search for: server_us

Hello, I'm having a problem trying to use ssh to login from my machine with server_user as hughes to myself with server_user as hughes. I have no problem using rlogin - no password required. How do I use ssh to login from my machine as hughes at pnguy to myself with the same server_user (hughes) (etc. ssh pnguy) without a password required. My .rhosts, .shosts in /users/hughes/.s...

I believe auth-rhosts.c, function check_rhosts_file(), contains a bug that shows up when doing host-based authentication where the client_user name is not the same as the server_user name. Line 76 reads: strlcpy(userbuf, server_user, sizeof(userbuf)); I believe it should read: strlcpy(userbuf, client_user, sizeof(userbuf)); Otherwise later in the function this test will fail: /* Verify that user name matches. */ if (user[0] == '@') { if (!innetgr(user + 1, NULL...

...enssh-4.3p2-kylie/sshconnect.c --- openssh-4.3p2/sshconnect.c 2005-12-13 02:29:03.000000000 -0600 +++ openssh-4.3p2-kylie/sshconnect.c 2006-05-04 10:07:57.000000000 -0500 @@ -937,6 +937,7 @@ ssh_login(Sensitive *sensitive, const ch } else { ssh_kex(host, hostaddr); ssh_userauth1(local_user, server_user, host, sensitive); + xfree(local_user); } }

...nsafe RSA signature " "scheme; disabling use of RSA keys", remote_version); - chop(server_version_string); + chop(*server_version_stringp); } /* defaults to 'no' */ @@ -1406,6 +1404,8 @@ ssh_login(Sensitive *sensitive, const char *orighost, { char *host; char *server_user, *local_user; + char *client_version_string = NULL; + char *server_version_string = NULL; local_user = xstrdup(pw->pw_name); server_user = options.user ? options.user : local_user; @@ -1415,7 +1415,7 @@ ssh_login(Sensitive *sensitive, const char *orighost, lowercase(host); /* Excha...

...in/service sshd restart Here's the client debugging output: [...] debug1: authentications that can continue: publickey,password,hostbased debug1: next auth method to try is hostbased debug1: Remote: Accepted by .rhosts. debug1: Remote: Accepted host ohm-master1 ip 192.168.1.1 client_user root server_user root debug1: authentications that can continue: publickey,password,hostbased debug1: Remote: Accepted by .rhosts. debug1: Remote: Accepted host ohm-master1 ip 192.168.1.1 client_user root server_user root debug1: authentications that can continue: publickey,password,hostbased debug1: userauth_hos...

...tbased: chost enfm-pc8.utcc.utoronto.ca. debug1: ssh_keysign called debug3: msg_send: type 2 debug3: msg_recv entering debug2: we sent a hostbased packet, wait for reply debug1: Remote: Accepted by .rhosts. debug1: Remote: Accepted host enfm-pc8.utcc.utoronto.ca ip 128.100.102.101 client_user mikep server_user mikep debug1: authentications that can continue: publickey,password,keyboard-interactive,hostbased debug2: userauth_hostbased: chost enfm-pc8.utcc.utoronto.ca. debug1: ssh_keysign called debug3: msg_send: type 2 debug3: msg_recv entering debug2: we sent a hostbased packet, wait for reply debug1:...

...ForwardX11 yes HostbasedAuthentication yes RhostsRSAAuthentication yes The relevant part of sshd -ddd output seems to be: debug3: mm_send_debug: Sending debug: Accepted by .rhosts. debug3: mm_send_debug: Sending debug: Accepted host bmx.comp.uvic.ca ip 142.104.16.101 client_user klewall server_user klewall debug3: mm_key_verify entering debug3: mm_request_send entering: type 22 debug3: monitor_read: checking request 22 ssh_rsa_verify: RSA_verify failed: error:04077068:lib(4):func(119):reason(104) debug1: ssh_rsa_verify: signature incorrect debug3: mm_answer_keyverify: key 2003b5e8 signature...

...NS_VERIFY_FOUND) { @@ -1108,7 +1116,8 @@ */ void ssh_login(Sensitive *sensitive, const char *orighost, - struct sockaddr *hostaddr, struct passwd *pw, int timeout_ms) + struct sockaddr *hostaddr, struct passwd *pw, int timeout_ms, + const char *canohost) { char *host, *cp; char *server_user, *local_user; @@ -1131,7 +1140,7 @@ /* key exchange */ /* authenticate user */ if (compat20) { - ssh_kex2(host, hostaddr); + ssh_kex2(host, hostaddr, canohost); ssh_userauth2(local_user, server_user, host, sensitive); } else { ssh_kex(host, hostaddr); diff -ur openssh/sshconnect.h...

...n denied, please try again."); - + if (!interactive && getenv("DISPLAY")) { + if (getenv(SSH_ASKPASS_ENV)) + askpass = getenv(SSH_ASKPASS_ENV); + else + askpass = SSH_ASKPASS_DEFAULT; + } snprintf(prompt, sizeof(prompt), "%.30s@%.40s's password: ", server_user, host); - password = read_passphrase(prompt, 0); + if (!interactive && getenv("DISPLAY")) { + if (attempt != 1) + password = ssh_askpass(askpass, + "Permission denied, please try again:"); + else + password = ssh_askpass(askpass, prompt); + } else { + if (...

