Displaying 20 results from an estimated 30 matches for "loginfail".
Did you mean:
login_fail
2003 Oct 28
4
AIX patch for openssh-3.7.1p2
There are a couple of bugs in the openssh-3.7.1p2. The aix_setauthdb
function does not work with other types of authentication such as AFS/DFS.
The loginfailed test in configure is not correct. Also, AIX can use the
wtmp logging which I added in configure. Attached is the patch.
Thanks,
Matt Richards
-------------- next part --------------
*** openssh-3.7.1p2/openbsd-compat/port-aix.c Mon Jul 14 02:41:55 2003
--- openssh-3.7.1p2.patched/openbsd-compat/...
2003 May 06
1
compilation problems AIX 5.2
..._login_message':
auth.c:341: warning: passing arg 1 of `loginsuccess'
discards qualifiers from pointer
target type
auth.c:341: warning: passing arg 2 of `loginsuccess'
discards qualifiers from pointer
target type
auth.c: In function `auth_log':
auth.c:403: warning: passing arg 2 of `loginfailed'
discards qualifiers from pointer target type
auth.c:403: too few arguments to function
`loginfailed'
auth.c: In function `expand_filename':
auth.c:481: warning: implicit declaration of function
`snprintf'
auth.c: In function `getpwnamallow':
auth.c:630: warning: passing arg 1...
2001 Nov 09
0
AIX lastlog change
Hi David,
I'm sure loginfailed(..) should be called immediately after
authenticate(..) returned an error. It is directly related
to an invalid password try. (Please see my attached mail from May 2001
to the list).
I'm not so sure when loginsuccess(..) should be called
(setting the loginfailed counter to zero):
Either
1) wh...
2003 Jul 03
0
AIX cleanups: includes and arguments
...es some of the #includes
for AIX. It moves the AIX-specific includes to port-aix.h and adds
includes that contain the prototypes for many of the authentication
functions. The idea isto fix some warnings.
Unfortunately this exposes a couple of problems:
* setpcred call does not match prototype
* loginfailed on AIX 5.2 takes an (optional?) extra argument: Reason
The patch changes the setpcred call to:
setpcred(pw->pw_name, (char **)NULL);
It also adds configure magic to detect a 4-arg loginfailed and #defines
to use the appropriate call (hidden in port-aix.c, fortunately):
loginfailed((char *)...
2001 Feb 04
1
minor aix patch to auth1.c
--- auth1.c.orig Sat Feb 3 18:17:53 2001
Bringa AIX modes in line with latest changes to auth1.c
+++ auth1.c Sat Feb 3 18:19:15 2001
@@ -347,7 +347,7 @@
if (authctxt->failures++ > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE
- loginfailed(user,get_canonical_hostname(),"ssh");
+
loginfailed(authctxt->user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
2003 Apr 27
3
[PATCH re-send]: Clean up logging of failed logins
sorry, Darren. Long over due comments.
[..]
>+/* Record a failed login attempt. */
>+void
>+record_failed_login(const char *user, const char *host, const char *ttyname)
>+{
>+#ifdef WITH_AIXAUTHENTICATE
>+ loginfailed(user, host, ttyname);
>+#endif
>+#ifdef _UNICOS
>+ cray_login_failure((char *)user, IA_UDBERR);
>+#endif /* _UNICOS */
>+}
I like the patch idea, but I'd like to skip the whole 'chained function
calls'. Plus it avoids closely packed #ifdef/#endifs.
Just rename...
2001 May 03
4
ftp question
hello
I have turned on my ftpd via INETD
here is my ftpaccess file. how do I disallow anonymous ftp
------------------------------
class all real,guest,anonymous *
email root@localhost
loginfails 5
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes all
tar yes all
chmod no guest,anonymous
delete no guest,anonymous
overwrite no guest,anonymous
rename no...
2003 Feb 28
0
[PATCH] Clean up failed login logging.
...s that support this.
I've tested this on AIX 4.3.3. Wendy Palm was kind enough to test it
on UNICOS (this patch includes the cast required to placate the Cray
compiler).
Note: this will call record_failed_login() in the case of a login
attempt by a non-existant user. This is good for AIX (loginfailed
replaces the username with UNKNOWN_USER). I'm not sure if that's the
right thing on UNICOS or not.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usua...
2003 Apr 03
0
[PATCH re-send]: Clean up logging of failed logins.
...this.
I've tested this on AIX 4.3.3. Wendy Palm was kind enough to
test it
on UNICOS (this patch includes the cast required to placate the Cray
compiler).
NOTE: this will call record_failed_login() in the case of a
login
attempt by a non-existant user. This is fine for AIX (loginfailed
replaces the username with UNKNOWN_USER). I'm not sure if UNICOS does
the same thing.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from ba...
2000 May 15
1
AIX authenticate patches
...on not to let this user try to log on... */
--- auth1.c.orig Wed May 10 15:53:51 2000
+++ auth1.c Thu May 11 15:13:37 2000
@@ -66,9 +66,7 @@
get_remote_port());
#ifdef WITH_AIXAUTHENTICATE
- if (strncmp(get_authname(type),"password",
- strlen(get_authname(type))) == 0)
- loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
+ loginfailed(user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
/* Indicate that authentication is needed. */
@@ -408,8 +406,12 @@
client_user = NULL;
}
- if (attempt > AUTH_FAIL_MAX)
+ if...
