Displaying 20 results from an estimated 6000 matches similar to: "[Bug 563] getaddrinfo() in libopenbsd-compat.a breaks heimdal-linked pam_krb5"
2003 May 12
2
[Bug 563] getaddrinfo() in libopenbsd-compat.a breaks heimdal-linked pam_krb5
http://bugzilla.mindrot.org/show_bug.cgi?id=563
Summary: getaddrinfo() in libopenbsd-compat.a breaks heimdal-
linked pam_krb5
Product: Portable OpenSSH
Version: -current
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
2004 Aug 17
0
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
http://bugzilla.mindrot.org/show_bug.cgi?id=688
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO|822 |914
nThis| |
------- Additional Comments From dtucker at zip.com.au 2004-08-17 19:08 -------
2004 Mar 30
2
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
http://bugzilla.mindrot.org/show_bug.cgi?id=688
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |822
nThis| |
Status|NEW |ASSIGNED
2005 Mar 07
1
[Bug 859] getaddrinfo(host, "0", &hints, &res) may take extra cycles
http://bugzilla.mindrot.org/show_bug.cgi?id=859
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO|914 |994
nThis| |
------- Additional Comments From dtucker at zip.com.au 2005-03-07 16:12
2018 Oct 22
2
[PATCH] ssh: Add missing openssl-compat.h where needed
OpenSSL_add_all_algorithms has been deprecated with 1.1. Compatibility
is needed.
Signed-off-by: Rosen Penev <rosenp at gmail.com>
---
ssh-keysign.c | 1 +
ssh_api.c | 2 ++
2 files changed, 3 insertions(+)
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 744ecb4f..bcd1508c 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -40,6 +40,7 @@
#include <openssl/evp.h>
#include
2018 Nov 19
2
[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
OpenSSL 1.1.0 has deprecated this function.
---
configure.ac | 1 +
openbsd-compat/openssl-compat.c | 2 ++
openbsd-compat/openssl-compat.h | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/configure.ac b/configure.ac
index 3f7fe2cd..db2aade8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then
])
2003 Sep 08
0
Base pam_krb5 on recent -STABLE and credential cache storage
Hello,
Prequalify: I'm quite a novice w/ Kerberos, so my terminology and
assumptions may be rough. Also, please CC me since I'm not a list
subscriber.
I'm running a fairly recent -STABLE [1] and have installed the base
Heimdal Kerberos implementation via the MAKE_KERBEROS5 knob in
/etc/make.conf. I'm having the problem that I don't see a cached
credential file being created
2005 Nov 11
0
pam_krb5 pam_sm_authenticate question
First time poster so be kind :)
I was looking at the pam_krb5.c code and noticed that for authentication
to succeed getpwnam() has to succeed.
Previously I had setup a web site using mod_auth_pam to authenticate
against an active directory (AD) server using a pam config like:
# auth
auth required pam_krb5.so no_ccache no_warn
# account
account required
2003 Sep 05
1
pam_winbind verses pam_krb5
Greetings ...
Have a question, was is the advantages of use pam_winbind verses
pam_krb5 for Samba user authentaction?
I mean, if I point my Linux box Kerberos to a Win2003 AD server, I
am able to authenticate my users out of AD, but at the moment still
having problems with winbind and nsswitch.
Is there an advantage to using pam_winbind instead of pam_krb5?
Mailed
Lee
2014 Jan 20
0
auth_default_realm, pam_krb5, gssapi
Hi,
Just writing here my note about auth_default_realm, pam_krb5 and gssapi.
It seems that 'pam' passdb and 'gssapi' auth_mechanism doesn't honor
'auth_default_realm' setting, at least in several setups I deal with.
Here is a part of the config:
passdb {
args = max_requests=100 cache_key=%u%r dovecot
driver = pam
}
auth_default_realm = REALM.COM
2005 Mar 21
2
Winbind vs pam_krb5/nss_ldap
Hi all,
I am just after some opinions about the pros and cons of winbind
compared to the 'standard' kerberos and ldap methods. I've have
already got single sign on working with pam_krb5 and nss_ldap (using
SASL/GSSAPI) against SBS 2003 (with MSSFU 3.0) using Debian Sarge as
clients/'member servers', and integration of Samba is the next bit I'm
looking at.
