similar to: [Bug 582] Add 'KbdintXORPasswordAuthentication' option.

http://bugzilla.mindrot.org/show_bug.cgi?id=582 Summary: Add 'KbdintXORPasswordAuthentication' option. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=580 Summary: disable kbdint if host key mismatch Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: fcusack at

http://bugzilla.mindrot.org/show_bug.cgi?id=582 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |enhancement ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=582 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED ------- Comment #6 from dtucker at zip.com.au 2006-10-07 11:35 ------- Change all RESOLVED bug to CLOSED with the exception

Hello, I have a question about sshd and I'm unable to find an answer, I checked the man page, the FAQ, the archives of the mailing list without success. I'm in a small organization with a single server (Stable Linux Debian). It's connected to two networks: local-network and internet. >From the local network, everybody is allowed to do SSH (sftp in fact) but I want to restrict SSH

http://bugzilla.mindrot.org/show_bug.cgi?id=188 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Additional Comments From djm at mindrot.org 2003-05-14 22:32

Hello, I was chasing some unexpected behaviour from OpenSSH, and have come across an oddity in the source code which may or may not be a bug. In auth2-kbdint.c, the Authmethod struct declares options.kbd_interactive_authentication as the enabled flag for this method. However in the implementation function a few lines above, it checks options.challenge_response_authentication to decide whether to

http://bugzilla.mindrot.org/show_bug.cgi?id=559 Summary: PAM fixes Product: Portable OpenSSH Version: 3.6.1p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: fcusack at fcusack.com - start PAM

https://bugzilla.mindrot.org/show_bug.cgi?id=1922 Bug #: 1922 Summary: Disabling ChallengeResponseAuthentication also disables KbdInteractiveAuthentication Classification: Unclassified Product: Portable OpenSSH Version: 5.8p2 Platform: All OS/Version: All Status: NEW Severity: normal

Hey. Perhaps someone can help me with the following (OpenSSH 6.7): I have a host reachable via miscellaneous interfaces (and network addresses) running SSH. Some specific users should be only reachable from the inside, so e.g. though something like this would do the job in sshd_config: #general config #... Match User foo LocalAddress 10.0.0.1,fe80:abba::0 PasswordAuthentication

http://bugzilla.mindrot.org/show_bug.cgi?id=118 Summary: Implement TIS (protocol 1) via PAM Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: fcusack at

Hi, I'd like to allow PAM authentication only from the local network, and from the Internet only allow public key authentication. A similar-enough problem has been discussed on this list previously: http://www.gossamer-threads.com/lists/openssh/dev/47179?search_string=match%20challengeresponseauthentication;#47179 More specifically, I would like to allow PAM authentication from the

https://bugzilla.mindrot.org/show_bug.cgi?id=1438 Summary: Adds an out-of-band challenge (OBC) authentication method (via kbdint) Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal

When using PAM to do password authenticaion the attempt/failure counter appears to be getting confused. This is using a rh62 system with the openssh-2.9p2-1 rpms... On the client side... [matthewm at toadhall (7) matthewm]$ grep Auth /etc/ssh/ssh_config RhostsAuthentication no RhostsRSAAuthentication no HostbasedAuthentication no RSAAuthentication no PubkeyAuthentication yes

http://bugzilla.mindrot.org/show_bug.cgi?id=936 Summary: S/Key authentication fails if UsePAM=no Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: ulm at

[Not subscribed to this list, so please respond directly if you need to speak to me] In man5/sshd_config.5, a permissible keyword in a 'Match' block is missing. It currently lists only: AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin,

I need a way to make sshd require S/KEY authentication to succeed before allowing either password or public-key authentication. Currently, we can only have S/KEY+password, by using PAM for authentication, and configuring PAM accordingly. But PAM of course can't handle SSH public keys. I thought for a while that ideally we could actually use PAM to tell sshd what methods of authentication to

http://bugzilla.mindrot.org/show_bug.cgi?id=117 ------- Additional Comments From fcusack at fcusack.com 2002-04-16 23:27 ------- sshd should definitely not be using 'NOUSER'. The correct thing is to use the username, regardless of whether (pw) exists. I can't understand why you would substitute the value 'NOUSER'. ------- You are receiving this mail because: -------

Hello, I sent the following message to the Debian folks. They don't think that the Debian packaging could be responsible for the issue described there. > Well, I'm not completely convinced that we will have very useful input > for you. I don't really see any reason for this to be caused by the > Debian packaging. To check this, why not compile samba from sources,

I have sshd server sshd -V ... OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 ... running on linux/64 with cat sshd_config ... PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no