Displaying 20 results from an estimated 76 matches for "pam_tty".
2010 Jul 16
8
[Bug 1799] New: Unable to login through PAM on Solaris 8 x86 due to PAM_TTY
https://bugzilla.mindrot.org/show_bug.cgi?id=1799
Summary: Unable to login through PAM on Solaris 8 x86 due to
PAM_TTY
Product: Portable OpenSSH
Version: 5.5p1
Platform: ix86
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: PAM support
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: kstemen...
2003 Aug 08
0
Problem with -current on Solaris 8 + PAM?
...TTY) login. I think this behaviour was introduced
with the patch cluster.
First thing is that in debug mode, the debug at auth-pam.c:534 derefs tty
which is null, and segfaults. This occurs in debug mode only and is easy
to fix.
The next problem is that pam_open_session now seems to fail when PAM_TTY
is set to NULL.
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req exec
debug1: PAM: setting PAM_TTY to "(null)"
PAM: pam_open_session(): Can not make/remove entry for session
The code from 3.6.1p2 is doesn't set PAM_TTY at all when tty...
2001 Oct 29
2
pam_open_session w/o tty on Solaris
Hello, all-
Apparently, under Solaris (I can personally confirm SunOS 5.7 and 5.8),
pam_open_session will generate a segfault if PAM_TTY is not set. The
obvious symptom of this is that OpenSSH 2.9.9p2 will segfault on any
operation that does not request a tty (do_exec_no_pty).
Based on a quick google search, this seems to have been encountered
by others, though the specific symptoms seem to have changed a bit.
(eg http://www.cast...
2001 Oct 25
6
Regarding PAM_TTY_KLUDGE and Solaris 8...
>Okay, this appears to be a problem with pam_unix.so - the code in
>pam_sm_open_session is written with the assumption that the tty name is of
>the form "/dev/" + something else on the end. I'm not sure why the
pam_sm_open_session in pam_unix on Solaris now does this:
/* report error if ttyn or rhost are not set */
if ((ttyn == NULL) || (rhost == NULL))
2008 May 23
1
how to debug ssh slow connection issues.
...May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_RHOST to child
May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_RUSER to
child: source is NULL
May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_SERVICE to child
May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_TTY to child
May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing PAM_USER to child
May 23 12:01:56 192.168.1.21 pam_stack[23836]: NOT passing PAM_USER_PROMPT
to child: source is NULL
May 23 12:01:56 192.168.1.21 pam_stack[23836]: passing data to child
May 23 12:01:56 192.168.1.21 pam_stack[23836]: c...
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
....200s",
- PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+ PAM_STRERROR(pamh, pam_retval));
return(0);
}
@@ -197,17 +232,17 @@
if (ttyname != NULL) {
debug("PAM setting tty to \"%.200s\"", ttyname);
- pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_TTY, ttyname);
+ pam_retval = pam_set_item(pamh, PAM_TTY, ttyname);
if (pam_retval != PAM_SUCCESS) {
fatal("PAM set tty failed: %.200s",
- PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+ PAM_STRERROR(pamh, pam_retval));
}
}
- pam_retval = pam_open_session((pam_handle_...
2020 Jul 29
1
kerberos ticket on login problem
...dp-sesman" (0xb471c0)
> Jul 29 09:33:53 brayden xrdp-sesman[1652]:
> pam_winbind(xrdp-sesman:auth): [pamh: 0xb4cac0] STATE: ITEM(PAM_USER)
> = "jas" (0xb4fd60)
> Jul 29 09:33:53 brayden xrdp-sesman[1652]:
> pam_winbind(xrdp-sesman:auth): [pamh: 0xb4cac0] STATE: ITEM(PAM_TTY) =
> "xrdp-sesman" (0xb4d6a0)
> Jul 29 09:33:53 brayden xrdp-sesman[1652]:
> pam_winbind(xrdp-sesman:auth): [pamh: 0xb4cac0] STATE:
> ITEM(PAM_AUTHTOK) = 0xb4fd80
> Jul 29 09:33:53 brayden xrdp-sesman[1652]:
> pam_winbind(xrdp-sesman:auth): [pamh: 0xb4cac0] STATE: IT...
