Displaying 20 results from an estimated 400 matches similar to: "[Bug 1215] sshd requires entry from getpwnam for PAM accounts"
2000 Feb 02
2
problems with openssh-1.2.2 and pam_tacplus.so
Hello,
I have the following problem: I have installed openssh-1.2.2 on FreeBSD
3.4-RELEASE. I intentionally did not took the FreeBSD port because it does
not support PAM. My aim is to make sshd authenticate against a TACACS+
server using the pam_tacplus.so module shipped with FreeBSD. That works
perfectly with this line in my /etc/pam.conf:
login auth sufficient pam_tacplus.so
2010 Jun 30
1
PAM Module:Openssh and Tacacs+ Question
Hi,
I am trying to get Openssh 5.5p1 to work with TACACS+. I have the TACACS
+ PAM module compiled on Ubuntu. I have compiled SSH --with-pam.
When the user is defined in /etc/passwd, the SSH authentication to the
TACACS+ server takes place successfully.
If I REMOVE the user from /etc/passwd OpenSSH sends a string called
INCORRECT to the TACACS+ server and it denies authentication.
I am trying
2018 Jan 03
2
SSHD and PAM
Hi I am trying to write pam_radius module which talks to RADIUS server for
aaa.
I see sshd checks /etc/passwd for user list. Since RADIUS server has user
list, can sshd ignore this check for RADIUS/TACACS+ authentication, Please
suggest if there are any flags to control it.
I am using the following versions.
OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017
I see sssd (NAS) being used for such use
2018 Jan 03
3
SSHD and PAM
On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote:
> HI, I do see some refernce on it: but seems not closed
> https://marc.info/?l=secure-shell&m=115513863409952&w=2
>
> http://bugzilla.mindrot.org/show_bug.cgi?id=1215
>
>
> Is this patch available in latest versions, 7.6?
No. It never was.
The SSSD is using NSS (Name Service Switch) [1] way of getting
2005 Jan 05
1
Windows groups in smb.conf
I've been trying to figure out the proper way of doing this, but
haven't stumbled across it yet.
For example, I want to give a windows group write access to a share.
[share]
write list = XXX
Should X be in the format of:
@DOMAIN\Group
DOMAIN\Group
'DOMAIN\Group'
What about groups like Domain Users which have a space in the domain name?
'DOMAIN\Domain Users'?
Myabe
2018 Jan 03
2
SSHD and PAM
Sudarshan Soma wrote:
> Does sssd/NSS has a way to fetch user names from sources like
> RADIUS/TACACS server?
My impression is that while this might be theoretically possible, nobody
does this. Especially it's not clear to me how you would push group
membership to the system. And AFAICS in case of TACACS+ there's also
only a single "role" available (translate this to
2006 Aug 09
3
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215
Summary: sshd requires entry from getpwnam for PAM accounts
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
2012 Jul 20
6
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215
Matt Joyce <matt.joyce at cloudscaling.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |matt.joyce at cloudscaling.com
--- Comment #13 from Matt Joyce <matt.joyce at cloudscaling.com> ---
2004 Dec 29
1
Samba 3.0.10 joining Windows 20003 ADS
abrams:~# kinit admin@CORP.TCC.INET
This seems to work just fine.
abrams:~# net ads join "TwinCities\TTAGS\SERVERS"
[2004/12/28 18:52:20, 0] libads/ldap.c:ads_add_machine_acct(1475)
Warning: ads_set_machine_sd: Unexpected information received
Using short domain name -- CORP
[2004/12/28 18:52:23, 0] libads/kerberos.c:get_service_ticket(335)
get_service_ticket: kerberos_kinit_password
2006 Oct 01
1
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215
------- Comment #3 from vadud3 at gmail.com 2006-10-02 04:00 -------
(In reply to comment #2)
> Created an attachment (id=1171)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1171&action=view) [edit]
> make sshd handle when getpwnam doesn't know about the user but PAM does
>
> Updated patch (against 4.3p2). Leaks
2005 Nov 10
1
tacacs+ RPM.?
Hi All,
is there an RPM for it for CentOS.? I tried "yum install tacacs+" but
got nothing. I also checked dags repo and found nothing. Cheers.
Mark Sargent.
2017 Jan 24
2
Need information to bypass the preauth in openssh
Hi,
I am Vishwanath, I got one requirement from our clients regarding remote
authentication. In which all users info present in remote user database.
Currently using openssh for SSH connections.
To open a new remote session via SSH, the openssh will look into the
/etc/passwd file. If user present then it will allow to login using
password or key authentication.
But in my case all user info is
2004 Jun 15
2
ssh daemon fails to call pam when user does not exist in /etc/passwd
Hi
We recenlty ugraded to openssh-3.7.1p2. Our architecture is
ssh daemon uses pam module which sends request to remote
radius/tacacs+ servers based on configuration.
Now if I create the user in /etc/passwd, then ssh daemon calls pam and
everthing works fine.
But if the user is not present in /etc/passwd, then ssh daemon is not
calling pam. The debug log is given below. All these
2008 Oct 15
0
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215
--- Comment #12 from Aaron Smith <soccergeek76 at gmail.com> 2008-10-15 16:19:59 ---
Created an attachment (id=1574)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1574)
Debug output of accounting failure
I am trying to use patches 1171, 1298, and 1300 in conjunction with the
pam_radius library. Authentication works fine, but
2015 Aug 21
0
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
https://bugzilla.mindrot.org/show_bug.cgi?id=1215
Brad Huntting <huntting at glarp.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |huntting at glarp.com
--- Comment #21 from Brad Huntting <huntting at glarp.com> ---
In most environments
2012 Oct 13
0
tacacs+ to radius bridge or proxy or something?
Is there any working solution to proxy tacacs+ to radius server? (it
can be commercial too?)
I found this old project: http://portal-to-web.de/tacacs/, but it is a
bit antique?
--
Eero
2015 Apr 10
3
LXC and syslog seperation (/dev/log)
Hello,
I'm seeing syslog messages "bleed" from the host and other LXC into
the messages, maillog, secure logs of other LXCs.
I'm using libvirt 1.0.0 on a host with systemd and kernel 3.9.10.
Each LXC is running an older non-systemd linux distribution
Is this a known issue? Is there a work around?
Thank you for you time,
Jim
--
James R. Leu | Director of Technology | INOC
2007 May 24
2
[RFC][PATCH] Detect and handle PAM changing user name
I've implemented a patch to openssh which allows the PAM auth layer
to detect if the PAM stack has changed the user name and then adjusts
its internal data structures accordingly. (imagine a PAM stack that
uses individual credentials to authenticate, but assigns the user to
a role account).
First, is the openssh community interested in this patch?
Second, if there is interest in the patch,
2009 Feb 25
1
when will samba4 become stable
I checked most samba 4 related posts and couldn't fine the answer. Is there
any targeted date for samba4 to become stable?
thanks,
Ying
2004 Apr 27
0
Can't access shares from Windows Clients (Win2003 AD & Samba3 as Member Server)
This is my first venture into the world of Samba 3. I have a Win2003 AD
domain in native mode (no Win2000, NT4 domain controllers.)
My samba server successfully joined the domain. The problem I'm having is
when I try to access shares on the samba server from a windows client, I get
a Username/Password prompt. Giving my AD username/password doesn't work.
Tried all variations of my