search for: auth_rhosts2

Even with option "HostbasedUsesNameFromPacketOnly yes", the trailing dot in chost should be stripped before auth_rhosts2() is called from hostbased_key_allowed(). Hans Werner Strube strube at physik3.gwdg.de Drittes Physikalisches Institut, Univ. Goettingen Buergerstr. 42-44, D-37073 Goettingen, Germany Suggested change: *** auth2.c.ORI Wed Apr 25 14:44:15 2001 --- auth2.c Fri Sep 28 10:27:34 2001...

In auth2-hostbased.c, line #146 if (auth_rhosts2(pw, cuser, chost, chost) == 0) ^^^^^ shouldn't this be if (auth_rhosts2(pw, cuser, chost, ipaddr) == 0) ^^^^^^ The code was found in 4.2. Best regards, Choung S.Park

...expect entering: type 21 debug3: mm_request_receive entering debug3: monitor_read: checking request 20 debug3: mm_answer_keyallowed entering debug3: mm_answer_keyallowed: key_from_blob: 1245e0 debug2: userauth_hostbased: chost evereska. resolvedname evereska.wan.erac.com ipaddr 10.49.191.9 debug2: auth_rhosts2: clientuser rjl01 hostname evereska. ipaddr evereska. debug1: temporarily_use_uid: 503/5005 (e=0) debug1: restore_uid debug2: userauth_hostbased: access allowed by auth_rhosts2 debug3: check_host_in_hostfile: filename /opt/erac/etc/ssh_known_hosts debug1: temporarily_use_uid: 503/5005 (e=0) debug3:...

...ddr %s", chost, resolvedname, ipaddr); + if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { + debug2("stripping trailing dot from chost %s", chost); + chost[len - 1] = '\0'; + } if (options.hostbased_uses_name_from_packet_only) { if (auth_rhosts2(pw, cuser, chost, chost) == 0) return 0; lookup = chost; } else { - if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { - debug2("stripping trailing dot from chost %s", chost); - chost[len - 1] = '\0'; - } if (strcasecmp(resolvedname, c...

openssh-3.0p1 still contains the bug which I already reported on Sept. 28 2001 for 2.9p2, namely, the trailing dot in chost should be stripped before calling auth_rhosts2() even with option "HostbasedUsesNameFromPacketOnly yes". Otherwise, the host names in /etc/hosts.equiv and .rhosts would have to be dot-terminated. Fix: Move lines 776-779 of auth2.c upwards to after line 767. (These line numbers also hold for 2.9.9p2.) *** auth2.c.ORI Wed Oct 3 19:12:...

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

...Corinna Index: auth-rhosts.c =================================================================== RCS file: /cvs/openssh_cvs/auth-rhosts.c,v retrieving revision 1.17 diff -u -p -r1.17 auth-rhosts.c --- auth-rhosts.c 2001/04/12 23:34:35 1.17 +++ auth-rhosts.c 2001/06/04 10:05:34 @@ -228,6 +228,9 @@ auth_rhosts2(struct passwd *pw, const ch pw->pw_name, pw->pw_dir); return 0; } +#ifdef HAVE_CYGWIN + if (check_ntsec(pw->pw_dir)) +#endif if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { Index: auth...

...entering: type 20 debug3: monitor_read: checking request 20 debug3: mm_answer_keyallowed entering debug3: mm_answer_keyallowed: key_from_blob: 0x80a4e88 debug2: userauth_hostbased: chost mckinley. resolvedname mckinley ipaddr 192.168.10.1 debug2: stripping trailing dot from chost mckinley. debug2: auth_rhosts2: clientuser root hostname mckinley ipaddr 192.168.10.1 debug1: temporarily_use_uid: 0/0 (e=0/0) debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 0/0 (e=0/0) debug1: restore_uid: 0/0 debug3: mm_answer_keyallowed: key 0x80a4e88 is disallowed debug3: mm_request_send entering: type 21 debug3: mm_...

