similar to: [Bug 1284] allow sftp when rlogin=false

https://bugzilla.mindrot.org/show_bug.cgi?id=1284 Michael Felt <aixtools at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aixtools at gmail.com --- Comment #1 from Michael Felt <aixtools at gmail.com> --- Just thought it could be

https://bugzilla.mindrot.org/show_bug.cgi?id=3697 Bug ID: 3697 Summary: session.c:709:3: error: call to undeclared function 'PRIVSEP'; Product: Portable OpenSSH Version: 9.7p1 Hardware: ARM64 OS: Mac OS X Status: NEW Severity: normal Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=1284 --- Comment #2 from Michael Felt <aixtools at gmail.com> --- p.s. re: sftp ignoring /etc/ftpusers. Question: is this by design? If not, is this something unexpected for all systems? -- You are receiving this mail because: You are watching the assignee of the bug.

Very early on in what seems to be quite a hot debate sometimes, I pointed out that sshd only controls rlogin=false at its startup, and if it is changed, sshd simply ignores it ie: chuser rlogin=true root sshd chuser rlogin=false root Will result in sshd ACCEPTING login from root, ie it seems to only check at its startup - is this a bit like ulimit behavior where you need need to log out and in

Hello. I noticed that OpenSSH 2.1.1p3 does not check whether it is being called as rlogin or slogin, like it's siblings do. This can get ugly if you have rlogin and rsh symlinked to ssh, and old r* commands are moved off in another place, as I do. Since Solaris rsh is hardcoded to call /usr/bin/rlogin, it will get stuck in an infinite loop. Below is a quick patch I hacked up, based on

http://bugzilla.mindrot.org/show_bug.cgi?id=383 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From mouring at eviladmin.org

http://bugzilla.mindrot.org/show_bug.cgi?id=1227 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris

Hello all, I'm not quite sure what has changed in the recent rsh commands, but I can't seem to get around the password promting. I need a clnk rsh between two machines in order to run my backup script. I added all the usual .rhosts with the proper permissions et al added the xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when I use the rsh commands, I get either a

http://bugzilla.mindrot.org/show_bug.cgi?id=1226 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris

Attached is a patch to be applied with GNU patch -p0, notice that configure needs to be regenerated. The patch addresses the following annoyances: * On AIX there is a signal called SIGDANGER which is sent to all processes when the machine runs low on virtual memory. This patch makes sure that this signal is ignored, because the default on older AIX releases is to kill the running process

http://bugzilla.mindrot.org/show_bug.cgi?id=383 ------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 ------- what does "rlogin set to false" mean? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark

Hi All, I have found that the regression tests on AIX failed as a non-root user. This is due to a call to loginrestrictions() failing. The man page for loginrestrictions says: "Access Control:The calling process must have access to the account information in the user database and the port information in the port database." These files are: /etc/security/user,

Hi, I have discovered a bug in the rhost module of Linux-PAM-0.57. This bug leads to a vulnerability in the remote login authentication, with the effect that ordinary user accounts may not be password protected. There is only one case when the bug causes a vulnerability: The problem case is when the user''s .rhost file has the name of a machine with *more than one IP address* as the

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=383 Summary: PublicKeyAuthentication failure when rlogin set to false Product: Portable OpenSSH Version: -current Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at

This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required

Hi All. With one eye on the do_pam_chauthtok() stuff I've merged contributions by Pablo Sor and Mark Pitt into a patch against -current. I'm interested in testers and suggestions for improvements. The patch extends the loginrestrictions test to include expired accounts (but unlike Mark's patch, doesn't log accounts with expired passwords unless they're locked) and adds

http://bugzilla.mindrot.org/show_bug.cgi?id=178 Summary: Content of /etc/nologin isn't shown to users, fix triggers probably AIX bug Product: Portable OpenSSH Version: 3.1p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hi All. I've decided to try to merge the -Portable parts of the password expiry patch (see bug #14) that do not depend on the OpenBSD change in bug #463. The attached patch is the first step in this process. It removes the AIX-specific "char *aixloginmsg" and replaces it with a platform-neutral "Buffer loginmsg". I think this is worth having in -Portable even if it

Hi, I noticed that the AIX specific loginsuccess call uses char *aixloginmsg to retrieve login information. Later this message is printed in session.c (around line 753). Loginsuccess mallocs space for this message and according to the aix docs it's the responsibility of the calling program to free this message. I didn't notice any code in openssh that would free the aixloginmsg. Can