search for: check_key_in_hostfil

...debug1: restore_uid debug2: userauth_hostbased: access allowed by auth_rhosts2 debug3: check_host_in_hostfile: filename /opt/erac/etc/ssh_known_hosts debug1: temporarily_use_uid: 503/5005 (e=0) debug3: check_host_in_hostfile: filename /export/home/rjl01/.ssh/known_hosts debug1: restore_uid debug2: check_key_in_hostfiles: key not found for evereska. debug3: check_host_in_hostfile: filename /opt/erac/etc/ssh_known_hosts2 debug3: key_read: type mismatch debug1: temporarily_use_uid: 503/5005 (e=0) debug3: check_host_in_hostfile: filename /export/home/rjl01/.ssh/known_hosts2 debug1: restore_uid debug2: check_key_in_h...

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

...nd interactive workloads. Index: auth.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth.c,v retrieving revision 1.94 diff -u -p -r1.94 auth.c --- auth.c 23 May 2011 03:33:38 -0000 1.94 +++ auth.c 29 Mar 2012 23:00:06 -0000 @@ -326,7 +326,7 @@ check_key_in_hostfiles(struct passwd *pw * * XXX Should any specific check be done for sym links ? * - * Takes an open file descriptor, the file name, a uid and and + * Takes an open file descriptor, the file name, a uid and an * error buffer plus max size as arguments. * * Returns 0 on success and -1 on fa...

...ed by auth_rhosts2 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts debug3: key_read: type mismatch debug1: temporarily_use_uid: 500/100 (e=0/0) debug3: check_host_in_hostfile: filename /home/jholland/.ssh/known_hosts debug3: key_read: type mismatch debug1: restore_uid: 0/0 debug2: check_key_in_hostfiles: key not found for i2-0 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug1: temporarily_use_uid: 500/100 (e=0/0) debug3: check_host_in_hostfile: filename /home/jholland/.ssh/known_hosts2 debug1: restore_uid: 0/0 debug2: check_key_in_hostfiles: key not found for i2-0 debug3:...

...+++++++++++++-------------- hostfile.h | 8 ++++++-- sshconnect.c | 39 +++++++++++++++++++++++++++++++++------ sshconnect2.c | 4 ++-- 5 files changed, 71 insertions(+), 26 deletions(-) diff --git a/auth.c b/auth.c index 7bc6f40..1ca07e1 100644 --- a/auth.c +++ b/auth.c @@ -379,7 +379,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, const struct hostkey_entry *found; hostkeys = init_hostkeys(); - load_hostkeys(hostkeys, host, sysfile); + load_hostkeys(hostkeys, host, NULL, sysfile); if (userfile != NULL) { user_hostfile = tilde_expand_filename(userfile, pw->pw_uid)...

...d Key from client ssh_host_rsa_key.pub copied to server /etc/ssh/ssh_known_hosts2 with comma-separated client hostnames added to front and a blank space before rest of key entry. debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug3: check_host_in_hostfile: match line 1 debug2: check_key_in_hostfiles: key ok for bester.cad.gatech.edu debug3: mm_answer_keyallowed: key 1323b0 is allowed debug3: mm_append_debug: Appending debug messages for child debug3: mm_request_send entering: type 21 debug3: mm_request_receive entering debug3: mm_send_debug: Sending debug: Accepted for bester.cad.gatech.edu...

The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2

...Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: And here is the debug message of ssh server: ................... ebug2: check_key_in_hostfiles: key not found for sshia3 Failed hostbased for root from fe80::217:8ff:fe7c:d9f4 port 57500 ssh2 debug1: Entering record_failed_login uid 0 debug1: audit event euid 0 user root event 7 (AUTH_FAIL_HOSTBASED) ........................... So could anyone has some idea about this?Please cc me. Tha...

...'auth.h' --- auth.h 2007-07-30 09:54:36 +0000 +++ auth.h 2007-08-02 12:02:24 +0000 @@ -166,8 +166,6 @@ char *authorized_keys_file(struct passwd *); char *authorized_keys_file2(struct passwd *); -int -secure_filename(FILE *, const char *, struct passwd *, char *, size_t); HostStatus check_key_in_hostfiles(struct passwd *, Key *, const char *, === modified file 'auth2-pubkey.c' --- auth2-pubkey.c 2007-07-30 09:54:36 +0000 +++ auth2-pubkey.c 2007-08-02 12:19:19 +0000 @@ -183,34 +183,21 @@ int found_key = 0; FILE *f; u_long linenum = 0; - struct stat st; Key *found; char *fp; /...

...2[21184]: debug2: userauth_hostbased: access allowed by auth_rhosts2 #Jan 19 21:11:22 mach sshd2[21184]: debug3: check_host_in_hostfile: #filename /etc/ssh/ssh_known_hosts #Jan 19 21:11:22 mach sshd2[21184]: debug3: check_host_in_hostfile: match line 6 #Jan 19 21:11:22 mach sshd2[21184]: debug2: check_key_in_hostfiles: key ok for test1.fas.utv.skanova.net #Jan 19 21:11:22 mach sshd2[21184]: debug3: mm_answer_keyallowed: key 0x80a60a8 is allowed #Jan 19 21:11:22 mach sshd2[21184]: debug3: mm_append_debug: Appending debug messages for child #Jan 19 21:11:22 mach sshd2[21184]: debug3: mm_request_send entering:...

https://bugzilla.mindrot.org/show_bug.cgi?id=2305 Bug ID: 2305 Summary: sshd does not accept @cert-authority when doing host based authentication. Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component:

http://bugzilla.mindrot.org/show_bug.cgi?id=910 mindrot at askneil.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mindrot at askneil.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the

...he SSH_AUTH_SOCK variable to sshd (though I suppose there's really nothing stopping it from doing that anyway without a static socket path). Thoughts/comments welcome. Thanks, Zev Weiss diff --git a/auth.h b/auth.h index a406e13..d91f845 100644 --- a/auth.h +++ b/auth.h @@ -197,6 +197,7 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *, /* hostkey handling */ Key *get_hostkey_by_index(int); +Key *get_hostkey_public_by_index(int); Key *get_hostkey_public_by_type(int); Key *get_hostkey_private_by_type(int); int get_hostkey_index(Key *); diff --git a/kex.h b/kex.h index 680264a..b77a2c2...

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer