search for: rhost

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the .rhosts/.shosts file and put the information in there. If you have "IgnoreRhosts yes" in the configuration file for the sshd, no rhosts-...

Hi, I have discovered a bug in the rhost module of Linux-PAM-0.57. This bug leads to a vulnerability in the remote login authentication, with the effect that ordinary user accounts may not be password protected. There is only one case when the bug causes a vulnerability: The problem case is when the user''s .rhost file has the...

...would be the best to stop this attack and how? the server running apache mysql and ftp PORT STATE SERVICE 21/tcp open ftp 80/tcp open http 443/tcp open https 3306/tcp open mysql ... Jan 22 16:07:14 user vsftpd(pam_unix)[17462]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=195.95.228.150 Jan 22 16:07:16 user vsftpd(pam_unix)[16737]: check pass; user unknown Jan 22 16:07:16 user vsftpd(pam_unix)[16737]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=195.95.228.150 Jan 22 16:07:17 user vsftpd(pam_unix)[17462]: check pass; user unknown Jan 23 17:23:52 u...

Has ANYONE been able to verify that Rhosts authentication works with 3.4.p1? Does it work with other SSHv2 implementations? Anybody tried it on a RedHat 7.3 system? Also, I'm curious about this code I found in sshd.c: /* * Check that the connection comes from a privileged port. * Rhosts-Authentication only makes...

...here, I know this is the classic RTFM list question but... I've really tried hard on this and no result! This is what I'm receving from logcheck: System Events =-=-=-=-=-=-= Apr 3 06:55:13 bsg sshd[32246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.233.245.226 user=root Apr 3 06:55:19 bsg sshd[32248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.233.245.226 user=root Apr 3 06:55:25 bsg sshd[32250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.2...

Hi, How to use hosts.equiv and .rhosts in samba and can you please send me an example of them ____________________________________________ Mohammed Al-Shabib Baker <http://www.bakerhughes.com/> Hughes.com Tel. (+973) 586000 Fax (+973) 580626 P.O. box 18199, Manama, Bahrain My <mailto:Mohammed.Al-Shabib@bakerhughes.com&g...

Had two nameservers crash in the last few hours... This 'never' happens! On the console was sent an invalid ICMP type 3, code 3 error to a broadcast: 255.255.255.255 on eth0 sent an invalid ICMP type 3, code 3 error to a broadcast: 255.255.254.255 on eth0 with the IP address of the offender? in front of that line. Any ideas? Best, John Hinton

I am having an issue passing a command through ssh which uses an environment variable. I would like the environment variable to be read from the remote host, but it is being read from the local host. For instance: ssh rhost ls -lm $WWW_HOME $WWW_HOME is set as /usr/www on local but /var/www on the remote so it is being read as : ssh rhost ls -lm /usr/www and I'd like it to be ssh rhost ls -lm /var/www Any thoughts would be appreciated, thanks for your help.

I've installed OpenSSH 2.9p1 on Solaris 2.7 and I am trying to get rhost authentication working. Something appears to be wrong with the client side as I can do rhost auth with a ssh1.2.27 client. Any help would be appreciated. /opt/openssh-2.9p1/etc/ssh_config is: ForwardX11 yes RhostsAuthentication yes /opt/openssh-2.9p1/etc/sshd_config is: Port 22 IgnoreRhosts n...

...that would catch these web dovecot login attempts? Feb 27 08:19:53 ourserver auth[15085]: pam_unix(dovecot:auth): check pass; user unknown Feb 27 08:19:53 ourserver auth[15085]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= user at ourserver.ourdomain.edu rhost=177.72.0.158 Feb 27 08:20:35 ourserver auth[15085]: pam_unix(dovecot:auth): check pass; user unknown Feb 27 08:20:35 ourserver auth[15085]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=user rhost=213.156.111.236 Feb 27 08:27:07 ourserver auth[16831]: pam_u...

...I can?t figure out what they are trying to do, and if I should be concerned. I am running dovecot version 0.99.14 on Fedora Core 4. It appears that my dovecot server is under attack. This morning in my system e-mail I saw this: dovecot: Authentication Failures: rhost= : 23431 Time(s) adm: 33 Time(s) bin: 33 Time(s) mail: 33 Time(s) mysql: 21 Time(s) nobody: 15 Time(s) news: 14 Time(s) operator: 8 Time(s) sshd: 2 Time(s) Unknown Entries:...

...red or so imap/dovecat process running. I am running RC Core3. Can anyone shead some light on how to correct this ? Jun 16 08:38:24 jidmail dovecot(pam_unix)[27653]: check pass; user unknown Jun 16 08:38:24 jidmail dovecot(pam_unix)[27653]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Jun 16 08:38:24 jidmail dovecot(pam_unix)[27657]: check pass; user unknown Jun 16 08:38:24 jidmail dovecot(pam_unix)[27657]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Jun 16 08:38:24 jidmail dovecot(pam_unix)[27658]: check pass; user unknown Jun 16 08:38:24 jidmail dovecot(p...

I simply cannot get use rhosts = yes to work; whether I have security set to user or share it will only work if I have the share set to public (and then it maps to the guest user). I do have .rhosts files set up with proper permissions and ownership; I can post details but if this isn't supposed to work anymore there...

...A keys,using protocol version 2 works fine between them. (so ssh itself and the network is working fine) However, I want to get something that will work with rsync without having to manually enter passwords, passphrases, or enter such information hardcoded in scripts. I figured I'ld first get rhosts authentication working and then move to rhosts/RSA authentication (if that doesn't require passphrase.) first things first... rhosts authentication... Here's the sshd_config from the server... Protocol 1 RSAAuthentication no PasswordAuthentication no RhostsAuthentication yes I...

...------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18 14:33 ------- ssh is by default not set-uid root. re-open if this is the the cause. RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA host authentication. The argument must be ``yes'' or ``no''. The default is ``no''. This option applies to protocol version 1 only and require...

...; to the code which checks for the ownership and modes of identity files and directories. As you might know, check_ntsec() tests if owner/modes are supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem (FAT/FAT32=no, NTFS=yes) and the current Cygwin settings (ntea/ntsec). Corinna Index: auth-rhosts.c =================================================================== RCS file: /cvs/openssh_cvs/auth-rhosts.c,v retrieving revision 1.17 diff -u -p -r1.17 auth-rhosts.c --- auth-rhosts.c 2001/04/12 23:34:35 1.17 +++ auth-rhosts.c 2001/06/04 10:05:34 @@ -228,6 +228,9 @@ auth_rhosts2(struct passwd...

...og someone "(bal)" removed -{enable/disable}-suid-ssh from configure (dating from 2002/06/07). Don't know the reason, probably this has something to do with PrivilegeSeparation. Consequence is: Users with UID != 0 are no longer able to allocate privileged ports, sshd answers "Rhosts Authentication disabled, originating port will not be trusted". Bang, there they sit. :-) Ok, "chmod u+s ssh scp" does help as first aid. My question is: Is SUID on ssh/scp considered dangerous? Are there other reasons one should avoid this? Regards, Robert -- Robert...

Wow, this is definitely turning out to not be my month ... upgrade all the servers to OpenSSH due to SSH1.2.26 vulnerabilities ... .rhosts doesn't work anymore :( Get that fixed ... now rhosts of usera:hosta -> userb:hostb, where userb:hostb's rhosts has 'hosta usera' in it fails ... I don't know if these are problems specific to Solaris 7 or not, but can ppl check their machines to see whether this is just m...

Anyone, HELP!!!!!!!!!!!!!! I currently installed openssh-2.9p2 on SunOS 5.7 and 5.8. From the very moment that start to ssh out I get "Rhosts Authentication disabled ;the originating ip will not be trusted". I 've put "Useprivileged yes " in the ssh_config file, but then the ssh complains that there is a bad config line. Can some one tell me what is going on and how can I get around this. I would like to use the scp c...

openssh 2.5.2p2 on Solaris 8 has PAM/cron problems. If I build it with PAM then cron quits working giving "cron audit problem." errors. If I turn PAM off then cron works but I get kicked out of any session where a password is needed (i.e. no .rhosts/.shosts or not using ssh-agent) with the message "Connection closed by IP#". I get through if I have a .rhosts/.shosts or use ssh-agent. The following shows the latter error with debugging turned on for both ssh and sshd: On the server: terl:/[35]# cat /var/ssh/sshd_config Port...