search for: challenges

Hello, I'm using Squid with NTLM authentication. I use perl script (wbinfo_group.pl) for the user authentication in a Win 2K ADS as an external ACL in Squid. This scheme worked very well for long time, but recently my users had often problem in the Internet browsing: browser ask for the credential even if the NTLM is enabled, and nobody browse till I reboot the proxy server. I check the

Hello, when configuring the OpenSSH to authenticate through pam_radius, I encountered the following problem: The radius server is configured to accept username and generic password, it then generates some textual string as a challenge-request and waits again for username and this time for challenge-response. Pam_radius use pam->conv function, retrieved with pam_get_item(PAM_COM), with

On 05/08/2019 08:24, L.P.H. van Belle via samba wrote: > Hai, > > I think this is an old bug.. ( pretty sure about it ) > And i suggest to dont change anything except smb.conf. > > Your trying to use kerbereros usersname. > wbinfo -a marcio at EMPRESA.COM.BR > Enter marcio at EMPRESA.COM.BR's password: > > And you using: > winbind use default domain = yes >

As an experiment I set up Challenge/response authentication on a Linux system with PAM using a pam_opie module (this module works fine with console logins and su). I can log into the box using the opie password, *but* it does not give me the challenge - which can make things a little tricky :-) I can well believe this might be a fault in the PAM pam_opie module I am using, so has anyone got

Hi all, I'm trying to use ntlm_auth as authenticator of the freeradius mschap module. If I use ntlm_auth from command line with username and password, authentication works. If I use the same credentials with mschap on the logs I can see the challenge and nt-response and I can't understand if authentication fails because challenge and response are wrong or because ntlm_auth can't

Hello, I am having a problem where code that plots lines using a different data frame plots bars with the current data frame (I am intended to plot lines). The code specifies lines (see below), so I can't figure out why the results are bars. I suspect that it may have something to do with the fact that in the data frame where the code worked as intended, the both variables specifying

Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169

Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba: > Dear All, > > I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there. > > The errors I'm getting are to do with ntlm_auth not

Hai, It does not happen often but yes, i also need some help as i cant know everything also and im new with freeradius. Im working on a configuration for samba member + freeradius with ntlm_auth. Why ntlm_auth, because the next one is kerberos and ldap auth to configure.. I want to have some fallback options here and you have to start somewhere. This is running on my new proxy/gateway

This patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1438) creates a kbdint device that provides a server-based authentication mechanism. The server generates and emails you a random string when you attempt to login. You're authenticated if you can correctly answer the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: maandag 5 augustus 2019 9:59 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] problems with authentication > > On 05/08/2019 08:24, L.P.H. van Belle via samba wrote: > > Hai, > > > > I think this is an old bug..

freely quoting from something I posted on #samba a couple of hours ago ########### it appears that challenge/response is actually broken in 4.5.5 Have upgraded 4 dc's and now winbind/freeradius does not work. focused on the radius box thinking that was the problem -- till I finally ran wbinfo -a user%password on all the dc's and they all behaved the same. -> plaintext succeeded

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for

Dear All, I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there. The errors I'm getting are to do with ntlm_auth not authenticating my machine account. Everything looks OK (to me) on the command

The Virtual Token (VToken) patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1439) creates a kbdint device that provides a new challenge-based authentication mechanism. The server calculates a challenge from two secrets and a counter. You authenticate by proving by correctly answering the challenge, proving you know the secrets. This creates a software-based token, similar in function to

P.S. Test 1, was done with an backend = AD Just verified the other (older) proxy. Debian Jessie, samba 4.8.12. ( also a proxy server ) Same result, all work great :-) Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > L.P.H. van Belle via samba > Verzonden: maandag 5 augustus 2019 10:08 > Aan: samba at

Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba: > Dear All, > > I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there. > > The errors I'm getting are to do with ntlm_auth not

Hello The challenge/response password authentication seems to be broken on 4.6 version # wbinfo -V Version 4.6.0pre1-GIT-f479b1b # wbinfo -a DOTROLL+buz.richard%<password> plaintext password authentication succeeded challenge/response password authentication failed wbcAuthenticateUserEx(DOTROLL+buz.richard): error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) error message was: Wrong

Hello, I have to find a solution logon through OpenSSH to OpenBSD machines from anywhere in the world (unsave computers). So I think I must use a challenge-response system with an hardware token that isn't connected to the computer. I do not want to use a RSA ACE/SERVER, so i can't use SecurID ? I can't use challenge response mode with cryptocard, because I want to protect it against

If an ssh1 client initiates challenge-response authentication but does not submit a response to the challenge, and instead switches to some other authentication method, verify_response() will never run, and the kbdint device context will never be freed. In some cases (such as when the FreeBSD PAM authentication code is being used) this may cause a resource leak leading to a denial of service.