search for: pam_fail_delay

...39; May 23 12:01:56 192.168.1.21 pam_stack[23836]: creating environment May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_AUTHTOK to child: source is NULL May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_CONV to child May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_FAIL_DELAY to child: source not set May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_OLDAUTHTOK to child: source is NULL May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_RHOST to child May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_RUSER to child: source is NULL May 23...

...bit against cracking attempts, but it doesn't use delays. Because OpenSSH checks the usernames before PAM-authentication, this feature will not help against testing usernames. I played a bit with OpenSSH's source code to enable a FAIL_DELAY: In auth-pam.c: sshpam_thread I inserted pam_fail_delay(sshpam_handle, 10000000 /* micro-seconds */ ); before sshpam_err = pam_authenticate(sshpam_handle, flags); This results in a 10 seconds delay after an login attempt with an existing user, but a wrong password. Unfortunately this introduces new problems, because an attacker can now see, if...

Hello All, Im using OpenSSH 4.1 with a proprietary pam module. This module does allow or deny access to the accound based on a policy file settings. Now if I deny the access to an account and attempt to connect to the sshd server for that account with valid password, it quickly returns to next prompt. When I try it with invalid password, it took some time to return to next prompt. Im wondering if

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is there any way to disable logging of failures during pam_authenticate? I ask because OpenSSH is currently generating an extra "authentication failure..." message at each login. The problem is that OpenSSH likes to try a blank password attempting any other authentication. This is a shortcut for anonymous SSH servers (e.g. OpenBSD's

http://bugzilla.mindrot.org/show_bug.cgi?id=1049 Summary: Variable delay in password logins to fight dictionary attacks Product: Portable OpenSSH Version: 3.8.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo:

..._malloc (bytes=8) at malloc.c:2651 #2 0x804ec58 in pamconv (num_msg=1, msg=0xbfffeca0, resp=0xbfffeca4, appdata_ptr=0x0) at auth-pam.c:43 #3 0x40019911 in __get_authtok () from /lib/security/pam_unix.so #4 0x40017a5d in pam_sm_authenticate () from /lib/security/pam_unix.so #5 0x4004f648 in pam_fail_delay () from /lib/libpam.so.0 #6 0x4004f9ce in _pam_dispatch () from /lib/libpam.so.0 #7 0x400512cc in pam_authenticate () from /lib/libpam.so.0 #8 0x804ef47 in auth_pam_password (pw=0xbffff24c, password=0x80826c0 "asdf") at auth-pam.c:136 #9 0x804c75d in do_authloop (pw=0xbffff24c) at...

...penSSH/openssh/msg.c:63 #3 0x00028514 in sshpam_thread_conv (n=1, msg=0xf0080bb4, resp=0xf0080bb8, data=0x403830) at /tmp/OpenSSH.roots/OpenSSH/openssh/auth-pam.c:272 #4 0x96798918 in _pam_system_log () #5 0x967989f4 in pam_get_pass () #6 0x0018a930 in pam_sm_authenticate () #7 0x967961c4 in pam_fail_delay () #8 0x96796514 in _pam_dispatch () #9 0x96797c40 in pam_authenticate () #10 0x00028880 in sshpam_thread (ctxtp=0x403830) at /tmp/OpenSSH.roots/OpenSSH/openssh/auth-pam.c:354 #11 0x9002c7f4 in _pthread_body () Thread two will just sit there in read while thread one waits for thread two to exi...

...ck pam_stack[30985]: creating environment May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: NOT passing PAM_AUTHTOK to child: source is NULL May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: passing PAM_CONV to child May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: NOT passing PAM_FAIL_DELAY to child: source not set May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: NOT passing PAM_OLDAUTHTOK to child: source is NULL May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: passing PAM_RHOST to child May 28 10:04:14 mrtg_monitor@northrock pam_stack[30985]: NOT passing PAM_RUSER to...