search for: ssh_cmsg_auth_password

Displaying 15 results from an estimated 15 matches for "ssh_cmsg_auth_password".

2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
...+ debug("PAM authentication for \"%.100s\" failed: %s", pw->pw_name, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); return 0; } @@ -234,11 +289,34 @@ /* Start PAM authentication for specified account */ void start_pam(struct passwd *pw) { + start_pam2(pw, SSH_CMSG_AUTH_PASSWORD); +} + + +/* Start PAM authentication for specified account */ +static void start_pam2(struct passwd *pw, int auth_type) +{ int pam_retval; + const char *service=NULL; - debug("Starting up PAM with username \"%.200s\"", pw->pw_name); + switch (auth_type) { +...
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
...le: /cvs/openssh_cvs/auth1.c,v retrieving revision 1.46 diff -u -p -r1.46 auth1.c --- auth1.c 6 Dec 2001 17:55:26 -0000 1.46 +++ auth1.c 18 Dec 2001 19:07:12 -0000 @@ -313,9 +313,9 @@ do_authloop(Authctxt *authctxt) #ifdef HAVE_CYGWIN if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) { + !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) { packet_disconnect("Authentication rejected for uid %d.", - (int)pw->pw_uid); + pw ? (int)pw->pw_uid : -1); authenticated = 0; } #else Index: auth2.c =======================================...
2001 Jan 12
1
auth Ques.
...under ~/.ssh/xxx ). How can this be achieved using openSSH ? I did not see in doc (may be I missed something..). Is it enough: In sshd_config: RSAAuthentication yes 1) On server, where should the user's public key be stored (~/.ssh/xxx)? 2) If RSA fails, does sshd automatically drop down to SSH_CMSG_AUTH_PASSWORD based ? Is this option configurable ? Thank you. Sunil.
2002 Apr 22
0
[Bug 98] auth1.c modifications for correct UNICOS behavior
...extern ServerOptions options; @@ -291,6 +294,16 @@ if (!authctxt->valid && authenticated) fatal("INTERNAL ERROR: authenticated invalid user %s", authctxt->user); + +#ifdef _CRAY + if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated) { + cray_login_failure(authctxt->user, IA_UDBERR); + } + if (authenticated && cray_access_denied(authctxt->user)) { + authenticated = 0; + fatal("Access denied...
2003 Feb 28
0
[PATCH] Clean up failed login logging.
...=================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.79 diff -u -r1.79 auth1.c --- auth1.c 24 Feb 2003 00:59:27 -0000 1.79 +++ auth1.c 25 Feb 2003 09:45:10 -0000 @@ -311,8 +311,6 @@ authctxt->user); #ifdef _UNICOS - if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated) - cray_login_failure(authctxt->user, IA_UDBERR); if (authenticated && cray_access_denied(authctxt->user)) { authenticated = 0; fatal("Access denied for user %s.",authctxt->user); Index: auth2.c ======================================...
2003 Apr 03
0
[PATCH re-send]: Clean up logging of failed logins.
...=================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.79 diff -u -r1.79 auth1.c --- auth1.c 24 Feb 2003 00:59:27 -0000 1.79 +++ auth1.c 25 Feb 2003 09:45:10 -0000 @@ -311,8 +311,6 @@ authctxt->user); #ifdef _UNICOS - if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated) - cray_login_failure(authctxt->user, IA_UDBERR); if (authenticated && cray_access_denied(authctxt->user)) { authenticated = 0; fatal("Access denied for user %s.",authctxt->user); Index: auth2.c ======================================...
2003 Jan 27
1
[PATCH] Creation of record_failed_login() in sshlogin.c
...=================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.78 diff -u -r1.78 auth1.c --- auth1.c 23 Jan 2003 06:41:20 -0000 1.78 +++ auth1.c 27 Jan 2003 10:51:39 -0000 @@ -311,8 +311,6 @@ authctxt->user); #ifdef _UNICOS - if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated) - cray_login_failure(authctxt->user, IA_UDBERR); if (authenticated && cray_access_denied(authctxt->user)) { authenticated = 0; fatal("Access denied for user %s.",authctxt->user); Index: auth2.c ======================================...
2001 May 23
1
[PATCH]: Drop the use of `check_nt_auth'.
