search for: record_failed_login

...auth code for a while. Some platforms support failed login counters and it occurs to me that there's as few too many instances of: #ifdef [PLATFORM] if (authenticated == 0 && strcmp(method, "password") == 0) some_login_failure_func(); #endif The attached patch creates a record_failed_login() function in sshlogin.c to go along with record_login(). This new function holds the platform-specific code. At the moment, this is AIX and UNICOS, but it will provide an obvious place for any other platforms that support this type of thing. auth_log() is called from do_authloop (proto 1) or u...

sorry, Darren. Long over due comments. [..] >+/* Record a failed login attempt. */ >+void >+record_failed_login(const char *user, const char *host, const char *ttyname) >+{ >+#ifdef WITH_AIXAUTHENTICATE >+ loginfailed(user, host, ttyname); >+#endif >+#ifdef _UNICOS >+ cray_login_failure((char *)user, IA_UDBERR); >+#endif /* _UNICOS */ >+} I like the patch idea, but I'...

Hi All. As noted in a previous post, the logging of failed user logins is somewhat spread out. This patch creates a record_failed_login() function in sshlogin.c and moves the AIX and UNICOS code to it, eliminating 3 #ifdefs from the main code. It also provides an obvious place to add the code for any other platforms that support this. I've tested this on AIX 4.3.3. Wendy Palm was kind enough to test it on UNICOS (this patch...

Hi All. This is a re-send of a patch I submitted before 3.6p1. As noted in a previous post, the logging of failed user logins is somewhat spread out. This patch creates a record_failed_login() function in sshlogin.c and moves the AIX and UNICOS code to it, eliminating 3 #ifdefs from the main code. It also provides an obvious place to add the code for any other platforms that support this. I've tested this on AIX 4.3.3. Wendy Palm was kind enough to test it on UNICOS (thi...

On Sun, 31 Mar 2019 at 19:01, Kevin Brott <kevin.brott at gmail.com> wrote: [...] > Using openssh-SNAP-20190401.tar.gz > AIX 7200-03-02-1846 > OpenSSL 1.0.2p 14 Aug 2018 > gcc (GCC) 8.1.0 > GNU Make 4.2.1 [...] > sshkey.c: In function 'sshkey_format_cert_validity': > sshkey.c:2750:42: warning: '%s' directive output may be truncated writing up to 31 bytes

On Mon, 1 Apr 2019 at 23:23, Kevin Brott <kevin.brott at gmail.com> wrote: [...] > port-aix.c:316:1: error: conflicting types for 'record_failed_login' > record_failed_login(const char *user, const char *hostname, const char *ttyname) I think I just fixed that by changing the function to match the new prototype. Unfortunately I can't currently test it myself. Please report any further problems. Thanks! http://anongit.mindrot.org/...

...n `format_size': progressmeter.c:104: warning: long long int format, off_t arg (arg 4) progressmeter.c:104: warning: long long int format, off_t arg (arg 4) loginrec.c: In function `lastlog_get_entry': loginrec.c:1592: warning: int format, different type arg (arg 4) loginrec.c: In function `record_failed_login': loginrec.c:1655: warning: passing arg 3 of `getpeername' from incompatible pointer typescp.c: loginrec.c:1656: warning: passing arg 2 of `ipv64_normalise_mapped' from incompatible pointer type In function `source': scp.c:566: warning: long long int format, __off_t arg (arg 5) sc...

....c openssh-3.7.1p2/auth.c --- openssh-3.7.1p2.orig/auth.c Tue Sep 2 23:32:46 2003 +++ openssh-3.7.1p2/auth.c Tue Oct 7 10:58:33 2003 @@ -300,8 +300,17 @@ #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && strcmp(method, "password") == 0) + { +#if #system(bs2000) + record_failed_login_attempt(authctxt->user, + "FAILED LOGIN ATTEMPT FOR USER", + get_remote_ipaddr(), + get_remote_port()); +#else record_failed_login(authctxt->user, "ssh"); #endif + } +#endif } /* @@ -524,8 +533,12 @@ logit("Illegal user %.100s from %...

...called ?auth.c" auth.c: #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && !authctxt->postponed && (strcmp(method, "password") == 0 || strncmp(method, "keyboard-interactive", 20) == 0 || strcmp(method, "challenge-response") == 0)) record_failed_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh"); # ifdef WITH_AIXAUTHENTICATE if (authenticated) sys_auth_record_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh", &loginmsg); # endif #endif? Now I?ve just thought adding ?...

http://bugzilla.mindrot.org/show_bug.cgi?id=543 Summary: sshd does not use AIX's setauthdb Product: Portable OpenSSH Version: 3.6p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: cawlfiel at

...d4): undefined reference to `howmany' ./libssh.a(packet.o):packet.c:(.text+0x4100): more undefined references to `howmany' follow If I manually edit config.h after configure, adding #define MISSING_HOWMANY then I get these errors when I build: loginrec.c: In function 'record_failed_login': loginrec.c:1700: error: 'struct utmp' has no member named 'ut_host' loginrec.c:1700: error: 'struct utmp' has no member named 'ut_host' loginrec.c:1708: error: 'struct utmp' has no member named 'ut_addr' loginrec....

...bug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: And here is the debug message of ssh server: ................... ebug2: check_key_in_hostfiles: key not found for sshia3 Failed hostbased for root from fe80::217:8ff:fe7c:d9f4 port 57500 ssh2 debug1: Entering record_failed_login uid 0 debug1: audit event euid 0 user root event 7 (AUTH_FAIL_HOSTBASED) ........................... So could anyone has some idea about this?Please cc me. Thanks! Best regards, Kevin

http://bugzilla.mindrot.org/show_bug.cgi?id=1058 Summary: Updating protected password database in HP-UX Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy:

...=================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/openbsd-compat/port-aix.c,v retrieving revision 1.10 diff -u -r1.10 port-aix.c --- openbsd-compat/port-aix.c 3 Jun 2003 02:45:27 -0000 1.10 +++ openbsd-compat/port-aix.c 2 Jul 2003 05:01:34 -0000 @@ -68,9 +68,13 @@ void record_failed_login(const char *user, const char *ttyname) { - char *hostname = get_canonical_hostname(options.use_dns); + char *hostname = (char *)get_canonical_hostname(options.use_dns); - loginfailed(user, hostname, ttyname); +# ifdef AIX_LOGINFAILED_4ARG + loginfailed((char *)user, hostname, (char *)ttyname, A...

...ove_embedded_newlines(char *p) +{ + if (p == NULL) + return; + + for (; *p; p++) { + if (*p == '\n') + *p = ' '; + } + /* Remove trailing whitespace */ + if (*--p == ' ') + *p = '\0'; +} +#endif /* WITH_AIXAUTHENTICATE */ + # ifdef CUSTOM_FAILED_LOGIN /* * record_failed_login: generic "login failed" interface function Index: openbsd-compat/port-aix.h =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/openbsd-compat/port-aix.h,v retrieving revision 1.8 diff -u -r1.8 port-aix.h --- openbs...

http://bugzilla.mindrot.org/show_bug.cgi?id=974 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement Platform|HPPA |All Summary|Enhancement : Record |Record Badlogins for

http://bugzilla.mindrot.org/show_bug.cgi?id=125 alex.bell at bt.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alex.bell at bt.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

Hi, OpenSSH 5.4 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a big release, with a number of major new features and many bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH