search for: nalin

...ssion modules. Someone even filed a Bugtraq > > > report about it. > > > > is this the right way? > > It's *a* right way. > > > isn't this an abuse of the PAM module? (perhaps file a Bugtraq report...) > > Why would it be? On 2001-09-07 at 21:21:10 Nalin Dahyabhai <nalin at redhat.com> wrote: > On Wojtek Pilorz <wpilorz at bdk.pl> wrote: > > On Wed, 5 Sep 2001, Nalin Dahyabhai wrote: > > > Date: Wed, 5 Sep 2001 17:31:10 -0400 > > > From: Nalin Dahyabhai <nalin at redhat.com> > > > To: Ognyan Kul...

...plied another NetBSD portability patch from David Rankin <drankin at bohemians.lexington.ky.us> - Fix --with-default-path option. - Autodetect perl, patch from David Rankin <drankin at bohemians.lexington.ky.us> - Print whether OpenSSH was compiled with RSARef, patch from Nalin Dahyabhai <nalin at thermo.stat.ncsu.edu> - Calls to pam_setcred, patch from Nalin Dahyabhai <nalin at thermo.stat.ncsu.edu> - Detect missing size_t and typedef it. - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] - Minor Makefile cleaning Regards, Damien Miller - -- |...

...plied another NetBSD portability patch from David Rankin <drankin at bohemians.lexington.ky.us> - Fix --with-default-path option. - Autodetect perl, patch from David Rankin <drankin at bohemians.lexington.ky.us> - Print whether OpenSSH was compiled with RSARef, patch from Nalin Dahyabhai <nalin at thermo.stat.ncsu.edu> - Calls to pam_setcred, patch from Nalin Dahyabhai <nalin at thermo.stat.ncsu.edu> - Detect missing size_t and typedef it. - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] - Minor Makefile cleaning Regards, Damien Miller - -- |...

...cifsacl files When I moved the manpages for this to section 1, I missed some references to them. Also, get rid of the unneeded clean-local-aclprogs makefile target. Signed-off-by: Jeff Layton <jlayton at samba.org> commit d006986221b7f1aad50e894851dc573650b7611c Author: Nalin Dahyabhai <nalin at redhat.com> Date: Thu Aug 23 11:14:45 2012 -0400 cifs.upcall: also consider DIR:-type ccaches If we encounter a subdirectory while scanning a directory for a user's ccache, check if it's a "DIR" ccache. Otherwise, continue as before,...

...onto-Platz 1 Fax: +49 69 263 16994 (97000 - 16994) D-60301 Frankfurt am Main Mobile: +49 172 8853339 Linux Admin Team: <mailto: DrKWlinux at DrKW.com> Linux Support Team: <mailto:DrKWfftlinuxsupport at DrKW.com> > -----Original Message----- > From: Nalin Dahyabhai [SMTP:nalin at redhat.com] > Sent: 19 December 2001 18:01 > To: Gunnar.Bluth at drkw.com > Cc: openssh-unix-dev at mindrot.org > Subject: Re: Problems with aged passwords (Red Hat 7.x, OpenSSH > 2.9.x-3.0.2p1) > > On Wed, Dec 19, 2001 at 05:46:26PM +0100, Gunnar.Blut...

...till exists? > > hp-ux broke with that. i just commited the following, which takes us > back to before the first pam change: > > - (stevesk) session.c: back out to where we were before: > - (djm) Move PAM session initialisation until after fork in sshd. Patch > from Nalin Dahyabhai <nalin at redhat.com> > > i have done rudimentary testing on hp-ux and redhat. can solaris users > test this? we can troubleshoot after p2. > > Index: session.c > =================================================================== > RCS file: /var/cvs/openssh/...

...isn't the potential for a remote root exploit something > > that's important to you? Many other tools that use zlib have issued a > > public statement saying they are or they are not vulnerable. > > The issue has been discussed on this list. I quote: > > > From: Nalin Dahyabhai <nalin at redhat.com> > > Subject: Re: zlib compression, the exploit, and OpenSSH > > Date: Wed, 13 Mar 2002 16:23:59 -0500 > > > > On Wed, Mar 13, 2002 at 12:07:34PM -0800, ewheeler at kaico.com wrote: > > > 3. Does OpenSSH statically link (or can...

