similar to: [Bug 975] Kerberos authentication timing can leak information about account validity

http://bugzilla.mindrot.org/show_bug.cgi?id=1058 Summary: Updating protected password database in HP-UX Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=975 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |1155 nThis| | ------- You are receiving this mail because: ------- You are the assignee for

http://bugzilla.mindrot.org/show_bug.cgi?id=1087 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Group|Portable OpenSSH | ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=975 ------- Additional Comments From simon at sxw.org.uk 2005-07-07 01:14 ------- I can't see any problem with dtucker's second patch. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1032 Summary: PrintLastLog is not working with UseLogin yes Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

http://bugzilla.mindrot.org/show_bug.cgi?id=1030 Summary: sshd writes twice to wtmp when "UseLogin" is yes Product: Portable OpenSSH Version: 4.0p1 Platform: HPPA OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=1083 Summary: Disable login for locked account Product: Portable OpenSSH Version: 4.2p1 Platform: HPPA OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: senthilkumar_sen at

http://bugzilla.mindrot.org/show_bug.cgi?id=980 Summary: sshd does not write the session leader pid to utmp when priv-separation is enabled Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd

http://bugzilla.mindrot.org/show_bug.cgi?id=1011 Summary: Multiple log entries for successful pubkey authentication Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at

Greetings, I'm working on the infrastructure of a medium size client/server environment using an Active Directory running on Windows Server 2003 for central authentication of users on linux clients. Additionally OpenAFS is running using Kerberos authentication through Active Directory as well. Now I want to grant users remote access to their AFS data by logging in into a central OpenSSH

http://bugzilla.mindrot.org/show_bug.cgi?id=980 ------- Additional Comments From senthilkumar_sen at hotpop.com 2005-04-29 00:28 ------- I tried passing SIGTERM to the sshd user process after applying the patch (id=821) and it is not cleaning up the wtmp entries. What would be needed in the patch additionaly so that proper pid is passed at the time of cleaning wtmp entries when SIGTERM is

http://bugzilla.mindrot.org/show_bug.cgi?id=52 ------- Comment #47 from tsi at ualberta.ca 2007-02-17 03:06 ------- (In reply to comment #46) > Yes, but that workaround doesn't need the patch. However, with latest > patch, there is no hang when I run test2.ksh and exit from the shell on > linux. But it is not the case with HP-UX. So Im wondering what the > patch is doing with

http://bugzilla.mindrot.org/show_bug.cgi?id=1029 Summary: SIGTERM and cleanup of wtmp files Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: senthilkumar_sen

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

>From either a Linux or Mac domain member, I have tried logging into the Samba4 AD server as a domain user: labmac:~ mark$ ssh mark at mail pwd mark at mail's password: Permission denied, please try again. where 'mail' is the AD/DC. It also fails if I am on the AD/DC an try the same ssh. I've tried setting either the GSSAPIAuthentication or KerberosAuthentication in

http://bugzilla.mindrot.org/show_bug.cgi?id=1065 Summary: password expiration and SSH keys don't go well together Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org

Hello All, Im using OpenSSH 4.2p1 statically linked with OpenSSL 0.9.7i. It looks now that a fips certified OpenSSL is now available at http://www.openssl.org/source/OpenSSL-fips-1.0.tar.gz . I like to know of any patches applicable for OpenSSH versions to make it fips compliant. Is there any idea for OpenSSH core team to make OpenSSH as fips compliant? What amount of work it needs at this

Hello All, The changing of group for the root results in the following message with OpenSSH 3.9p1 "permanently_set_uid: was able to restore old [e]gid" The following change in uidswap.c fixes me the problem. /* Try restoration of GID if changed (test clearing of saved gid) */ - if (old_gid != pw->pw_gid && + if(getgid() != pw->pw_gid && (setgid(old_gid)