The impressions
2002 Feb 27
0
[Bug 127] New: PAM with ssh authentication and pam_krb5 doesn't work properly
http://bugzilla.mindrot.org/show_bug.cgi?id=127
Summary: PAM with ssh authentication and pam_krb5 doesn't work
properly
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2002 Feb 24
0
Sol8/pam_krb5/OpenSSH 3.0.2
with the following pam.conf entries, after being prompted for a login
password the connection is closed:
other auth sufficient /usr/lib/security/$ISA/pam_krb5.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
the system logs the error:
sshd[4215]: fatal: input_userauth_info_response_pam: no authentication
context
if the pam.conf entry is changed to the
2002 Feb 27
0
[Bug 128] New: PAM with ssh authentication and pam_krb5 doesn't work properly
http://bugzilla.mindrot.org/show_bug.cgi?id=128
Summary: PAM with ssh authentication and pam_krb5 doesn't work
properly
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2002 Apr 26
0
[Bug 228] New: pam_krb5 on Solaris creates credentials with wrong owner
http://bugzilla.mindrot.org/show_bug.cgi?id=228
Summary: pam_krb5 on Solaris creates credentials with wrong owner
Product: Portable OpenSSH
Version: 3.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2003 Oct 02
1
pam_krb5 errors on OpenSSH3.6.1p2
A few weeks ago, we upgraded our Red Hat 7.3 and 9 machines to OpenSSH
3.6.1p2 w/ the corresponding version of Simon's GSSAPI patch.
All the expected functionality seems to be there: I can ssh/scp/sftp via
Kerberos tickets or local password. However, I seem to be getting a new
error message in my logs:
For Red Hat 7.3:
Message from syslogd at gallifrey at Thu Oct 2 17:24:12 2003 ...
2008 Oct 05
0
CESA-2008:0907 Moderate CentOS 5 x86_64 pam_krb5 Update
CentOS Errata and Security Advisory 2008:0907 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0907.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
170d6bff250c6421af85fe945afac813 pam_krb5-2.2.14-1.el5_2.1.i386.rpm
52cd3e3625edcd04e98bef7f50c4e19d pam_krb5-2.2.14-1.el5_2.1.x86_64.rpm
Source:
2010 Jul 21
0
CEBA-2010:0529 CentOS 4 x86_64 pam_krb5 Update
CentOS Errata and Bugfix Advisory 2010:0529
Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0529.html
The following updated files have been uploaded and are currently
syncing to the mirrors:
x86_64:
pam_krb5-2.1.17-8.el4_8.1.i386.rpm
pam_krb5-2.1.17-8.el4_8.1.x86_64.rpm
Source:
pam_krb5-2.1.17-8.el4_8.1.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
2011 Sep 22
0
CEBA-2011:1016 CentOS 5 x86_64 pam_krb5 Update
CentOS Errata and Bugfix Advisory 2011:1016
Upstream details at : https://rhn.redhat.com/errata/RHBA-2011-1016.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
3720267fe5df2bfb732084f67ecfc7c6 pam_krb5-2.2.14-21.el5.i386.rpm
2806603ba5624fbef4c756b058c971ad pam_krb5-2.2.14-21.el5.x86_64.rpm
Source:
2005 Jun 08
1
Possible security flaw in OpenSSH and/or pam_krb5
openssh-unix-dev at mindrot.org
kerberos at ncsa.uiuc.edu
We believe there is a security flaw in either OpenSSH and/or RedHat's pam_krb5
module. When a Kerberos principal has the REQUIRES_PWCHANGE
(+needchange) flag set, OpenSSH+pam_krb5 will still successfully
authenticate the user. Local 'su' and 'login' fail in this case which
leads us to believe it's at least