search for: pgsery

...ot.org/show_bug.cgi?id=1393 Summary: patch modifies gnome-ssh-askpass to optionally use one- time password Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All URL: http://www.swcp.com/~pgsery OS/Version: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: pgsery at swcp.com Created an attachment (id=1383) --> (http://...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgsery at swcp.com --- Comment #18 from Damien Miller <djm at mindrot.org> 2008-06-13 13:56:12 --- *** Bug 1435 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You a...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #26 from Paul Sery <pgsery at swcp.com> 2010-01-08 08:09:14 EST --- The configuration below is incorrect. When using protocol 2, it should read: ... RequiredAuthentications2 password Also, there's no need to specify publickey in conjunction with other authentication methods because it will always be tried first (as...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au Blocks| |1626 --- Comment #23 from Darren Tucker

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Paul Sery <pgsery at swcp.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1768|0 |1 is obsolete| | --- Comment #30 from Paul Sery <pgse...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Petr Lautrbach <plautrba at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2138|0 |1 is obsolete| | --- Comment #54 from Petr Lautrbach <plautrba at

...Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: pgsery at swcp.com The Virtual Token (VToken) patch adds a kbdint device that provides a new challenge-based authentication mechanism. The server calculates a challenge from two secrets and a counter. You authenticate by proving that you know the secrets by correctly answering the challenge. This create...

...Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: pgsery at swcp.com The Virtual Token (VToken) patch adds a kbdint device that provides a new challenge-based authentication mechanism. The server calculates a challenge from two secrets and a counter. You authenticate by proving that you know the secrets by correctly answering the challenge. This create...

...fication: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: pgsery at swcp.com Created an attachment (id=1450) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1450) Adds multiple authentication methods option to sshd Jefferson Ogata's patch (http://marc.info/?l=openssh-unix-dev&m=108134938701018&w=2) adds a multiple authentication methods opt...

...Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: pgsery at swcp.com Created an attachment (id=1452) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1452) Adds an out-of-band challenge (obc) device to kbdint The out-of-band challenge (OBC) patch creates a kbdint device that provides a server-based authentication mechanism. The server generates...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #34 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:24 EST --- Retarget unresolved

...zilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|pgsery at swcp.com |djm at mindrot.org --- Comment #58 from Damien Miller <djm at mindrot.org> --- Created attachment 2192 --> https://bugzilla.mindrot.org/attachment.cgi?id=2192&action=edit new multiple required authentication methods patch Here's a patch I'm working...

The patch (against 4.7p1) modifies gnome-ssh-askpass to optionally generate a one-time password and transmits it to the user via an out-of-band communication channel. If you can read the password and enter it back into the gnome-ssh-askpass dialog, ssh-agent is allowed to continue with the authentication process. There are two ways to use the modified gnome-ssh-askpass. The first

Jefferson Ogata's patch http://marc.info/?l=openssh-unix-dev&m=108134938701018&w=2 adds a multiple authentication methods option to sshd. I updated the patch to 4.7p1 and added logic to allow it to work with privilege separation. https://bugzilla.mindrot.org/show_bug.cgi?id=1435 -------------- next part -------------- A non-text attachment was scrubbed... Name:

The Virtual Token (VToken) patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1439) creates a kbdint device that provides a new challenge-based authentication mechanism. The server calculates a challenge from two secrets and a counter. You authenticate by proving by correctly answering the challenge, proving you know the secrets. This creates a software-based token, similar in function to

This patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1438) creates a kbdint device that provides a server-based authentication mechanism. The server generates and emails you a random string when you attempt to login. You're authenticated if you can correctly answer the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the