https://bugzilla.mindrot.org/show_bug.cgi?id=2211 Bug ID: 2211 Summary: Too many hostbased authentication attempts Product: Portable OpenSSH Version: 6.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

...entering: type 20 debug3: monitor_read: checking request 20 debug3: mm_answer_keyallowed entering debug3: mm_answer_keyallowed: key_from_blob: 0x6000000000022cd0 debug2: userauth_hostbased: chost i2-0. resolvedname i2-0 ipaddr 192.168.100.10 debug2: stripping trailing dot from chost i2-0. debug2: auth_rhosts2: clientuser jholland hostname i2-0 ipaddr 192.168.100.10 debug1: temporarily_use_uid: 500/100 (e=0/0) debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED debug3: mm_request_receive_expect entering: type 21 debug3: mm_request_receive entering debug1: restore_uid: 0/0 debug2: userauth_hostbas...

...f hours scratching my head about a problem on FreeBSD 4.1.1 with OpenSSH 3.3p1. Without privsep: debug1: Trying rhosts with RSA host authentication for client user gert debug3: Trying to reverse map address 195.30.1.100. debug1: Rhosts RSA authentication: canonical host moebius2.space.net debug2: auth_rhosts2: clientuser gert hostname moebius2.space.net ipaddr 195.30.1.100 With privsep: debug3: mm_auth_password: user not authenticated debug3: mm_request_receive entering debug1: Trying rhosts with RSA host authentication for client user gert debug3: Trying to reverse map address 195.30.1.100. <long...

If HostbasedUsesNameFromPacketOnly is set to yes, sshd does not remove the trailing dot from the client supplied hostname, causing sshd to attempt to look up "foo.example.com." (note trailing period) in known_hosts and .shosts instead of "foo.example.com" Trivial patch attached. -- Carson -------------- next part -------------- An embedded and charset-unspecified text was

...g1: Starting up PAM with username "a2822ab" debug3: Trying to reverse map address 129.187.10.85. debug1: PAM setting rhost to "wsc33.lrz-muenchen.de" debug1: Attempting authentication for a2822ab. debug1: Trying rhosts with RSA host authentication for client user a2822ab debug2: auth_rhosts2: clientuser a2822ab hostname wsc33.lrz-muenchen.de ipaddr 129.187.10.85 debug1: temporarily_use_uid: 10416/1052 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 10416/1052 (e=0) debug1: restore_uid debug1: Rhosts RSA authentication: canonical host wsc33.lrz-muenchen.de debug3: check_host_in_h...

...ey_allowed entering debug3: mm_request_send entering: type 20 debug3: monitor_read: checking request 20 debug3: mm_answer_keyallowed entering debug3: mm_answer_keyallowed: key_from_blob: 1245e0 debug2: userauth_hostbased: chost evereska. resolvedname evereska.wan.erac.com ipaddr 10.49.191.9 debug2: auth_rhosts2: clientuser rjl01 hostname evereska. ipaddr evereska. debug1: temporarily_use_uid: 503/5005 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 503/5005 (e=0) debug1: restore_uid debug3: mm_answer_keyallowed: key 1245e0 is disallowed debug3: mm_request_send entering: type 21 debug3: mm_request_r...

...bug2: monitor_read: 28 used once, disabling now debug2: monitor_read: 30 used once, disabling nowdebug1: Installing crc compensation attack detector. debug1: Attempting authentication for root. debug2: monitor_read: 6 used once, disabling now Failed none for root from 9.164.18.22 port 943 debug2: auth_rhosts2: clientuser root hostname 9.164.18.22 ipaddr 9.164.18.22 debug1: temporarily_use_uid: 0/0 (e=7/204) debug1: restore_uid: (unprivileged) Failed rhosts for root from 9.164.18.22 port 943 ruser root Connection closed by 9.164.18.22 debug1: Calling cleanup 0x200013b0(0x0) The files .rhosts, .shosts a...

