search for: sp_expire

Displaying 20 results from an estimated 38 matches for "sp_expire".

2000 Sep 20
1
password aging and account lock checks
I'm looking at the password aging and account lock checks in auth.c:allowed_user(), and specifically their behaviour on HP-UX. First, should this code be ifdef'd away if we're using PAM? Next: /* Check account expiry */ if ((spw->sp_expire > 0) && (days > spw->sp_expire)) return 0; If I lock an account by entering too many incorrect passwords, sp_expire does not change (it stays at -1). From the comment in the man page, I would expect it to be set to 0, but even then the code above would not catch it. long...
2007 Sep 19
1
sp_expire is 0 in QNX Neutrino
QNX Neutrino does not support the shadow password database properly. Apart from misdocumenting /etc/shadow as having 4 fields when in fact it has 5 (including the "last changed" field), its getspnam() fills in the sp_expire field of the spwd structure with 0. And since by default, shadow support is enabled and the configure script turns on HAS_SHADOW_EXPIRE when it finds that field, the built sshd ends up refusing all connections on the grounds of an expired account. I have dealt with this temporarily by hacking as...
2002 Apr 26
1
expire checks
...002 19:51:00 -0000 @@ -80,18 +80,35 @@ if (!pw || !pw->pw_name) return 0; +#define DAY (24L * 60 * 60) /* 1 day in seconds */ spw = getspnam(pw->pw_name); if (spw != NULL) { - int days = time(NULL) / 86400; + time_t today = time(NULL) / DAY; + debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" + " sp_max %d", (int)today, (int)spw->sp_expire, + (int)spw->sp_lstchg, (int)spw->sp_max); - /* Check account expiry */ - if ((spw->sp_expire >= 0) && (days > spw->sp_expire)) + /* + * We assume account and password expira...
2000 Jul 02
1
A error in auth.c of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords and Japanese Translations.
Hi. I have found a error of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords. I reported a same type of error to Mr. Miller when openssh-1.2.1pre23 was released. On our systems, our local machines have shadowed /etc/passwd (and /etc/shadow) and our NIS server distributes non-shadowed password of general users. We have to use
2001 Jun 18
2
Patch for changing expired passwords
...ude "buffer.h" #include "bufaux.h" + /* set when password has expired */ + int forced_passwd_change = 0; + /* import */ extern ServerOptions options; *************** *** 81,93 **** int days = time(NULL) / 86400; /* Check account expiry */ ! if ((spw->sp_expire >= 0) && (days > spw->sp_expire)) return 0; /* Check password expiry */ if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && ! (days > (spw->sp_lstchg + spw->sp_max))) ! return 0; } #else /* Shouldn't be called...
2003 Jan 07
2
Test for locked account in auth.c (bug #442).
Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd =
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
...; \ + !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) #define DAY (24L * 60 * 60) /* 1 day in seconds */ spw = getspnam(pw->pw_name); if (spw != NULL) { - time_t today = time(NULL) / DAY; + time_t expiredate, today = time(NULL) / DAY; debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" " sp_max %d", (int)today, (int)spw->sp_expire, (int)spw->sp_lstchg, (int)spw->sp_max); @@ -106,20 +113,28 @@ if (spw->sp_lstchg == 0) { log("User %.100s password has expired (root forced)", pw->pw_name); - retur...
2001 Oct 12
17
Please test snapshots for 3.0 release
Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer
2002 Jun 30
2
Password auth problem with openssh 3.4 and Linux 2.2.20
...g1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user randy service ssh-connection method none debug1: attempt 0 failures 0 debug3: allowed_user: today 11868 sp_expire -1 sp_lstchg 11868 sp_max 99999 debug3: Trying to reverse map address 10.10.10.2. debug2: input_userauth_request: setting up authctxt for randy debug2: input_userauth_request: try method none Failed none for randy from 10.10.10.2 port 4351 ssh2 debug1: userauth-request for user randy service ssh-co...
2014 May 16
2
? about portable version of sshd crashing
...H2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user admin service ssh-connection method none debug1: attempt 0 failures 0 debug2: parse_server_config: config reprocess config len 852 debug3: auth_shadow_acctexpired: today 2 sp_expire -1 days left -3 debug3: account expiration disabled debug2: input_userauth_request: setting up authctxt for admin debug2: input_userauth_request: try method none debug3: auth_shadow_pwexpired: today 2 sp_lstchg -1 sp_max 99999 Failed none for admin from 192.168.0.65 port 59719 ssh2 debug3: userauth...
