search for: auth_methods

http://bugzilla.mindrot.org/show_bug.cgi?id=290 Summary: auth_method set incorrectly in mm_answer_keyverify() Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Hi all. As Corinna pointed out, there are some cases where sshd will log some authentications twice when privsep=yes. This can happen on any platform although it seems most obvious on the ones that don't do post-auth privsep. It also occurs when sshd logs to stderr (eg running under daemontools) or when you have a /dev/log in the privsep chroot. The patch below attempts to solve this for

http://bugzilla.mindrot.org/show_bug.cgi?id=290 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From stevesk at pobox.com 2002-06-26

...db authentication too? /etc/dovecot.conf: [...] auth = default auth_mechanisms = plain auth_userdb = vpopmail auth_passdb = vpopmail auth_user = root auth_verbose = yes auth = local auth_mechanisms = plain auth_userdb = passwd /etc/passwd auth_passdb = pam auth_user = root auth_verbose = yes #auth_methods = default local EOF I think, I'm supposed to put the auth_methods line somewhere. Without it, dovecot only tries authentication using the first auth process definition: | Feb 25 00:01:49 server1 dovecot-auth: vpopmail(rscholz): unknown user (rscholz@) after loggin in with ". login r...

...ot;esj" "no peeking" 4 NO Authentication failed. 5 logout * BYE Logging out 5 OK Logout completed. hmm no unsupported authentication mechanism. So that means all authentication methods works right? ;-) looking a little further into the configuration, I see instructions to change auth_methods to add plain in front of digest-md5 (or is it digest_md5, both forms are present in the configuration file). No luck. Doing so gives me the following error message: Fatal: Error in configuration file /usr/local/etc/dovecot.conf line 430: Unknown setting: methods so, I'm not sure what to...

It works for the "yes" case but not for the "without-password" case. The function that checks (auth_root_allowed(auth_method) is special cased for "password". The Pam case sends "keyboard-interactive/pam" which like all other authentication methods except password succeeds. Here is a patch to make it work for me. Please feel free to criticize as

...al/lib/dovecot/imap max_imap_processes = 1024 first_valid_uid = 1000 #last_valid_uid = 0 first_valid_gid = 101 last_valid_gid = 101 valid_chroot_dirs = /var/run/dovecot maildir_copy_with_hardlinks = no maildir_check_content_changes = no overwrite_incompatible_index = yes umask = 0077 auth = default auth_methods = plain #auth_realms = auth_userinfo = shadow auth_executable = /usr/local/lib/dovecot/imap-auth auth_user = root auth_chroot = /var/run/dovecot auth_count = 1 #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userinfo = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chro...

https://bugzilla.mindrot.org/show_bug.cgi?id=2502 Bug ID: 2502 Summary: using AuthenticationMethods to require s/key and pam doesn't work Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

I need a way to make sshd require S/KEY authentication to succeed before allowing either password or public-key authentication. Currently, we can only have S/KEY+password, by using PAM for authentication, and configuring PAM accordingly. But PAM of course can't handle SSH public keys. I thought for a while that ideally we could actually use PAM to tell sshd what methods of authentication to

A new release of the puppetlabs/postgresql module is now available on the Forge: https://forge.puppetlabs.com/puppetlabs/postgresql/2.1.0 Changelog ======== This release is primarily a feature release, introducing some new helpful constructs to the module. For starters, we''ve added the line `include ''postgresql_conf_extras.conf''` by default so extra parameters not

I was wondering what everyone's thoughts were on a simpler way to exclude addresses from having listeners on them. I know a lot of people have multiple subnets, especially larger corporations. Some networks are non-route-able, and therefor unsuitable for use with SSH, aside from communication between other servers on the same subnet. Given that we may want to exclude those non-route-able

Hi All I'm trying to intergrate samba server with ADS on AIX 6.1 TL04, for last one week, with idmap / winbind but no satisfactory results. I have gone through various links at samba.org relating to winbind, idmapper and followed http://pware.hvcc.edu/ for precompiled binaries and http://pware.hvcc.edu/AIX-Samba.pdf which is for AIX 6.1 TL03 though. I have found the samba which is provided

Hi, all. Thanks Timo for answering my previous post. It's starting fine now :) I must be doing something wrong again but I can't connect from any imap client. If I telnet to the server I get: $ telnet carpa 11143 Trying 143.107.209.25... Connected to carpa.ciagri.usp.br. Escape character is '^]'. * OK dovecot ready. a001 login marcelo ##### a001 OK Logged in. a002 select INBOX

Hi. I can see that SSH partial success functionality was implemented very recently in the OpenSSH server. That's great news. I just tried it and I don't seem to be able to make it work with both public key authentication and password authentication through PAM. I wonder if this is a bug or something that won't be implemented for now or if this is still WIP and I should be more

...uot; \ --with-ldap \ --with-pgsql \ --with-mysql \ --with-cyrus-sasl2 \ --with-rawlog %{__make} %{?_smp_mflags} After compiling it, I installed the rpm. No problem at all. I configure the dovecot.conf like this; #auth = plain digest-md5 #auth_methods = plain digest-md5 auth_userdb = mysql /etc/dovecot-mysql.conf auth_passdb = mysql /etc/dovecot-mysql.conf default_mail_env = maildir:/home/mail/virtual/%d/%n # Use this logfile instead of syslog(). /dev/stderr can be used if you want to # use stderr for logging (ONLY /dev/stderr - otherwis...

...ermission denied Aug 8 21:23:47 lex dovecot: child 10315 (imap) returned error 89 which is the problem I discussed above, but is it reasonable for Dovecot to disconnect the IMAP socket and not send an error message to the client? At the end of the dovecot-example.conf is: #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userdb = passwd-file /etc/passwd.imap #auth_passdb = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chroot = Is auth_methods an alias for auth_mechanisms? Aside from the insufficient detail in the log, most of the difficulty I encountered could be a...

...uot; \ --with-ldap \ --with-pgsql \ --with-mysql \ --with-cyrus-sasl2 \ --with-rawlog %{__make} %{?_smp_mflags} After compiling it, I installed the rpm. No problem at all. I configure the dovecot.conf like this; #auth = plain digest-md5 #auth_methods = plain digest-md5 auth_userdb = mysql /etc/dovecot-mysql.conf auth_passdb = mysql /etc/dovecot-mysql.conf default_mail_env = maildir:/home/mail/virtual/%d/%n # Use this logfile instead of syslog(). /dev/stderr can be used if you want to # use stderr for logging (ONLY /dev/stderr - otherwis...

...ything with folders, including copying outlook folders to the server or create/delete folders. And when I move mail to specific folders using procmail it just gets put back into the inbox again... I'm using freebsd 4.7-RELEASE My config file only adds the following lines... auth = plain auth_methods = plain auth_userinfo = password-file /etc/passwd.imap auth_user = root My password file (/etc/passwd.imp) only consists of kev:XXXXXchangedXX[13]:1001:1001::/home/kev:::: I've just created a folder /home/kev/Maildir where dovecot created the MailDir hierarchies. Any help would be apprec...

...# digest-md5 authentication process. It requires special MD5 passwords which # /etc/shadow and PAM doesn't support, so we never need roots to handle it. # Note that the passwd-file is opened before chrooting and dropping root # privileges, so it may be 0600-root owned file. #auth = digest_md5 #auth_methods = digest-md5 #auth_realms = #auth_userdb = passwd-file /etc/passwd.imap #auth_passdb = passwd-file /etc/passwd.imap #auth_user = imapauth #auth_chroot = # if you plan to use only passwd-file, you don't need the two auth processes, # simply set "auth_methods = plain digest-md5"

This privsepifies OSF/1 SIA, but I'm still being told the same error occurs. I'm stumped. Without an OSF/1 box near me I can't do too much more help unless someone can either tell me what is wrong or show me why SIA is failing in their logs. (And tell me if it's different w/ or w/out this patch) - Ben Index: auth-sia.c