...ng for MONITOR_ANS_KEYALLOWED > debug3: mm_answer_keyallowed entering > debug3: mm_request_receive_expect entering: type 21 > debug3: mm_answer_keyallowed: key_from_blob: 0x80951d0 > debug3: mm_request_receive entering > debug3: Trying to reverse map address 195.30.1.25. > debug2: auth_rhosts2: clientuser gert hostname moebius.space.net ipaddr > 195.30.1.25 > debug1: restore_uid > debug1: restore_uid > debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts > debug3: check_host_in_hostfile: filename /home/gert/.ssh/known_hosts > ... > > Without PrivSep,...

...sa = old_rsa; + key_free(k); + } break; } /* Restore the privileged uid. */ restore_uid(); diff -u5 openssh-3.0.2p1.orig/auth.h openssh-3.0.2p1/auth.h --- openssh-3.0.2p1.orig/auth.h Wed Jul 4 06:46:57 2001 +++ openssh-3.0.2p1/auth.h Tue Jan 29 13:45:29 2002 @@ -91,11 +91,11 @@ int auth_rhosts2(struct passwd *, const char *, const char *, const char *); int auth_rhosts_rsa(struct passwd *, const char *, RSA *); int auth_password(Authctxt *, const char *); -int auth_rsa(struct passwd *, BIGNUM *); +int auth_rsa(struct passwd *, BIGNUM *, char *, int); int auth_rsa...

...est 24 #Jan 19 23:31:11 mach sshd2[2918]: fatal: monitor_read: unsupported request: 24 #Jan 19 23:31:11 mach sshd2[2918]: debug1: Calling cleanup 0x8054370(0x0) sshd2 LOG in case of Hostbased Auth. was set on it: #Jan 19 21:11:22 mach sshd2[21184]: debug2: userauth_hostbased: access allowed by auth_rhosts2 #Jan 19 21:11:22 mach sshd2[21184]: debug3: check_host_in_hostfile: #filename /etc/ssh/ssh_known_hosts #Jan 19 21:11:22 mach sshd2[21184]: debug3: check_host_in_hostfile: match line 6 #Jan 19 21:11:22 mach sshd2[21184]: debug2: check_key_in_hostfiles: key ok for test1.fas.utv.skanova.net #Jan 19...

...n... Is it worth me tidying this up and trying to make it apply properly to the OpenBSD version? Does the openbsd version even use autocrap? --- openssh-4.2p1/auth-rhosts.c~ 2005-07-17 08:22:45.000000000 +0100 +++ openssh-4.2p1/auth-rhosts.c 2006-01-07 18:14:32.000000000 +0000 @@ -289,7 +289,9 @@ auth_rhosts2(struct passwd *pw, const ch auth_debug_reset(); ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr); +#ifdef USE_PRIVSEP if (!use_privsep) +#endif auth_debug_send(); return ret; } --- openssh-4.2p1/auth2.c~ 2005-07-17 08:26:44.000000000 +0100 +++ openssh-4.2p1/auth2.c 2006-01-07...

...Jan 9 07:37:31 server sshd[19835]: debug2: userauth_hostbased: chost client.DOMAIN.COM. resolvedname xxxx:xxx:xxxx:xxx::10 ipaddr xxxx:xxx:xxxx:xxx::10 Jan 9 07:37:31 server sshd[19835]: debug2: stripping trailing dot from chost client.DOMAIN.COM. Jan 9 07:37:31 server sshd[19835]: debug2: auth_rhosts2: clientuser root hostname client.DOMAIN.COM ipaddr client.DOMAIN.COM Jan 9 07:37:31 server sshd[19835]: debug1: temporarily_use_uid: 0/0 (e=0/0) Jan 9 07:37:31 server sshd[19835]: debug1: restore_uid: 0/0 Jan 9 07:37:31 server sshd[19835]: debug1: temporarily_use_uid: 0/0 (e=0/0) Jan 9...