similar to: [Bug 1284] allow sftp when rlogin=false

Displaying 20 results from an estimated 120 matches similar to: "[Bug 1284] allow sftp when rlogin=false"

2015 Mar 01
0
[Bug 1284] allow sftp when rlogin=false
https://bugzilla.mindrot.org/show_bug.cgi?id=1284 Michael Felt <aixtools at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aixtools at gmail.com --- Comment #1 from Michael Felt <aixtools at gmail.com> --- Just thought it could be
2024 Jun 03
3
[Bug 3697] New: session.c:709:3: error: call to undeclared function 'PRIVSEP';
https://bugzilla.mindrot.org/show_bug.cgi?id=3697 Bug ID: 3697 Summary: session.c:709:3: error: call to undeclared function 'PRIVSEP'; Product: Portable OpenSSH Version: 9.7p1 Hardware: ARM64 OS: Mac OS X Status: NEW Severity: normal Priority: P5 Component:
2015 Mar 01
0
[Bug 1284] allow sftp when rlogin=false
https://bugzilla.mindrot.org/show_bug.cgi?id=1284 --- Comment #2 from Michael Felt <aixtools at gmail.com> --- p.s. re: sftp ignoring /etc/ftpusers. Question: is this by design? If not, is this something unexpected for all systems? -- You are receiving this mail because: You are watching the assignee of the bug.
2001 May 22
1
ssh looks at rlogin=false only at startup
Very early on in what seems to be quite a hot debate sometimes, I pointed out that sshd only controls rlogin=false at its startup, and if it is changed, sshd simply ignores it ie: chuser rlogin=true root sshd chuser rlogin=false root Will result in sshd ACCEPTING login from root, ie it seems to only check at its startup - is this a bit like ulimit behavior where you need need to log out and in
2000 Jul 14
0
rlogin/slogin handling [PATCH]
Hello. I noticed that OpenSSH 2.1.1p3 does not check whether it is being called as rlogin or slogin, like it's siblings do. This can get ugly if you have rlogin and rsh symlinked to ssh, and old r* commands are moved off in another place, as I do. Since Solaris rsh is hardcoded to call /usr/bin/rlogin, it will get stuck in an infinite loop. Below is a quick patch I hacked up, based on
2002 Oct 16
0
[Bug 383] PublicKeyAuthentication failure when rlogin set to false
http://bugzilla.mindrot.org/show_bug.cgi?id=383 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From mouring at eviladmin.org
2006 Sep 13
2
[Bug 1227] sftp-server does not respect rlogin = false
http://bugzilla.mindrot.org/show_bug.cgi?id=1227 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris
2006 Feb 02
2
rsh/rlogin on CentOS4.2
Hello all, I'm not quite sure what has changed in the recent rsh commands, but I can't seem to get around the password promting. I need a clnk rsh between two machines in order to run my backup script. I added all the usual .rhosts with the proper permissions et al added the xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when I use the rsh commands, I get either a
2006 Sep 13
4
[Bug 1226] sftp-server does not respect rlogin = false
http://bugzilla.mindrot.org/show_bug.cgi?id=1226 Summary: sftp-server does not respect rlogin = false Product: Portable OpenSSH Version: 4.3p2 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy: cris
2000 Jul 09
0
OpenSSH 2.1.1p2: /etc/nologin handling and related stuff
Attached is a patch to be applied with GNU patch -p0, notice that configure needs to be regenerated. The patch addresses the following annoyances: * On AIX there is a signal called SIGDANGER which is sent to all processes when the machine runs low on virtual memory. This patch makes sure that this signal is ignored, because the default on older AIX releases is to kill the running process
2002 Aug 22
7
[Bug 383] PublicKeyAuthentication failure when rlogin set to false
http://bugzilla.mindrot.org/show_bug.cgi?id=383 ------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 ------- what does "rlogin set to false" mean? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2001 May 17
5
AIX SSH 2.x ssh and /etc/ftpusers rcp rlogin WRONG !
IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark
2002 Sep 29
0
[PATCH] Only call loginrestiction on AIX if running as root
Hi All, I have found that the regression tests on AIX failed as a non-root user. This is due to a call to loginrestrictions() failing. The man page for loginrestrictions says: "Access Control:The calling process must have access to the account information in the user database and the port information in the port database." These files are: /etc/security/user,
1997 Sep 30
1
rlogin authentication bug
Hi, I have discovered a bug in the rhost module of Linux-PAM-0.57. This bug leads to a vulnerability in the remote login authentication, with the effect that ordinary user accounts may not be password protected. There is only one case when the bug causes a vulnerability: The problem case is when the user''s .rhost file has the name of a machine with *more than one IP address* as the
2002 Aug 09
0
[Bug 383] New: PublicKeyAuthentication failure when rlogin set to false
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=383 Summary: PublicKeyAuthentication failure when rlogin set to false Product: Portable OpenSSH Version: -current Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required
2002 Oct 13
1
[PATCH] AIX password expiration
Hi All. With one eye on the do_pam_chauthtok() stuff I've merged contributions by Pablo Sor and Mark Pitt into a patch against -current. I'm interested in testers and suggestions for improvements. The patch extends the loginrestrictions test to include expired accounts (but unlike Mark's patch, doesn't log accounts with expired passwords unless they're locked) and adds
2002 Mar 21
0
[Bug 178] New: Content of /etc/nologin isn't shown to users, fix triggers probably AIX bug
http://bugzilla.mindrot.org/show_bug.cgi?id=178 Summary: Content of /etc/nologin isn't shown to users, fix triggers probably AIX bug Product: Portable OpenSSH Version: 3.1p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:
2003 Jul 05
0
[PATCH] Replace AIX loginmsg with generic Buffer loginmsg
Hi All. I've decided to try to merge the -Portable parts of the password expiry patch (see bug #14) that do not depend on the OpenBSD change in bug #463. The attached patch is the first step in this process. It removes the AIX-specific "char *aixloginmsg" and replaces it with a platform-neutral "Buffer loginmsg". I think this is worth having in -Portable even if it
2001 Jan 03
0
AIX loginsuccess and aixloginmsg ?
Hi, I noticed that the AIX specific loginsuccess call uses char *aixloginmsg to retrieve login information. Later this message is printed in session.c (around line 753). Loginsuccess mallocs space for this message and according to the aix docs it's the responsibility of the calling program to free this message. I didn't notice any code in openssh that would free the aixloginmsg. Can