2002 Jun 20
0
[Bug 281] New: unable to authorize with local shadow password
...bit server key and 1024 bit host key. debug1: Encryption type: 3des debug1: cipher_init: set keylen (16 -> 32) debug1: cipher_init: set keylen (16 -> 32) debug1: Received session key; encryption turned on. debug1: Installing crc compensation attack detector. debug3: allowed_user: today 11858 sp_expire -1 sp_lstchg 11857 sp_max -1 debug1: Attempting authentication for komanek. debug1: temporarily_use_uid: 112/20 (e=0) debug1: trying public RSA key file /home/komanek/.ssh/authorized_keys debug1: restore_uid Failed rsa for komanek from 195.113.56.1 port 1022 debug1: Kerberos v4 password authenticat...
2002 Dec 06
0
Error Msg --> "fork of unprivileged child failed"
...ow entering debug3: mm_request_send entering: type 6 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM debug3: mm_request_receive_expect entering: type 7 debug3: mm_request_receive entering debug3: monitor_read: checking request 6 debug3: mm_answer_pwnamallow debug3: allowed_user: today 12025 sp_expire -1 sp_lstchg 12025 sp_max 99999 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 debug3: mm_request_send entering: type 7 debug2: monitor_read: 6 used once, disabling now debug3: mm_request_receive entering debug2: input_userauth_request: setting up authctxt for sshd debug3: mm_inform_aut...
2003 Jul 11
0
OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + PasswordAuthenticatio n no + PermitEmptyPasswords yes (followup)
...t_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user natis service ssh-connection method none debug1: attempt 0 failures 0 debug3: allowed_user: today 12244 sp_expire -1 sp_lstchg 12240 sp_max -1 debug2: input_userauth_request: setting up authctxt for natis debug2: input_userauth_request: try method none Accepted none for natis from 192.168.1.1 port 1199 ssh2 debug1: Entering interactive session for SSH2. debug1: fd 7 setting O_NONBLOCK debug1: fd 8 setting O_NO...
2003 Jul 17
1
possible bug + patch : OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + P asswordAuthentication no + PermitEmptyPasswords yes
...t_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user natis service ssh-connection method none debug1: attempt 0 failures 0 debug3: allowed_user: today 12244 sp_expire -1 sp_lstchg 12240 sp_max -1 debug2: input_userauth_request: setting up authctxt for natis debug2: input_userauth_request: try method none Accepted none for natis from 192.168.1.1 port 1199 ssh2 debug1: Entering interactive session for SSH2. debug1: fd 7 setting O_NONBLOCK debug1: fd 8 setting O_NO...
2012 Jan 03
3
Passwords apparently stopped working.
I encountered a couple of strange events with respect to password authentication this morning. Two of our staff were unable to login onto several systems using their usual passwords. Both users had last logged in on these hosts using their accounts and passwords on Friday past. The two accounts could not log on to any of the servers for which they had access and the message log on each showed
2003 Jul 09
0
[PATCH] Add expired password handling for AIX.
...ined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ defined(HAS_SHADOW_EXPIRE) -#define DAY (24L * 60 * 60) /* 1 day in seconds */ if (!options.use_pam && (spw = getspnam(pw->pw_name)) != NULL) { today = time(NULL) / DAY; debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" @@ -221,6 +223,65 @@ stat(_PATH_NOLOGIN, &st) == 0)) return 0; } + } + + /* + * Check AIX password expiry. Only check when running as root. + * Unpriv'ed users can't access /etc/security/passwd or + * /etc/security/user so passwdexpired will alw...
2003 Jul 30
1
[PATCH] Password expiry merge (AIX parts)
...ined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ defined(HAS_SHADOW_EXPIRE) -#define DAY (24L * 60 * 60) /* 1 day in seconds */ if (!options.use_pam && (spw = getspnam(pw->pw_name)) != NULL) { today = time(NULL) / DAY; debug3("allowed_user: today %d sp_expire %d sp_lstchg %d" @@ -221,6 +223,65 @@ stat(_PATH_NOLOGIN, &st) == 0)) return 0; } + } + + /* + * Check AIX password expiry. Only check when running as root. + * Unpriv'ed users can't access /etc/security/passwd or + * /etc/security/user so passwdexpired will alw...
2004 May 09
3
Openssh installation only works for user root
Hi, I have recently compiled a copy of OpenSSH for use on Reliant Unix ( Sinix ) version 5.45. My installation works okay for user root. When I try to log on as another user I get prompted for the user password. When I type this in OpenSSH throws me out each time. I have been able to see any errors. My version is OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004. I am using Putty
2003 Oct 07
1
[Bug 731] sshd terminates a session after a successful login
..._newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user Vssh_U service ssh-connection method none debug1: attempt 0 failures 0 debug3: allowed_user: today 12327 sp_expire 13878 sp_lstchg 12327 sp_max 168 debug2: input_userauth_request: setting up authctxt for Vssh_U debug2: input_userauth_request: try method none Failed none for Vssh_U from 127.0.0.1 port 4416 ssh2 debug1: userauth-request for user Vssh_U service ssh-connection method password debug1: attempt 1 fail...
1998 Oct 07
1
Re: sshd and PAM [summary]
-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan