search for: auth_method

http://bugzilla.mindrot.org/show_bug.cgi?id=290 Summary: auth_method set incorrectly in mm_answer_keyverify() Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at min...

...mm_answer_pam_respond}, {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, #endif #ifdef SSH_AUDIT_EVENTS @@ -921,7 +921,8 @@ mm_answer_pam_respond(int sock, Buffer * buffer_clear(m); buffer_put_int(m, ret); mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); - auth_method = "keyboard-interactive/pam"; + auth_method = compat20 ? "keyboard-interactive/pam" : + "challenge-response"; if (ret == 0) sshpam_authok = sshpam_ctxt; return (0); @@ -980,17 +981,20 @@ mm_answer_keyallowed(int sock, Buffer *m case MM_USERKEY: allowe...

http://bugzilla.mindrot.org/show_bug.cgi?id=290 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From stevesk at pobox.com 2002-06-26

...db authentication too? /etc/dovecot.conf: [...] auth = default auth_mechanisms = plain auth_userdb = vpopmail auth_passdb = vpopmail auth_user = root auth_verbose = yes auth = local auth_mechanisms = plain auth_userdb = passwd /etc/passwd auth_passdb = pam auth_user = root auth_verbose = yes #auth_methods = default local EOF I think, I'm supposed to put the auth_methods line somewhere. Without it, dovecot only tries authentication using the first auth process definition: | Feb 25 00:01:49 server1 dovecot-auth: vpopmail(rscholz): unknown user (rscholz@) after loggin in with ". login...

...ot;esj" "no peeking" 4 NO Authentication failed. 5 logout * BYE Logging out 5 OK Logout completed. hmm no unsupported authentication mechanism. So that means all authentication methods works right? ;-) looking a little further into the configuration, I see instructions to change auth_methods to add plain in front of digest-md5 (or is it digest_md5, both forms are present in the configuration file). No luck. Doing so gives me the following error message: Fatal: Error in configuration file /usr/local/etc/dovecot.conf line 430: Unknown setting: methods so, I'm not sure what to...

It works for the "yes" case but not for the "without-password" case. The function that checks (auth_root_allowed(auth_method) is special cased for "password". The Pam case sends "keyboard-interactive/pam" which like all other authentication methods except password succeeds. Here is a patch to make it work for me. Please feel free to criticize as appropriate. bob diff -r -u openssh-3.7.1p2-vanilla/a...

...al/lib/dovecot/imap max_imap_processes = 1024 first_valid_uid = 1000 #last_valid_uid = 0 first_valid_gid = 101 last_valid_gid = 101 valid_chroot_dirs = /var/run/dovecot maildir_copy_with_hardlinks = no maildir_check_content_changes = no overwrite_incompatible_index = yes umask = 0077 auth = default auth_methods = plain #auth_realms = auth_userinfo = shadow auth_executable = /usr/local/lib/dovecot/imap-auth auth_user = root auth_chroot = /var/run/dovecot auth_count = 1 #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userinfo = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chr...

https://bugzilla.mindrot.org/show_bug.cgi?id=2502 Bug ID: 2502 Summary: using AuthenticationMethods to require s/key and pam doesn't work Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

...2003 01:03:39 -0000 1.35 +++ monitor.c 1 Mar 2003 17:37:41 -0000 @@ -297,6 +297,15 @@ monitor_child_preauth(struct monitor *pm if (!authenticated) authctxt->failures++; } + if (options.challenge_response_authentication_first && + authenticated && + (!strcmp(auth_method, "skey") || !strcmp(auth_method, "bsdauth"))) { + debug2("prerequisite keyboard-interactive authentication succeeded"); + options.challenge_response_authentication_first = 0; + options.kbd_interactive_authentication = options.pam_authentication_via_kbd_int; + o...

...access lists: postgresql::pg_hba { ''Open up postgresql for access from 200.1.2.0/24'': type => ''host'', database => ''app'', user => ''app'', address => ''200.1.2.0/24'', auth_method => ''md5'', } Finally, we''ve also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests...

