Displaying 20 results from an estimated 6000 matches similar to: "[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'"
2003 Sep 22
4
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
Summary: With 'PermitRootPassword without-password' set, root
w/pass can still log in with a using 'keyboard-int/pam'
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority:
2004 Mar 30
6
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |iand at ekit-inc.com
------- Additional Comments From dtucker at zip.com.au 2004-03-30 12:00 -------
*** Bug 713 has been marked as a
2003 Jan 29
2
PermitRootLogin=yes no longer lets root login
Hi All,
While testing another patch, I found that I could not longer log in as
root, even if PermitRootLogin was yes. It seems to be the following
code in auth_password:
$ cvs diff -r1.48 -r1.49 auth-passwd.c
[snip]
#ifndef HAVE_CYGWIN
- if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
+ if (pw->pw_uid == 0 && options.permit_root_login !=
2004 Aug 17
0
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO|822 |914
nThis| |
------- You are receiving this mail because: -------
You are the assignee for
2005 Mar 09
0
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Additional Comments From dtucker at zip.com.au 2005-03-10 09:07 -------
With the release of OpenSSH 4.0, these bugs
2006 Sep 14
3
[PATCH] PermitRootLogin woes
Hi all,
among other things, we provide shell access to various unix based
platforms for our students and university staff. Recently, there has been
increasing number of root login attacks on one particular Tru64 machine
running OpenSSH.
The host is configured with "PermitRootLogin no" but every once in a while
SIA auth with TCB enhanced security locks the root account.
I suppose
2003 Nov 18
4
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwor ds
It works for the "yes" case but not for the "without-password" case.
The function that checks (auth_root_allowed(auth_method) is special
cased for "password". The Pam case sends "keyboard-interactive/pam"
which like all other authentication methods except password succeeds.
Here is a patch to make it work for me. Please feel free to criticize
as
2005 Apr 07
1
PermitRootLogin and Tru64 SIA
I have "PermitRootLogin no" in my sshd_config, but under Tru64 and SIA,
the root login attempts still get passed to the SIA system (so I get
lots of warnings about failed root logins). On systems with a "max
failed attempts" setting, the root account can be locked out this way.
I started looking at the code, and I'm not sure I understand what I see.
In auth-passwd.c,
2005 Jan 11
11
[Bug 914] [RELENG] Bugs planned to be fixed *after* 3.9
http://bugzilla.mindrot.org/show_bug.cgi?id=914
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |971
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2008 Feb 07
1
"PermitRootLogin no" fails
I'm running version 4.7p1 of OpenSSH on a Linux system (it was
originally a RedHat system, but I've changed almost everything.) When
I originally built OpenSSH I used the config option --without-pam, and
installed the software in /usr/local. I explicitly forbade root login
with sshd (by setting the PermitRootLogin to "no" in the sshd_config
file), but found that I could login as
2002 Jun 14
1
[PATCH]: auth-passwd.c: Eliminate a Cygwin special case
Hi,
as it turned out on the Cygwin mailing list, the special handling
of empty password in auth-passwd.c when running under Windows NT
results in problems.
Cause: The authentication methode "none" calls auth_password()
with an empty password. A piece of HAVE_CYGWIN code allows empty
passwords even if PermitEmptyPasswords is set to "no". This in
turn results in calling
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly
soon.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2002 Jun 07
4
openssh for UWIN
I am enclosing a context diff of the changes that I made to get
openssh working on UWIN. UWIN is a UNIX operating system layer
that runs on Win32 systems. For more information on UWIN
go to http://www.research.att.com/sw/tools/uwin/.
I also ran configure using -with-cppflags=-D_BSDCOMP=2. I don't
know where that information would go with the source code.
Let me know if you need more
2005 Jan 20
1
PermitRootLogin without-password functionality differs for UsePAM yes/no option
Hi,
I am using OpenSSH 3.9p1. For " UsePAM yes/no " option with "
PermitRootLogin without-password", the server functionality differs.
For " UsePAM yes ", the server allows authentication thru password,
meanwhile " UsePAM no " does not. I have fixed that problem and the
patch is given below.
2001 Nov 06
13
OpenSSH 3.0
OpenSSH 3.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
This release contains many portability bug-fixes (listed in the
ChangeLog) as well as several new features (listed below).
We would like to thank the
2002 Jul 12
0
[Bug 325] PermitRootLogin forced-commands-only & privsep - not working together
http://bugzilla.mindrot.org/show_bug.cgi?id=325
------- Additional Comments From hlein at progressive-comp.com 2002-07-13 06:14 -------
Seeing this here too; it appears that when auth2.c:userauth_finish is called,
forced_command has been cleared (or perhaps, never set in that forked sshd) so
the call to auth_root_allowed(method) returns 0. The following patch makes
forced-command logins as
2003 Nov 17
1
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwords
Greetings,
I know that part of the following has been discussed here before but
please bear with me.
We are running on Solaris versions 2.6 - 9 with a NISplus name service.
The permissions on the NISplus password map have been modified to
limit read access to the encrypted password field of the passwd table
to only the entry owner and the table administrators. See:
2015 Sep 02
3
[Bug 2456] New: gssapi-keyex blocked by PermitRootLogin=without-password
https://bugzilla.mindrot.org/show_bug.cgi?id=2456
Bug ID: 2456
Summary: gssapi-keyex blocked by
PermitRootLogin=without-password
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sshd
2004 Mar 22
1
PermitRootLogin issues
Hello,
I'm currently experiencing the issue laid out in this thread from last year:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106908815129641&w=2
The discussion that ensued resulted in a number of ideas on how best to
'fix' this issue. The two that seemed most reasonable were:
1. implement a pubkey-only option to PermitRootLogin that would only
allow root to login