search for: userauth_passwd

Displaying 7 results from an estimated 7 matches for "userauth_passwd".

2002 Feb 13
1
Warning message at password prompt
...----- Hash: SHA1 I've patched my local OpenSSH (currently 2.9p2, but the same patch applies to 3.0.2) to allow the cipher 'none' for both SSH1 and SSH2 connections. With SSH1, there is already code to print a warning that any password you enter will be sent in plain text. However the userauth_passwd() in sshconnect2.c does not have any such warning. I would like to discourage the users from sending plain-text passwords across the wire, even if the rest of the session is unencrypted. I can't work out how to do this, how to let userauth_passwd() take different actions depending on what enc...
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
...0000 1.78 +++ auth2.c 18 Dec 2001 19:07:13 -0000 @@ -341,7 +341,7 @@ userauth_none(Authctxt *authctxt) return(0); #ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw->pw_uid) == 0) + if (check_nt_auth(1, authctxt->pw) == 0) return(0); #endif #ifdef USE_PAM @@ -367,7 +367,7 @@ userauth_passwd(Authctxt *authctxt) packet_done(); if (authctxt->valid && #ifdef HAVE_CYGWIN - check_nt_auth(1, authctxt->pw->pw_uid) && + check_nt_auth(1, authctxt->pw) && #endif #ifdef USE_PAM auth_pam_password(authctxt->pw, password) == 1) @@ -404,7 +404,...
2005 Apr 24
0
Solaris console problem
...oll() works fine, writing to the terminal doesn't rase TTOU immediately (yeah, how did read() trigger a TTOU ???) As a relief, I guess I'll restrict the readpassphrase to only restart limited amount of times (and prevent the lockout), and also pass the RP_ALLOW_STDIN in "sshconnect2.c:userauth_passwd()", to allow ssh to actually work. P.S. cygwin also has an issue, when a native window application runs 'ssh' inside it, in that case the password can not be read from anywhere, and the whole thing just hangs... P.P.S. please include me into replies, I'm not on t...
2001 May 23
1
[PATCH]: Drop the use of `check_nt_auth'.
...auth_none(Authctxt *authctxt) if (authctxt->valid == 0) return(0); -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw->pw_uid) == 0) - return(0); -#endif #ifdef USE_PAM return auth_pam_password(authctxt->pw, ""); #elif defined(HAVE_OSF_SIA) @@ -380,9 +376,6 @@ userauth_passwd(Authctxt *authctxt) password = packet_get_string(&len); packet_done(); if (authctxt->valid && -#ifdef HAVE_CYGWIN - check_nt_auth(1, authctxt->pw->pw_uid) && -#endif #ifdef USE_PAM auth_pam_password(authctxt->pw, password) == 1) #elif defined(HAVE_OSF_...
2001 Apr 25
6
Updated partial auth patch against CVS
Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the
2002 Apr 22
9
Password from open filedescriptor
...ssword_from_fd = atoi(optarg); break; default: usage(); diff -bur openssh-3.1p1.org/sshconnect2.c openssh-3.1p1/sshconnect2.c --- openssh-3.1p1.org/sshconnect2.c Tue Feb 26 19:15:10 2002 +++ openssh-3.1p1/sshconnect2.c Mon Apr 22 10:28:28 2002 @@ -435,6 +435,7 @@ return 1; } + int userauth_passwd(Authctxt *authctxt) { @@ -442,6 +443,12 @@ char prompt[80]; char *password; + if (options.password_from_fd != -1) { + if (attempt++ >= 1) + return 0; + + password = read_password_from_fd(options.password_from_fd); + } else { if (attempt++ >= options.number_of_password_prompts)...
2006 Nov 15
11
OpenSSH Certkey (PKI)
...t_key=&verify_host_key_callback; @@ -168,6 +169,7 @@ Key *key; /* public/private key */ char *filename; /* comment for agent-only keys */ int tried; + int triedcert; int isprivate; /* key points to the private key */ }; TAILQ_HEAD(idlist, identity); @@ -206,6 +208,7 @@ void input_userauth_passwd_changereq(int, u_int32_t, void *); int userauth_none(Authctxt *); +int userauth_certkey(Authctxt *); int userauth_pubkey(Authctxt *); int userauth_passwd(Authctxt *); int userauth_kbdint(Authctxt *); @@ -224,6 +227,7 @@ void userauth(Authctxt *, char *); static int sign_and_send_pubkey(Au...