Displaying 11 results from an estimated 11 matches for "keylogin".
2002 Jan 14
2
Should sshd be fixed to handle NIS+ keylogin
...oot password is
known.
For OpenSSH
PermitRootLogin is set to without-password and a key is added to the
authorized_keys file for each sysadmin.
BUT
if in sshd_config
UseLogin is set to yes
then RSA keys cannot be used to get in as root.
If UseLogin is set to no
then sshd doesn't do the keylogin, therefore, no home directory (dh Secured
NFS). and resticted access to the NIS+ maps.
Should sshd be fixed to handle the keylogin. (Obviously this could only work
with password auth)
Tim McGarry
2001 Nov 29
0
OPENssh (2.9p2) and keylogin in NIS+ on Solaris 7 with PAM
Hi,
I'm trying to make sshd perform a keylogin on a Solaris 7 NIS+ client
with PAM.
ssh connects and works fine but keyserv reports that it `can't encrypt
the session key'. So I think the keylogin failed or did not happen when
the user started an ssh session.
The following message is logged in syslog.
>sshd[489]: pam_setcred: erro...
1999 Oct 26
3
NIS+ support in samba-2.0.5a
Hi all,
I'm a little confused over what exactly the NISPLUS and NISPLUS_HOME
support options actually mean. I'm hoping somebody can shed a little
light on this.
Our main samba server is a Solaris 2.7 machine (using NIS+ for
passwords, etc, etc.) running samba 2.0.5a. I have recently been
investigating a problem where, after a reboot of the server, various
3rd party products (POP, IMAP,
2007 Jul 13
5
[Bug 1339] New: pam_dhkeys doesn't work ( PAM_REINITIALIZE_CRED without PAM_ESTABLISH_CRED)
...ority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
ReportedBy: David.Leonard at quest.com
This bug is a consequence of the fix applied in bug 789.
When using keyboard-interactive to login through OpenSSH to a Solaris 8
NIS+/PAM host, the automatic 'keylogin' feature of the pam_dhkeys PAM
module disappears. It's not so bad; the workaround is to run keylogin
manually once at a shell.
debug3: PAM: opening session
debug1: PAM: reinitializing credentials
The cause seems to be that the pam_dhkeys.so module ignores the
PAM_REINITIALIZE_CRED...
2003 Oct 08
0
[Bug 738] OpenSSH 3.7.1p2 Password Authentication Failure Through NIS+ on Non-Master Server
...-
Your Windows clients are using password authentication. That doesn't work with
ssh 3.7.1p2 on Solaris because the sshd has to be able to read the encrypted
password out of NIS+. But if you run NIS+ at security level 2 the user needs
to authenticate to NIS+ first via an explicit or implicit keylogin in order
to be able to read his/her own encrypted password. Other users are not able
to read it and that includes the root user on NIS+ clients. One exception is
the root user (or machine principal) of the NIS+ master, that's why it works
there. If you succeed to login via telnet then the t...
2006 Oct 31
0
6342022 keyserv does not use /etc/.rootkey on x86
Author: peteh
Repository: /hg/zfs-crypto/gate
Revision: fb481a997c81efc700a4bba9952c6799f95191d9
Log message:
6342022 keyserv does not use /etc/.rootkey on x86
Files:
update: usr/src/cmd/keyserv/chkey.c
update: usr/src/cmd/keyserv/keylogin.c
update: usr/src/cmd/keyserv/keyserv.c
2003 Oct 14
1
3.7.1p2: HP-UX 11.00 & NIS+ problems
...ollowing message would appear in the syslog.log:
Oct 8 19:20:38 myhost sshd[22179]: User root not allowed because account is
locked
We use NIS+ under HP-UX 11.00. We have very recently changed the root
password. To change the root password under NIS+ we do the following:
# passed
# chkey -p
# keylogin -r
The last command generates a /etc/.rootkey file. Doing the command
'/usr/lbin/getprpw root' says the account is *not* locked.
We did not have any problems using ssh to login as root with OpenSSH 3.7.1p1.
Is this a bug or am I missing something?
Any info will be appreciated.
Thanks,...
2004 Mar 30
2
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
...at |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |822
nThis| |
Status|NEW |ASSIGNED
Summary|keylogin not successful |PAM modules relying on
| |module-private data
| |(pam_dhkeys, pam_krb5, AFS)
| |fail
Version|3.7.1p1 |-curren...
2006 Oct 31
0
6271225 gcc and cmd/keyserv don''t get along
...1225 gcc and cmd/keyserv don''t get along
6273831 gcc and cmd/rpcsvc don''t get along
Files:
update: usr/src/cmd/keyserv/chkey.c
update: usr/src/cmd/keyserv/chkey_common.c
update: usr/src/cmd/keyserv/detach.c
update: usr/src/cmd/keyserv/domainname.c
update: usr/src/cmd/keyserv/keylogin.c
update: usr/src/cmd/keyserv/keylogout.c
update: usr/src/cmd/keyserv/keyserv.c
update: usr/src/cmd/keyserv/newkey.c
update: usr/src/cmd/keyserv/setkey.c
update: usr/src/cmd/rpcsvc/nis/bin/nisadm.c
update: usr/src/cmd/rpcsvc/nis/bin/nisctl.c
update: usr/src/cmd/rpcsvc/nis/bin/nisping.c
upda...
2003 Oct 05
2
OpenSSH Authentication on Solaris w/ NIS+ Problem
Hello,
I am having a very aggrivating problem, and I will try and provide all of the necessary information. I have openssh-3.7.1p2 with openssl-0.9.6k installed on Solaris 8. Here is what I've been able to determine so far:
1. Local account authentication works fine (non-NIS+).
1a. NIS+ is running at security level 2
2. Telnet authentication works fine.
2a. When I use the SSH client,
2002 Jan 29
21
locked account accessable via pubkey auth
maybe this is a silly question ;-) But why is it possible to login on a
machine with a locked account (passwd -l ) via pubkey-authentication
(authorized_keys) ?
I use OpenSSH3.01p1on Solaris8 with PAM support so I thought this should not
happen.
If this is the normal behaviour and built in intentionally what would be the
easiest way to lock an account without deleting the users authorized_keys ?