55 -0000 1.18 +++ auth2-chall.c 26 Jun 2002 09:37:03 -0000 @@ -256,6 +256,8 @@ aut...

...ion in sshd_config. and Disable PAMAuthenticationViaKbdInt in sshd_config. Alternatively you can prevent privilege escalation if you enable UsePrivilegeSeparation in sshd_config. 4. Solution: Upgrade to OpenSSH 3.4 or apply the following patches. 5. Credits: ISS. Appendix: A: Index: auth2-chall.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth2-chall.c,v retrieving revision 1.18 diff -u -r1.18 auth2-chall.c --- auth2-chall.c 19 Jun 2002 00:27:55 -0000 1.18 +++ auth2-chall.c 26 Jun 2002 09:37:03 -0000 @@ -256,6 +256,8 @@ aut...

...=============================================== RCS file: /var/cvs/openssh/auth.h,v retrieving revision 1.42 diff -u -r1.42 auth.h --- auth.h 6 Jun 2002 20:52:37 -0000 1.42 +++ auth.h 2 Jul 2002 02:19:35 -0000 @@ -133,7 +133,6 @@ #endif /* KRB5 */ #include "auth-pam.h" -#include "auth2-pam.h" Authctxt *do_authentication(void); Authctxt *do_authentication2(void); Index: auth2-chall.c =================================================================== RCS file: /var/cvs/openssh/auth2-chall.c,v retrieving revision 1.19 diff -u -r1.19 auth2-chall.c --- auth2-chall.c 26 Jun 2...

...combination has not been verified. 3. Short-Term Solution: Disable ChallengeResponseAuthentication in sshd_config. or Enable UsePrivilegeSeparation in sshd_config. 4. Solution: Upgrade to OpenSSH 3.4 or apply the following patches. 5. Credits: ISS. Appendix: A: Index: auth2-chall.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth2-chall.c,v retrieving revision 1.18 diff -u -r1.18 auth2-chall.c --- auth2-chall.c 19 Jun 2002 00:27:55 -0000 1.18 +++ auth2-chall.c 26 Jun 2002 09:37:03 -0000 @@ -256,6 +256,8 @@ aut...

Hi. The error message 'AuthorizedKeyCommandUser \"%s\" not found' in user_key_command_allowed2() should inform about non-existing username, not about command. --- auth2-pubkey.c 14 Nov 2012 08:04:02 -0000 1.36 +++ auth2-pubkey.c 14 Feb 2013 16:50:04 -0000 @@ -480,7 +480,7 @@ pw = getpwnam(username); if (pw == NULL) { error("AuthorizedKeyCommandUser \"%s\" not found: %s", - options.authorized_keys_command, strerror(errno)); +...

I'm trying to troubleshoot gssapi_with_mic authentication with OpenSSH 5.2p1 on FreeBSD 8.0. If I run sshd with maximum debug "sshd -ddd" the most detail I get is: GSSAPI MIC check failed That comes from line 282 in auth2-gss.c 279 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) 280 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); 281 else 282 logit("GSSAPI MIC check failed"); 283 I think that...

...,6 +156,9 @@ auth_rsa(struct passwd *pw, BIGNUM *clie packet_send_debug("If your home is on an NFS volume, it may need to be world-readable."); return 0; } +#ifdef HAVE_CYGWIN + if (check_ntsec(file)) +#endif if (options.strict_modes) { int fail = 0; char buf[1024]; Index: auth2.c =================================================================== RCS file: /cvs/openssh_cvs/auth2.c,v retrieving revision 1.59 diff -u -p -r1.59 auth2.c --- auth2.c 2001/04/25 12:44:15 1.59 +++ auth2.c 2001/06/04 10:05:35 @@ -696,6 +696,9 @@ user_key_allowed(struct passwd *pw, Key restore_...

...rted on Sept. 28 2001 for 2.9p2, namely, the trailing dot in chost should be stripped before calling auth_rhosts2() even with option "HostbasedUsesNameFromPacketOnly yes". Otherwise, the host names in /etc/hosts.equiv and .rhosts would have to be dot-terminated. Fix: Move lines 776-779 of auth2.c upwards to after line 767. (These line numbers also hold for 2.9.9p2.) *** auth2.c.ORI Wed Oct 3 19:12:44 2001 --- auth2.c Fri Nov 9 10:15:42 2001 *************** *** 765,770 **** --- 765,774 ---- resolvedname = get_canonical_hostname(options.reverse_mapping_check); ipaddr = get_remote_i...

...- Sincerely Your, Dan. -------------- next part -------------- diff -adurN openssh-3.7.1p2.privsep/Makefile.in openssh-3.7.1p2/Makefile.in --- openssh-3.7.1p2.privsep/Makefile.in Mon Sep 22 05:00:12 2003 +++ openssh-3.7.1p2/Makefile.in Sat Oct 4 22:38:24 2003 @@ -80,8 +80,7 @@ auth-chall.o auth2-chall.o groupaccess.o \ auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o \ - monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o \ - kexdhs.o kexgexs.o \ + @PRIVSEP_OBJS@ kexdhs.o kexgexs.o \ auth-krb5.o \ auth2-gss.o gss-serv.o gss...

...Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o -SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o +SSHDOBJS= sshd.o auth.o auth1.o auth2....

There is one spot where the password_authentication option was ignored, patch follows. Wichert. diff -wur org/openssh-2.5.2p2/auth2.c openssh-2.5.2p2/auth2.c --- org/openssh-2.5.2p2/auth2.c Sun Mar 11 21:01:56 2001 +++ openssh-2.5.2p2/auth2.c Mon Jun 4 23:31:54 2001 @@ -397,7 +397,7 @@ authenticated = auth2_challenge(authctxt, devs); #ifdef USE_PAM - if (authenticated == 0) + if (options.passw...

...uot;#define HAVE_BASENAME 1" and "#define HAVE_DIRNAME 1". After doing this, the compile goes farther only to fail at the following point: -- gcc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o uidswap.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o monitor_fdpass.o kexdhs.o kexgexs.o auth-krb5.o auth-krb4.o loginrec.o auth-pam.o auth2-pa...