2003 Jun 20
3
patch20 fails
Can anyone explain why this fails? This was applied to source from
openssh.org.
Thanks,
Ryan
===========================
bash-2.05a$ /opt/freeware/bin/patch -p1
< ../openssh-3.6.1p2-passexpire20.patch
patching file TODO
Reversed (or previously applied) patch detected! Assume -R? [n] y
patching file acconfig.h
Reversed (or previously applied) patch detected! Assume -R? [n] y
patching file
2003 Jan 27
1
[PATCH] Creation of record_failed_login() in sshlogin.c
...ieving revision 1.67
diff -u -r1.67 auth.c
--- auth.c 18 Jan 2003 05:24:06 -0000 1.67
+++ auth.c 27 Jan 2003 11:39:07 -0000
@@ -268,13 +268,11 @@
get_remote_port(),
info);
-#ifdef WITH_AIXAUTHENTICATE
- if (authenticated == 0 && strcmp(method, "password") == 0)
- loginfailed(authctxt->user,
- get_canonical_hostname(options.verify_reverse_mapping),
- "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
-
+ if (geteuid() == 0 && authenticated == 0 &&
+ strcmp(method, "password") == 0)
+ record_failed_login(authctxt->user,
+...
2001 Dec 26
3
auth*.c
...is should be an == instead of >. While looking at the debug output
when deliberately entering wrong passwords, I noticed one try for none,
three for password, and then three for keyboard-interactive, at which point
authctxt->failures is 6, and then the loop completes.
2. I'd like to move loginfailed() within the #ifdef WITH_AIXAUTHENTICATE
of auth1.c and auth2.c to auth_log() instead, and call it on every
password method failure, as well as an overall authctxt->failures ==
AUTH_FAIL_MAX check for the other methods. This should clean up the code a
bit, and should fix the issue of the unsuc...
2002 Jun 21
4
[Bug 145] sshd fails to increment AIX login failed counter
http://bugzilla.mindrot.org/show_bug.cgi?id=145
------- Additional Comments From dtucker at zip.com.au 2002-06-21 23:43 -------
Created an attachment (id=116)
Merge all previous patches and diff against -cvs
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jul 18
2
[Bug 312] canhost.h needs to be included
http://bugzilla.mindrot.org/show_bug.cgi?id=312
------- Additional Comments From stevesk at pobox.com 2002-07-18 14:07 -------
why is it required?
i don't see any canohost.h functions in those files.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Nov 08
0
[Bug 432] New: AIX does not log login attempts for unknown users
...Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: dtucker at zip.com.au
A login attempt by an unknown user (eg via telnet) normally gets logged as:
syslog: pts/4: failed login attempt for UNKNOWN_USER from my.host.com
This is generated by a call to loginfailed(), which substitutes UNKNOWN_HOST for
the username if it doesn't exist.
AIX never finds out about it because getpwnamallow returns as soon as it finds
no passwd entry. Following patch calls loginfailed before returning. It
generates:
syslog: ssh: failed login attempt for UNKNOWN_USER fro...
2002 Aug 25
7
[Bug 355] No last login message with PrivSep under AIX
http://bugzilla.mindrot.org/show_bug.cgi?id=355
------- Additional Comments From dtucker at zip.com.au 2002-08-25 18:10 -------
It looks like the call to loginsuccess() fails because it's done as a
non-privileged user. This is bad because in addition to generating the message
it also clears the failed login counter that leads to account lockout.
The following patch fixes it for me
2000 Oct 24
3
openssh-SNAP-20001016
Using openssh-SNAP-20001016 all of our problems with hanging connections
have gone away (woohoo!), and it seems to be working flawlessly, but I am
seeing messages like this in syslog:
Oct 24 16:57:48 dhumb301 sshd[17752]: error: channel 0: internal error: we
do not read, but chan_read_failed for istate 8
Oct 24 16:57:59 dhumb301 sshd[17771]: error: select: Bad file descriptor
Oct 24 16:58:30
2000 Nov 30
1
Problem and Patch: Multiple keys in ssh.com V2 agent
...hu Nov 30 10:37:56 2000
@@ -189,21 +189,14 @@
char *user, *service, *method;
int authenticated = 0;
+ authctxt->attempt++;
if (authctxt == NULL)
fatal("input_userauth_request: no authctxt");
- if (authctxt->attempt++ >= AUTH_FAIL_MAX) {
-#ifdef WITH_AIXAUTHENTICATE
- loginfailed(authctxt->user?authctxt->user:"NOUSER",
- get_canonical_hostname(), "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
- packet_disconnect("too many failed userauth_requests");
- }
-
user = packet_get_string(NULL);
service = packet_get_string(NULL);
method =...
2004 Jan 25
3
[Bug 673] skeychallenge call has 4 args in NetBSD
...O| |793
nThis| |
Status|NEW |ASSIGNED
------- Additional Comments From dtucker at zip.com.au 2004-01-24 19:20 -------
Perhaps configure could test for a 4-arg version the same as it does for
loginfailed() on AIX, then add the define if required?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.