On Fri, 2017-02-10 at 11:15 -0600, Chad William Seys wrote: > Hi Jeff, > > > So we have a default credcache for the user for whom we are operating > > as, but we can't get the default principal name from it. My guess is > > that it's not finding the > > This mount is run by root UID=0 and seems to be find that credential > cache without problem (earlier

...t; > /tmp/krb5cc_0 > > > /tmp/krb5cc_1494_sM11PG > > > > > > So first one doesn't have that _XXXXXX trailing bit. Maybe > > > cifs.upcall > > > is not guessing that piece of the filename correctly? > > > > > > > (cc'ing Nalin, Simo and the linux-cifs ml) > > > > Yeah, it seems pretty likely that that is the problem. My guess is > > that > > the extra stuff on the ccname is coming from pam_krb5, which seems to > > want to create a credcache that is session-specific. > > > > You...

...see if it solves problems with nmbd crashing. bz#150582 ? nmbd dies when windows client requests browse list * Tue Jan 04 2005 Jay Fenlason <fenlason@redhat.com> 3.0.10-1.4E - Upgrade to 3.0.10, to close bz#143983 This obsoletes the -CAN-2004-1154 patch. - Include the -64bit patch from Nalin. This closes bz#142873

...tcred() had already been called from early on in do_exec_[no]_pty(): date: 2001-03-27 16:12:24 +1000; author: djm; state: Exp; lines: +4 -3; - (djm) Reestablish PAM credentials (which can be supplemental group memberships) after initgroups() blows them away. Report and suggested fix from Nalin Dahyabhai <nalin at redhat.com> But, the early call to pam_setcred() was later disabled in bug 789 to make linux pam_group.so work. There seems to be much confusion over the purpose of pam_setcred(), but I think it is safe to say that openssh should call setcred(ESTABLISH) instead of setcre...

Hi all. I originally suspected this problem was with netbios (which I have disabled by default) and Jerry has helped me out a bit with but I've been doing some more digging and I think the problem lies back further than I expected. I was trying to upgrade from 3.0.7 to 3.0.11 so I've recompiled all versions back from 3.0.11 and the problem first occured in 3.0.8. The issue is with

...; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* GTK2 support by Nalin Dahyabhai <nalin at redhat.com> */ + +/* + * This is a simple GNOME SSH passphrase grabber. To use it, set the + * environment variable SSH_ASKPASS to point to the location of + * gnome-ssh-askpass before calling "ssh-add < /dev/null". + * + * There is only two run-time options:...

...> > > > > > > > So first one doesn't have that _XXXXXX trailing bit. Maybe > > > > > cifs.upcall > > > > > is not guessing that piece of the filename correctly? > > > > > > > > > > > > > (cc'ing Nalin, Simo and the linux-cifs ml) > > > > > > > > Yeah, it seems pretty likely that that is the problem. My guess > > > > is > > > > that > > > > the extra stuff on the ccname is coming from pam_krb5, which > > > > seems to > &g...

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

Is it true that configure tests for the existence of librsaref.a, and if it finds it, it assumes that that rsaref is supposed to be used---*even if openssl was not built with rsaref support* ? Mate

Looks like the fixes to use OpenSSL with RSAnull break it for rsaref. I've attached a patch that fixes it for me. Cheers, Nalin -------------- next part -------------- --- openssh-2.1.0p3/configure.in Wed May 31 08:56:52 2000 +++ openssh-2.1.0p3/configure.in Wed May 31 09:03:49 2000 @@ -231,7 +231,27 @@ [ found_crypto=1 break; - ], [] + ], + [ + LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"...

Further to my original question about PAM on OpenBSD for OpenSSH, it may be non-trivial to get any PAM stuff onto OpenBSD (Thanks to Ben Lindstrom for his suggestion, which I'll try, using a gnu/loonucks PAM package, any suggestions for which one to use, or where to get it from? I'm not very clueful when it comes to GNU/linux). So, I remember in a past life hacking suport for other auth

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

Anyone, HELP!!!!!!!!!!!!!! I currently installed openssh-2.9p2 on SunOS 5.7 and 5.8. From the very moment that start to ssh out I get "Rhosts Authentication disabled ;the originating ip will not be trusted". I 've put "Useprivileged yes " in the ssh_config file, but then the ssh complains that there is a bad config line. Can some one tell me what is going on and how can I