2018 Jul 24
0
Failed to establish your Kerberos Ticket cache due time differences with the domain controller
...sshd:auth): [pamh: 0x1022c38] STATE: ITEM(PAM_SERVICE) = "sshd" (0x10226f8)
Jul 24 10:13:18 pi-dc sshd[865]: pam_winbind(sshd:auth): [pamh: 0x1022c38] STATE: ITEM(PAM_USER) = "roy" (0x1021aa8)
Jul 24 10:13:18 pi-dc sshd[865]: pam_winbind(sshd:auth): [pamh: 0x1022c38] STATE: ITEM(PAM_TTY) = "ssh" (0x102c040)
Jul 24 10:13:18 pi-dc sshd[865]: pam_winbind(sshd:auth): [pamh: 0x1022c38] STATE: ITEM(PAM_RHOST) = "192.168.2.240" (0x102c028)
Jul 24 10:13:18 pi-dc sshd[865]: pam_winbind(sshd:auth): [pamh: 0x1022c38] STATE: ITEM(PAM_AUTHTOK) = 0x1021ab8
Jul 24 10:13:18 pi...
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
...pam_handle, PAM_RHOST, pam_rhost);
+ sshpam_err = pam_set_item(grab_pamh(0, NULL), PAM_RHOST, pam_rhost);
if (sshpam_err != PAM_SUCCESS) {
- pam_end(sshpam_handle, sshpam_err);
- sshpam_handle = NULL;
+ pam_end(grab_pamh(0, NULL), sshpam_err);
+ grab_pamh(1, NULL);
return (-1);
}
#ifdef PAM_TTY_KLUDGE
@@ -329,10 +426,10 @@
* may not even set one (for tty-less connections)
*/
debug("PAM: setting PAM_TTY to \"ssh\"");
- sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh");
+ sshpam_err = pam_set_item(grab_pamh(0, NULL), PAM_TTY, "ssh&quo...
2017 Mar 13
1
pam_winbind with trusted domain
...d(sshd:auth): [pamh: 0x7fc74c2cad40] STATE: ITEM(PAM_SERVICE) = "sshd" (0x7fc74c2c9380)
sshd[9569]: pam_winbind(sshd:auth): [pamh: 0x7fc74c2cad40] STATE: ITEM(PAM_USER) = "DOMREMOTE\testuser" (0x7fc74c2c9fe0)
sshd[9569]: pam_winbind(sshd:auth): [pamh: 0x7fc74c2cad40] STATE: ITEM(PAM_TTY) = "ssh" (0x7fc74c2e15f0)
sshd[9569]: pam_winbind(sshd:auth): [pamh: 0x7fc74c2cad40] STATE: ITEM(PAM_RHOST) = "192.168.1.1" (0x7fc74c2e15d0)
sshd[9569]: pam_winbind(sshd:auth): [pamh: 0x7fc74c2cad40] STATE: ITEM(PAM_AUTHTOK) = 0x7fc74c2caec0
sshd[9569]: pam_winbind(sshd:auth): [...
2020 Jul 28
2
kerberos ticket on login problem
I'm experimenting with smb + winbind.
My host is joined to AD and I can login to my host fine using my AD
credentials via SSH.?? The only issue is that I don't get a Kerberos
ticket generated.
In /etc/security/pam_winbind.conf I have:
krb5_auth = yes
krb5_ccache_type = KEYRING
In /etc/krb5.conf, I also have:
default_ccache_name = KEYRING:persistent:%{uid}
Using wbinfo -K jas, then
2003 Nov 03
1
Problems with PAM and PermitRootLogin without-password
...ecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user root service ssh-connection method none
debug1: attempt 0 failures 0
debug1: PAM: initializing for "root"
debug1: PAM: setting PAM_RHOST to "x.x.x.x"
debug1: PAM: setting PAM_TTY to "ssh"
Failed none for root from x.x.x.x port 2319 ssh2
Failed none for root from x.x.x.x port 2319 ssh2
debug1: userauth-request for user root service ssh-connection method
keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs
debug1: auth2_challenge: user...
2018 Jul 24
2
Failed to establish your Kerberos Ticket cache due time differences with the domain controller
I did re-read the whole thread again.
Im running out of options..
When i look at :
https://wiki.samba.org/index.php/PAM_Offline_Authentication
You can do these last checks.
Run the : Testing offline authentication as show on the wiki.
Debian normaly does not have /etc/security/pam_winbind.conf, check if its there if so backup it remove it.
Check if these packages are installed.
2001 Mar 01
1
Bug report against openssh-2.3.0p1
...he SIGSEGV is inside pam_open_session. Truss
shows that the lastlog file has just been opened for writing.
Non-interactive uses of ssh work.
The cause is that, on this route through the code,
do_pam_account is _not_ called, but do_pam_session is.
This results in pam_open_session being called with PAM_TTY
set but PAM_RHOST not set. (In the non-interactive case,
PAM_TTY is not set either, so the PAM module does not try
to update lastlog, and so does not look at PAM_RHOST).