...auth1.c 2001/03/24 00:37:59 1.40 +++ auth1.c 2001/05/23 09:40:49 @@ -313,14 +313,7 @@ do_authloop(Authctxt *authctxt) fatal("INTERNAL ERROR: authenticated invalid user %s", authctxt->user); -#ifdef HAVE_CYGWIN - if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) { - packet_disconnect("Authentication rejected for uid %d.", - (int)pw->pw_uid); - authenticated = 0; - } -#else +#ifndef HAVE_CYGWIN /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_a...
2000 Feb 01
3
logging RSA key IDs
Hi. To compartmentalize things a bit (e.g., to help limit the damage should one of my machines be hacked and my private RSA keys stolen) I use different RSA key pairs on my different client machines. So it occurs to me that it would be nice if ssh could log which key was used when logging in to a particular account that has more than one entry in .ssh/authorized_keys. Right now it simply says
2002 Jan 29
2
Key fingerprint logging
...1,11 +231,11 @@ } /* RSA authentication requested. */ n = BN_new(); packet_get_bignum(n, &nlen); packet_integrity_check(plen, nlen, type); - authenticated = auth_rsa(pw, n); + authenticated = auth_rsa(pw, n, info, sizeof(info)); BN_clear_free(n); break; case SSH_CMSG_AUTH_PASSWORD: if (!options.password_authentication) { diff -u5 openssh-3.0.2p1.orig/auth2.c openssh-3.0.2p1/auth2.c --- openssh-3.0.2p1.orig/auth2.c Tue Nov 13 13:46:19 2001 +++ openssh-3.0.2p1/auth2.c Tue Jan 29 15:21:58 2002 @@ -58,10 +58,14 @@ extern int session_id2_len; static Authctxt *x_authctxt =...
2003 Apr 27
3
[PATCH re-send]: Clean up logging of failed logins
sorry, Darren. Long over due comments. [..] >+/* Record a failed login attempt. */ >+void >+record_failed_login(const char *user, const char *host, const char *ttyname) >+{ >+#ifdef WITH_AIXAUTHENTICATE >+ loginfailed(user, host, ttyname); >+#endif >+#ifdef _UNICOS >+ cray_login_failure((char *)user, IA_UDBERR); >+#endif /* _UNICOS */ >+} I like the
2000 Sep 09
0
2.2.0p1 PATCH: ssh/scp/slogin will invoke ssh-askpass
...assword = ssh_askpass(askpass, + "Permission denied, please try again:"); + else + password = ssh_askpass(askpass, prompt); + } else { + if (i != 0) + error("Permission denied, please try again."); + password = read_passphrase(prompt, 0); + } packet_start(SSH_CMSG_AUTH_PASSWORD); packet_put_string(password, strlen(password)); memset(password, 0, strlen(password)); diff -U 3 -N -r ORIG/openssh-2.2.0p1/sshconnect2.c openssh-2.2.0p1/sshconnect2.c --- ORIG/openssh-2.2.0p1/sshconnect2.c Tue Aug 22 20:46:25 2000 +++ openssh-2.2.0p1/sshconnect2.c Sat Sep 9 01:10:30 2000 @...
1999 Dec 10
2
[David Huggins-Daines <dhd@plcom.on.ca>] Bug#52414: ssh-add uses ssh-askpass, but ssh doesn't
...d_passphrase(prompt, 0); + if (use_askpass) { + const char * askpass; + if ((askpass = getenv(SSH_ASKPASS_ENV))) + password = ssh_askpass(askpass, prompt); + else + password = ssh_askpass(SSH_ASKPASS_DEFAULT, prompt); + } else + password = read_passphrase(prompt, 0); packet_start(SSH_CMSG_AUTH_PASSWORD); packet_put_string(password, strlen(password)); memset(password, 0, strlen(password)); Cheers --[[text/plain]]
2001 Nov 20
3
problem with AFS token forwarding
Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the
2002 Sep 23
19
Call for testing for 3.5 OpenSSH
OpenBSD tree is heading into a lock and this includes OpenSSH. So we are winding up for a 3.5 release. If we can get people to test the current snapshots and report any problems that would improve the odds that your platform won't be broke for 3.5. Issues I know off of right now. 1. I can't test NeXT. So I TRULY need someone in that community to test for me. Last I heard there was