...ttempt++ >= 1) + return 0; + + password = read_password_from_fd(options.password_from_fd); + } else { if (attempt++ >= options.number_of_password_prompts) return 0; @@ -451,6 +458,8 @@ snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", authctxt->server_user, authctxt->host); password = read_passphrase(prompt, 0); + } + packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service); -- /Peter ?strand <astrand at lysator.liu.se>

...bols from /software/@sys/usr/lib/libdb-4.0.so...done. Reading symbols from /usr/platform/SUNW,Ultra-30/lib/libc_psr.so.1...done. Reading symbols from /usr/lib/nss_files.so.1...done. Reading symbols from /usr/lib/nss_dns.so.1...done. #0 0x24210 in ssh_userauth1 (local_user=0xf7b30 "root", server_user=0xf79e0 "root", host=0xfa790 "pf-i400", sensitive=0xf433c) at sshconnect1.c:1248 1248 if (options.identity_keys[i] != NULL && (gdb) where #0 0x24210 in ssh_userauth1 (local_user=0xf7b30 "root", server_user=0xf79e0 "root&qu...

...nf filter_ld_path=/lib:/usr/lib:/usr/X11R6/lib:/usr/local/lib filter_path=/bin:/usr/bin:/usr/local/bin:/usr/sbin:/usr/local/sbin:/usr /lib/filters:/usr/X11R6/bin mail_operator_on_error=root pr=/usr/bin/pr printcap_path=/etc/printcap printer_perms_path=/etc/lpd.perms server_config_file=/etc/lpd.conf server_user=lp user=lp group=lp send_data_first@ Relevant Information for printing in lpd.perms: ACCEPT SERVICE=C SERVER REMOTEUSER=root ACCEPT SERVICE=C LPC=lpd,status,printcap REJECT SERVICE=C ACCEPT SERVICE=M SAMEHOST SAMEUSER ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M DEFAULT ACCEPT Th...

...ipher, using 3des instead. debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. Segmentation fault A backtrace in GDB gives: #0 0x00006bd4 in ssh_userauth (local_user=0x339d0 "", server_user=0xbffffc0c "cjm", host=0xe00c0 "sun4", host_key_valid=211808, own_host_key=0xdff50) at sshconnect1.c:1020 #1 0x000058fc in ssh_login (host_key_valid=0, own_host_key=0xdff50, orighost=0xbffffc10 "sun4", hostaddr=0x338b0, original_real_uid=917696) at sshconnect.c:7...

...) { + lang = packet_get_string(NULL); + xfree(lang); + } if (strlen(info) > 0) logit("%s", info); xfree(info); - xfree(lang); packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service);

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

...Fax: ++41 56 310 3649 -------------- next part -------------- --- openssh-2.9.9p2.orig/sshconnect1.c Sat Jul 14 04:17:00 2001 +++ openssh-2.9.9p2/sshconnect1.c Thu Sep 27 09:58:37 2001 @@ -1111,13 +1111,14 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, Key **keys, int nkeys) { + #ifdef KRB5 krb5_context context = NULL; krb5_auth_context auth_context = NULL; #endif int i, type; int payload_len; - + if (supported_authentications == 0) fatal("ssh_userauth1: server supports no auth methods"); @@ -1139...

...er user if no user name was given. */ pw = getpwuid(original_real_uid); if (!pw) - fatal("User id %u not found from user database.", original_real_uid); + fatal("User id %lu not found from user database.", (long)original_real_uid); local_user = xstrdup(pw->pw_name); server_user = options.user ? options.user : local_user; Index: sshd.c @@ -1053,7 +1053,7 @@ if (pid < 0) error("fork: %.100s", strerror(errno)); else - debug("Forked child %d.", pid); + debug("Forked child %ld.", (long)pid); close(startup_p[1]);...

...ang = packet_get_string(NULL); + if (!(datafellows & SSH_BUG_PWDCHGREQ)) { + lang = packet_get_string(NULL); + xfree(lang); + } if (strlen(info) > 0) logit("%s", info); xfree(info); - xfree(lang); packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service); [1] http://www.ietf.org/internet-drafts/draft-ietf-secsh-userauth-21.txt

...il_operator_on_error=root pr=/usr/bin/pr printcap_path=/usr/local/etc/printcap # If you distribute your printcap entries through NIS, # use the following line instead: #printcap_path=|/usr/lib/yp/match_printcap printer_perms_path=/usr/local/etc/lpd.perms server_config_file=/usr/local/etc/lpd.conf server_user=lp user=lp group=lp # If your printer doesn't print the job remove the "@" from the following # line. (for example necessary for HP4M with a JetDirect Card) send_data_first@ <snip> Here is my printcap file <snip> hp2500cp_q :cm=HP DesignJet 2500 CP :rm=10.224.2....

...send by the server every time it is sending an SSH_NEWKEYS packet, hence after every rekeying. I reproduced it on my system with OpenSSH 7.3p1 and manually rekeying with escape R http://pastebin.com/Xk0dF0mc on the client side: sshconnect2.c: void ssh_userauth2(const char *local_user, const char *server_user, char *host, Sensitive *sensitive) { ... ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); ssh_dispatch_run(ssh, DISPATCH_BLOCK, &authctxt.success, &authct...