I was wondering what everyone's thoughts were on a simpler way to exclude addresses from having listeners on them. I know a lot of people have multiple subnets, especially larger corporations. Some networks are non-route-able, and therefor unsuitable for use with SSH, aside from communication between other servers on the same subnet. Given that we may want to exclude those non-route-able

Hi All I'm trying to intergrate samba server with ADS on AIX 6.1 TL04, for last one week, with idmap / winbind but no satisfactory results. I have gone through various links at samba.org relating to winbind, idmapper and followed http://pware.hvcc.edu/ for precompiled binaries and http://pware.hvcc.edu/AIX-Samba.pdf which is for AIX 6.1 TL03 though. I have found the samba which is provided

Hi, all. Thanks Timo for answering my previous post. It's starting fine now :) I must be doing something wrong again but I can't connect from any imap client. If I telnet to the server I get: $ telnet carpa 11143 Trying 143.107.209.25... Connected to carpa.ciagri.usp.br. Escape character is '^]'. * OK dovecot ready. a001 login marcelo ##### a001 OK Logged in. a002 select INBOX

Hi. I can see that SSH partial success functionality was implemented very recently in the OpenSSH server. That's great news. I just tried it and I don't seem to be able to make it work with both public key authentication and password authentication through PAM. I wonder if this is a bug or something that won't be implemented for now or if this is still WIP and I should be more

...uot; \ --with-ldap \ --with-pgsql \ --with-mysql \ --with-cyrus-sasl2 \ --with-rawlog %{__make} %{?_smp_mflags} After compiling it, I installed the rpm. No problem at all. I configure the dovecot.conf like this; #auth = plain digest-md5 #auth_methods = plain digest-md5 auth_userdb = mysql /etc/dovecot-mysql.conf auth_passdb = mysql /etc/dovecot-mysql.conf default_mail_env = maildir:/home/mail/virtual/%d/%n # Use this logfile instead of syslog(). /dev/stderr can be used if you want to # use stderr for logging (ONLY /dev/stderr - otherwi...

...ermission denied Aug 8 21:23:47 lex dovecot: child 10315 (imap) returned error 89 which is the problem I discussed above, but is it reasonable for Dovecot to disconnect the IMAP socket and not send an error message to the client? At the end of the dovecot-example.conf is: #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userdb = passwd-file /etc/passwd.imap #auth_passdb = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chroot = Is auth_methods an alias for auth_mechanisms? Aside from the insufficient detail in the log, most of the difficulty I encountered could be...

...uot; \ --with-ldap \ --with-pgsql \ --with-mysql \ --with-cyrus-sasl2 \ --with-rawlog %{__make} %{?_smp_mflags} After compiling it, I installed the rpm. No problem at all. I configure the dovecot.conf like this; #auth = plain digest-md5 #auth_methods = plain digest-md5 auth_userdb = mysql /etc/dovecot-mysql.conf auth_passdb = mysql /etc/dovecot-mysql.conf default_mail_env = maildir:/home/mail/virtual/%d/%n # Use this logfile instead of syslog(). /dev/stderr can be used if you want to # use stderr for logging (ONLY /dev/stderr - otherwi...

...ything with folders, including copying outlook folders to the server or create/delete folders. And when I move mail to specific folders using procmail it just gets put back into the inbox again... I'm using freebsd 4.7-RELEASE My config file only adds the following lines... auth = plain auth_methods = plain auth_userinfo = password-file /etc/passwd.imap auth_user = root My password file (/etc/passwd.imp) only consists of kev:XXXXXchangedXX[13]:1001:1001::/home/kev:::: I've just created a folder /home/kev/Maildir where dovecot created the MailDir hierarchies. Any help would be appre...

...# digest-md5 authentication process. It requires special MD5 passwords which # /etc/shadow and PAM doesn't support, so we never need roots to handle it. # Note that the passwd-file is opened before chrooting and dropping root # privileges, so it may be 0600-root owned file. #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userdb = passwd-file /etc/passwd.imap #auth_passdb = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chroot = # if you plan to use only passwd-file, you don't need the two auth processes, # simply set "auth_methods = plain digest-md5"

...} else { mon_dispatch = mon_dispatch_postauth15; monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); +#ifdef HAVE_OSF_SIA + monitor_permit(mon_dispatch, MONITOR_REQ_SETUP_SIA, 1); +#endif } if (!no_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); @@ -716,6 +732,22 @@ auth_method = "skey"; return (authok != 0); +} +#endif + +#ifdef HAVE_OSF_SIA +int +mm_answer_setup_sia(int socket, Buffer *m) +{ + char *user, *tty; + + user = buffer_get_string(m, NULL); + tty = buffer_get_string(m, NULL); + + setup_sia(user, tty); + + xfree(user); + xfree(tty); } #endif Inde...