The SIGSEGV might be regarded as a bug in Sun's code, but the
failure to set PAM_RHOST in the case of a passwordless login
i...
1999 Dec 01
1
Compile bugs in openssh-1.2pre15 on Solaris (2.6)
Hi,
I didn't know if this was the correct spot to send openSSH bugs/problems
so I thought I'd try...
Anyway, I have encountered the following compile time problems for
openssh-1.2pre15 / Solaris 2.6 / gcc 2.8.1 -
* daemon code (bsd-daemon.[ch]) exists but is not linked in. Also,
header is not included. Same might apply to bsd-login.
* rsa.h needs __P() define to work
2013 Nov 28
4
SSH - Winbind and Keybased Auth
...(PAM_SERVICE) = "sshd" (0x7f6b826837d0)
Nov 28 17:34:58 testbox01 sshd[26078]: pam_winbind(sshd:account): [pamh: 0x7f6b82683650] STATE: ITEM(PAM_USER) = "nathan" (0x7f6b826837f0)
Nov 28 17:34:58 testbox01 sshd[26078]: pam_winbind(sshd:account): [pamh: 0x7f6b82683650] STATE: ITEM(PAM_TTY) = "ssh" (0x7f6b8268dbd0)
Nov 28 17:34:58 testbox01 sshd[26078]: pam_winbind(sshd:account): [pamh: 0x7f6b82683650] STATE: ITEM(PAM_RHOST) = "mycomputer.domain.local" (0x7f6b82684610)
Nov 28 17:34:58 testbox01 sshd[26078]: pam_winbind(sshd:account): [pamh: 0x7f6b82683650] STATE:...
2014 Jan 02
2
pam_winbind fails to authenticate domain users on my debian wheezy domain member servers
...30] STATE: ITEM(PAM_SERVICE) = "sshd" (0x7f1d54caa2e0)
Jan 2 12:23:55 websrv sshd[3541]: pam_winbind(sshd:auth): [pamh:
0x7f1d54cb2030] STATE: ITEM(PAM_USER) = "georg" (0x7f1d54ca9f00)
Jan 2 12:23:55 websrv sshd[3541]: pam_winbind(sshd:auth): [pamh:
0x7f1d54cb2030] STATE: ITEM(PAM_TTY) = "ssh" (0x7f1d54cb21d0)
Jan 2 12:23:55 websrv sshd[3541]: pam_winbind(sshd:auth): [pamh:
0x7f1d54cb2030] STATE: ITEM(PAM_RHOST) = "192.168.0.107" (0x7f1d54cb21b0)
Jan 2 12:23:55 websrv sshd[3541]: pam_winbind(sshd:auth): [pamh:
0x7f1d54cb2030] STATE: ITEM(PAM_AUTHTOK) = 0x7f...
2016 Aug 01
2
OpenSSH 7.3p1 can't be build on Solaris 10
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The same result without CFLAGS:
configure:17300: checking for mblen
configure:17356: gcc -o conftest -g -O2 -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wformat-security
-Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result
-fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset
-fstack-protector-strong -fPIE
2000 Jul 03
2
2.1.1p2 HP-UX 11 PAM General Commerical Security error
Trying 2.1.1p2 on HP-UX 11 (trusted system) I get:
Jul 3 14:24:53 robinson sshd[1236]: debug: Encryption type: 3des
Jul 3 14:24:53 robinson sshd[1236]: debug: Received session key; encryption turned on.
Jul 3 14:24:53 robinson sshd[1236]: debug: Installing crc compensation attack detector.
Jul 3 14:24:53 robinson sshd[1236]: debug: Starting up PAM with username "stevesk"
Jul 3
2011 Mar 24
2
Problem with pam-auth and winbind
...0x15cfc80] STATE: ITEM(PAM_SERVICE) = "dovecot" (0x15c
fe00)
Mar 23 10:37:50 komp14 dovecot-auth: pam_winbind(dovecot:auth): [pamh:
0x15cfc80] STATE: ITEM(PAM_USER) = "tt1" (0x15cfe20)
Mar 23 10:37:50 komp14 dovecot-auth: pam_winbind(dovecot:auth): [pamh:
0x15cfc80] STATE: ITEM(PAM_TTY) = "dovecot" (0x15cbfa0
)
Mar 23 10:37:50 komp14 dovecot-auth: pam_winbind(dovecot:auth): [pamh:
0x15cfc80] STATE: ITEM(PAM_RHOST) = "10.10.10.38" (0x1
5cbf60)
Mar 23 10:37:50 komp14 dovecot-auth: pam_winbind(dovecot:auth): [pamh:
0x15cfc80] STATE: ITEM(PAM_RUSER) = "tt1&qu...