Displaying 20 results from an estimated 1100 matches similar to: "[Bug 1339] New: pam_dhkeys doesn't work ( PAM_REINITIALIZE_CRED without PAM_ESTABLISH_CRED)"
2004 Mar 30
2
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
http://bugzilla.mindrot.org/show_bug.cgi?id=688
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |822
nThis| |
Status|NEW |ASSIGNED
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,
2001 Sep 05
1
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>> >Could we please have a clarification on the semantics of
>> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS?
>>
>> My interpretation is:
>>
>> You call PAM_ESTABLISH_CRED to create them
>> You call PAM_REINITIALIZE_CRED to update creds that can expire over time,
>> for example a kerberos ticket.
Oops. I meant
2002 Feb 27
0
[Bug 127] New: PAM with ssh authentication and pam_krb5 doesn't work properly
http://bugzilla.mindrot.org/show_bug.cgi?id=127
Summary: PAM with ssh authentication and pam_krb5 doesn't work
properly
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2002 Feb 27
0
openssh & solaris
while trying to sort out the PAM incompatabilities between openssh 3.0.2p1
and solaris 8 and sun's pam_krb5 i got some things to work. i'm really not
sure where the appropriate place to submit patches is so for now i'm sending
them here.
this patch will allow PAM interoperability when using sun's pam_krb5 without
using the system login routine (this way X forwarding will
2001 Aug 28
1
OpenSSHd barfs upon reauthentication: PAM, Solaris 8
We've been having trouble with OpenSSH 2.9p2, running on Solaris 8
(a domain of an E10k), with PAM authentication turned on. It
intermittently crashes with signal 11 (seg fault) after the password
is entered, after the MOTD is displayed, but before control is passed
over to the login shell. I eventually managed to persuade sshd's child
process to consistently crash, upon entry of an
2001 Sep 05
2
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>Neither the Sun PAM documentation nor the Linux-PAM documentation
>describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail.
I would agree it is vague, but then that is also a problem with the XSSO
document (http://www.opengroup.org/onlinepubs/008329799/)
>Could we please have a clarification on the semantics of
>PAM_CRED_ESTABLISH vs. the semantics of
2002 Jun 26
3
pam session as root
Beyond any more general questions of whether pam sessions *should* be
run as root, is there an immediate security concern with moving the
pam_open_session (and pam_setcred) stuff to the parent (root) process?
(E.g., via the patch below.)
--
Mike Stone
diff -u -r1.4 auth-pam.c
--- auth-pam.c 25 Jun 2002 00:45:33 -0000 1.4
+++ auth-pam.c 25 Jun 2002 20:33:41 -0000
@@ -286,6 +286,8 @@
1999 Dec 28
0
Patches to report rsaref build and to call pam_setcred
I've attached two patches. The first just changes the output of "ssh -V"
to print that it was built against rsaref if libRSAglue (which is built
as part of openssl only when it is built against rsaref) is present at
build-time. The second adds appropriate calls to pam_setcred() in sshd.
Without them, our systems can't access AFS because the PAM modules only
get tokens at a
2002 May 29
0
pam_limits module bug and its effects on pam applications
On 2001-10-26 at 13:35:50 Nicolas Williams <Nicolas.Williams at ubsw.com> wrote:
> On Fri, Oct 26, 2001 at 02:11:13PM +0200, Markus Friedl wrote:
> > On Fri, Oct 26, 2001 at 10:14:21AM +1000, Damien Miller wrote:
> > > On Thu, 25 Oct 2001, Ed Phillips wrote:
> > >
> > > > What is the reasoning behind this? Do we want to see a lastlog entry for
>
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes
PAM authentication take place in a separate process or thread
(launched from sshpam_init_ctx() in auth-pam.c). By default (if you
don't define USE_POSIX_THREADS) the code "fork"s a separate process.
Or if you define USE_POSIX_THREADS it will create a new thread (a
second one, in addition to the primary thread).
The
2001 Nov 29
0
OPENssh (2.9p2) and keylogin in NIS+ on Solaris 7 with PAM
Hi,
I'm trying to make sshd perform a keylogin on a Solaris 7 NIS+ client
with PAM.
ssh connects and works fine but keyserv reports that it `can't encrypt
the session key'. So I think the keylogin failed or did not happen when
the user started an ssh session.
The following message is logged in syslog.
>sshd[489]: pam_setcred: error Permission denied
>sshd[506]:
2008 Jan 20
1
winbind forced password change requires interactive shell
We've discovered that although Winbind supports password changes when the
account password is expired, this only works with *interactive* shells.
This is a major problem for us. Use case 1: SSH tunnels:
$ ssh user2@localhost -N -L 4711:localhost:22
user2@localhost's password:
<trying to use the tunnel>
channel 2: open failed: administratively prohibited: open failed
As you can
2015 May 14
1
[Bug 2399] New: openssh server should fatal out when pam_setcred and pam_open_session fail
https://bugzilla.mindrot.org/show_bug.cgi?id=2399
Bug ID: 2399
Summary: openssh server should fatal out when pam_setcred and
pam_open_session fail
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: normal
Priority: P5
2004 Jan 28
0
PAM winbind auth (ADS) WORKS! (Solaris 9) THANKS ALOT!
IT WORKS!!!
I can telnet, ftp, rsh... to my Samba 3.0.1 box (Solaris 9 sparc)
here is (at the end) my pam.conf (in case somebody is interested in)
The trick is commenting "other accound... winbind..." string in pam.conf!
My English is corrupted wnen i'm full
#other account sufficient /usr/lib/security/pam_winbind.so.1
Thanks Andrew Barlett!
and since now i just LOVE SAMBA
2002 Oct 31
0
pam authentication solaris9
Hi
I'm trying to get winbindd work with authentication for other services.
Winbindd works fine in samba.
I get these errors using rlogin from another server to sun10.
Oct 31 08:26:11 sun10 pam_winbind[26694]: request failed, PAM error was 4,
NT error was NT_STATUS_INVALID_PARAMETER
Oct 31 08:26:11 sun10 pam_winbind[26694]: internal module error (retval = 4,
user = `tommyf' Supported
2005 Sep 23
0
root login using /etc/shadow bypassing winbind / ADS security
I'm wondering if anyone has tried use local Solaris NSS files for
root-only login VIA the console or ssh - effectively bypassing
domain security to the PDC using ADS - Windows 2003 AD?
I am not having a problem logging as the non-admin user.
I wish to login to the root account that would not be part
of the ADS domain security eventually over an ssh connection
or directly to /dev/console via a
2005 May 22
3
[Bug 926] pam_session_close called as user or not at all
http://bugzilla.mindrot.org/show_bug.cgi?id=926
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO|994 |
nThis| |
------- Additional Comments From dtucker at zip.com.au 2005-05-22 11:03 -------
2002 Mar 26
0
[Bug 189] New: pam_setcred() failures should not be treated as fatal
http://bugzilla.mindrot.org/show_bug.cgi?id=189
Summary: pam_setcred() failures should not be treated as fatal
Product: Portable OpenSSH
Version: 3.1p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org