search for: auth_rhosts_rsa

...() are PRIVSEP'ed, so there should be no security degradation. auth_rsa_key_allowed() is called from auth_rsa() only; auth_rsa_verify_response() is called only from auth_rsa_challenge_dialog(), which in turn is called - either from auth_rsa(), right after auth_rsa_key_allowed() call, - or from auth_rhosts_rsa(), right after auth_rhosts_rsa_key_allowed() call, which already calls auth_key_is_revoked(). As result of this change, auth_rsa_key_allowed() will be called earlier on the auth_rsa() path, before starting challenge-response, which is good, and won't be called second time on the auth_rhosts_rs...

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

...id. */ restore_uid(); diff -u5 openssh-3.0.2p1.orig/auth.h openssh-3.0.2p1/auth.h --- openssh-3.0.2p1.orig/auth.h Wed Jul 4 06:46:57 2001 +++ openssh-3.0.2p1/auth.h Tue Jan 29 13:45:29 2002 @@ -91,11 +91,11 @@ int auth_rhosts2(struct passwd *, const char *, const char *, const char *); int auth_rhosts_rsa(struct passwd *, const char *, RSA *); int auth_password(Authctxt *, const char *); -int auth_rsa(struct passwd *, BIGNUM *); +int auth_rsa(struct passwd *, BIGNUM *, char *, int); int auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *); int auth_rsa_challenge_dialog...

...comment, pw->pw_name); + } else auth_clear_options(); diff -ru openssh-3.1p1/auth.h openssh-3.1p1-mods/auth.h - --- openssh-3.1p1/auth.h Thu May 9 12:18:26 2002 +++ openssh-3.1p1-mods/auth.h Thu May 9 12:19:54 2002 @@ -94,7 +94,7 @@ int auth_rhosts_rsa(struct passwd *, const char *, Key *); int auth_password(Authctxt *, const char *); - -int auth_rsa(struct passwd *, BIGNUM *); +int auth_rsa(struct passwd *, BIGNUM *, char *realname, int realnamesize); int auth_rsa_challenge_dialog(RSA *); #ifdef KRB4 diff -ru openssh-...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the