Displaying 20 results from an estimated 70000 matches similar to: "[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'"
2004 Mar 30
6
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |iand at ekit-inc.com
------- Additional Comments From dtucker at zip.com.au 2004-03-30 12:00 -------
*** Bug 713 has been marked as a
2005 Jan 11
3
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |971
------- Additional Comments From dtucker at zip.com.au 2005-01-11 18:25 -------
Patch attachment #766 in bug #971 should fix this.
2004 Aug 17
0
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO|822 |914
nThis| |
------- You are receiving this mail because: -------
You are the assignee for
2003 Sep 22
4
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
Summary: With 'PermitRootPassword without-password' set, root
w/pass can still log in with a using 'keyboard-int/pam'
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority:
2004 Apr 14
2
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
http://bugzilla.mindrot.org/show_bug.cgi?id=808
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |821
nThis| |
------- Additional Comments From dtucker at zip.com.au 2004-04-13 19:07 -------
2004 Mar 06
0
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
bugzilla-daemon at mindrot.org wrote:
>Summary: segfault if not using pam/keyboard-interactive mech and
> password's expired
I'm sorry to report that there is a bug in the PAM code in OpenSSH
3.8p1, and sorrier to say that I put it there. This is a NULL pointer
dereference and is *not* considered to be a security vulnerability.
When sshd is configured --with-pam, run with
2003 Feb 20
3
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #215 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2003-02-20 20:51 -------
2003 Apr 14
1
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
------- Additional Comments From dtucker at zip.com.au 2003-04-15 09:57 -------
Patch against 3.6.1p1 now available. No
2003 May 17
0
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |463
------- Additional Comments From dtucker at zip.com.au 2003-05-17 15:18 -------
Scott Burch found a bug in the PAM+PrivSep case
2003 Dec 18
1
PAM, chauthtok and keyboard-interactive
Hi All.
Today a patch was commited to OpenSSH that performs PAM password
changes via SSH2 keyboard-interactive authentication. I should work
fine with privsep, which some of the other solutions have problems with.
While the patch itself is relatively small, it's bigger than it should
have been due to differences in PAM implementations.
I encourage anyone with a interest in this to try
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
Hi All.
Attached is another patch that attempts to do pam_chauthtok() via SSH2
keyboard-interactive authentication. It now passes the results from the
authentication thread back to the monitor (based on a suggestion from
djm).
Because of this, it doesn't call do_pam_account twice and consequently
now works on AIX 5.2, which the previous version didn't. I haven't tested
it on any
2003 Jan 09
7
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
------- Additional Comments From dtucker at zip.com.au 2003-01-09 23:17 -------
Created an attachment (id=199)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=199&action=view)
Implement password change via /bin/passwd in session.
openssh-passexpire10.patch:
* Implementes shadow and AIX password expiry.
* Adds general expire_message
2004 Feb 07
14
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |793
nThis| |
------- You are receiving this mail because: -------
You are on the CC list for
2004 Jun 01
1
Sending immediate PAM auth failure messages via kbd-int
Hi.
One thing that people seem to want to do with PAM is to deny a login
immediately without interacting but return a message to the user. (Some
platforms implement, eg, /etc/nologin via PAM this way.) Currently, sshd
will just deny the login and the user will not be told why.
Attached it a patch that return a keyboard-interactive packet with the
message in the "instruction"
2004 Mar 04
3
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
http://bugzilla.mindrot.org/show_bug.cgi?id=808
Summary: segfault if not using pam/keyboard-interactive mech and
password's expired
Product: Portable OpenSSH
Version: 3.8p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
2005 Jan 11
11
[Bug 914] [RELENG] Bugs planned to be fixed *after* 3.9
http://bugzilla.mindrot.org/show_bug.cgi?id=914
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |971
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2006 Oct 07
0
[Bug 1189] PAM module hangs root logout
http://bugzilla.mindrot.org/show_bug.cgi?id=1189
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Comment #18 from dtucker at zip.com.au 2006-10-07 11:45 -------
Change all RESOLVED bug to CLOSED with the exception
2003 Nov 20
0
[Bug 695] Cannot change password in PAM NIS+ environment
http://bugzilla.mindrot.org/show_bug.cgi?id=695
------- Additional Comments From dtucker at zip.com.au 2003-11-20 00:03 -------
Created an attachment (id=503)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=503&action=view)
Do chauthtok via SSH2 keyboard-interactive.
Please try this patch? There's still work to be done on it but it seems to
work with local passwords.
2003 Sep 05
1
[Bug 345] w (uptime) command still indicates user is logged in after logout
http://bugzilla.mindrot.org/show_bug.cgi?id=345
------- Additional Comments From dtucker at zip.com.au 2003-09-05 13:56 -------
Created an attachment (id=379)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=379&action=view)
Remove DISABLE_UTMP from HP-UX 10.x
Are we going to do something like this? Anyone with HP-UX 10.x experience want
to comment?
------- You are receiving
2003 Jan 24
0
[Bug 473] cannot update password using PAM on HP-UX system that has been tsconverted
http://bugzilla.mindrot.org/show_bug.cgi?id=473
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From dtucker at zip.com.au 2003-01-25