similar to: [Bug 1215] sshd requires entry from getpwnam for PAM accounts

Displaying 20 results from an estimated 10000 matches similar to: "[Bug 1215] sshd requires entry from getpwnam for PAM accounts"

2006 Aug 09
3
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215 Summary: sshd requires entry from getpwnam for PAM accounts Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org
2007 May 19
5
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215 Jesse Zbikowski <embeddedlinuxguy at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |embeddedlinuxguy at gmail.com --- Comment #7 from Jesse Zbikowski <embeddedlinuxguy at
2008 Oct 15
0
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215 --- Comment #12 from Aaron Smith <soccergeek76 at gmail.com> 2008-10-15 16:19:59 --- Created an attachment (id=1574) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1574) Debug output of accounting failure I am trying to use patches 1171, 1298, and 1300 in conjunction with the pam_radius library. Authentication works fine, but
2012 Jul 20
6
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215 Matt Joyce <matt.joyce at cloudscaling.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |matt.joyce at cloudscaling.com --- Comment #13 from Matt Joyce <matt.joyce at cloudscaling.com> ---
2015 Aug 21
0
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215 Brad Huntting <huntting at glarp.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |huntting at glarp.com --- Comment #21 from Brad Huntting <huntting at glarp.com> --- In most environments
2002 Feb 14
2
[Bug 117] OpenSSH second-guesses PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=117 ------- Additional Comments From djm at mindrot.org 2002-02-15 10:10 ------- > OpenSSH traditionally would not even start PAM, and > now starts it specifying 'NOUSER' as the login name. We have always used NOUSER, the recent patch just makes it consistent between protocols 1 and 2. > The second is to prevent username guessing
2006 Oct 27
1
Requirement for sshd account since 4.4p1
Hi, there's a change made to 4.4p1, which gave some irritation on the Cygwin mailing list. It's a change from 20060907: - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can be used to drop privilege to; fixes Solaris GSSAPI crash reported by Magnus Abrante; suggestion and feedback dtucker@ NB. this change will require that the privilege separation user must
2002 Aug 30
4
Patch so that sshd makes use of PAM_USER
<<pam_user.patch>> Hello. I created a patch that causes sshd to take notice of the value of PAM_USER after calling into the pam_xxx functions. This makes it possible for a PAM module to effect user mappings by setting the value of PAM_USER with pam_set_item(). If anyone has comments or suggestions, let me know. Thanks, Jeremy -------------- next part -------------- A non-text
2001 Sep 05
2
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>Neither the Sun PAM documentation nor the Linux-PAM documentation >describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail. I would agree it is vague, but then that is also a problem with the XSSO document (http://www.opengroup.org/onlinepubs/008329799/) >Could we please have a clarification on the semantics of >PAM_CRED_ESTABLISH vs. the semantics of
2006 Sep 12
3
Weird TZ Behavior in 4.1p1 and 4.3p2 on AIX
Hi, I am using PAM authentication on 3.8p1. In my PAM auth module I can turn on debug logging that includes a timestamp in the form "mm/dd/yy hh:mm:ss". Life is good. I want to upgrade from 3.8p1 so I can use PAM for PasswordAuthentication in addition to keyboard-interactive. I have compiled both 4.1p1 and 4.3p2 and the PAM authentication for both methods works fine in both
2018 Jan 03
3
SSHD and PAM
On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote: > HI, I do see some refernce on it: but seems not closed > https://marc.info/?l=secure-shell&m=115513863409952&w=2 > > http://bugzilla.mindrot.org/show_bug.cgi?id=1215 > > > Is this patch available in latest versions, 7.6? No. It never was. The SSSD is using NSS (Name Service Switch) [1] way of getting
2001 Sep 05
1
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>> >Could we please have a clarification on the semantics of >> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS? >> >> My interpretation is: >> >> You call PAM_ESTABLISH_CRED to create them >> You call PAM_REINITIALIZE_CRED to update creds that can expire over time, >> for example a kerberos ticket. Oops. I meant
2001 Aug 15
2
PAM and getpwnam [ struct passwd *getpwnam(const char * name) ]
Hello! I use a PAM-module (pam_ncp_auth from ncpfs) for authentication against a netware server. pam_ncp_auth can create local UNIX user accounts from information in NDS, and it works perfect with login, gdm and telnet. But not with openssh (2.5 and 2.9). It works perfect if the user already is in /etc/passwd, but the first time he logs on he doesn't exist there. In that case openssh call
2001 Oct 31
3
2.9.9p2 and Solaris-2.8 PAM: Cannot delete credentials[7]: Permission denied
The 2 errors: pam_setcred: error Permission denied Cannot delete credentials[7]: Permission denied Looks to be a major bug in the PAM module for Solaris-2.8/2.7/2.6. Has anyone from the list (developers of OpenSSH, endusers, hackers, etc.) came up w/ a solution? Even a temporary one? When authenticating yourself on the same system that worked, but when authenticating to another system failed. I
2007 Jun 27
1
User mapping via pam
Hi, I'm trying to change the PAM_USER within a pam module, and observed that dovecot 0.99 does not support this. I then looked at 1.x and found: src/auth/passdb-pam.c:232: /* FIXME: this doesn't actually work since we're in the child process.. */ status = pam_get_item(pamh, PAM_USER, (linux_const void **)&item); if (status !=
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes PAM authentication take place in a separate process or thread (launched from sshpam_init_ctx() in auth-pam.c). By default (if you don't define USE_POSIX_THREADS) the code "fork"s a separate process. Or if you define USE_POSIX_THREADS it will create a new thread (a second one, in addition to the primary thread). The
2007 May 24
2
[RFC][PATCH] Detect and handle PAM changing user name
I've implemented a patch to openssh which allows the PAM auth layer to detect if the PAM stack has changed the user name and then adjusts its internal data structures accordingly. (imagine a PAM stack that uses individual credentials to authenticate, but assigns the user to a role account). First, is the openssh community interested in this patch? Second, if there is interest in the patch,
2009 Jul 22
2
PAM_USER falsely assumed immutable
In 1.2.1 there's: passdb-pam.c:230 status = pam_get_item(pamh, PAM_USER, &item); passdb-pam.c:237 auth_request_set_field(request, "user", item, NULL); so "item" is PAM_USER, which is then checked by auth_request_set_field: 1022 if (strcmp(request->user, value) != 0) { 1023 auth_request_log_debug(request,
2018 Jan 03
2
SSHD and PAM
Hi I am trying to write pam_radius module which talks to RADIUS server for aaa. I see sshd checks /etc/passwd for user list. Since RADIUS server has user list, can sshd ignore this check for RADIUS/TACACS+ authentication, Please suggest if there are any flags to control it. I am using the following versions. OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017 I see sssd (NAS) being used for such use
2006 Sep 29
2
OpenSSH 4.4p1 under Mac OS X 10.3.9
Hi there, I've run into a strange problem. I have just finished building OpenSSH 4.4p1 against openssl 0.9.8d under Mac OS X 10.3.9 and 10.4.7. Both were installed as updates to OpenSSH 4.3p2/openssl 0.9.8c (not Apple's obsolete versions which are bypassed). The 10.4.7 build works as expected, whereas the 10.3.9 build throws Disconnecting: Bad packet length 2477450673. when I