Displaying 20 results from an estimated 7000 matches similar to: "[Bug 1396] New: When pam-authentication thread ends, it doesn' t call the function pam_end"
2007 Jun 17
19
[Bug 1322] New: pam_end() is not called if authentication fails, which breaks pam-abl
http://bugzilla.mindrot.org/show_bug.cgi?id=1322
Summary: pam_end() is not called if authentication fails, which
breaks pam-abl
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041
OS/Version: Linux
Status: NEW
Severity:
2003 Sep 01
2
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632
Summary: PAM conversation function does not return when
connection is aborted
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: All
URL: http://www.cl.cam.ac.uk/~mgk25/otpw.html#opensshbug
OS/Version: Linux
Status: NEW
Severity: major
2007 Apr 20
5
[Bug 1308] pam handling change breaks pam_abl module
http://bugzilla.mindrot.org/show_bug.cgi?id=1308
Summary: pam handling change breaks pam_abl module
Product: Portable OpenSSH
Version: 4.6p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
2016 Mar 04
7
[Bug 2548] New: Make pam_set_data/pam_get_data work with OpenSSH
https://bugzilla.mindrot.org/show_bug.cgi?id=2548
Bug ID: 2548
Summary: Make pam_set_data/pam_get_data work with OpenSSH
Product: Portable OpenSSH
Version: 7.2p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: major
Priority: P5
Component: PAM support
Assignee:
2007 Jun 23
1
[Bug 1308] pam handling change breaks pam_abl module
http://bugzilla.mindrot.org/show_bug.cgi?id=1308
--- Comment #6 from Tom Cox <tomc at hot.rr.com> 2007-06-24 03:12:38 ---
Created an attachment (id=1312)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1312)
Change prevents pam_end from being called with current status.
File shows problem introduced in session.c, version 1.346.
--
Configure bugmail:
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes
PAM authentication take place in a separate process or thread
(launched from sshpam_init_ctx() in auth-pam.c). By default (if you
don't define USE_POSIX_THREADS) the code "fork"s a separate process.
Or if you define USE_POSIX_THREADS it will create a new thread (a
second one, in addition to the primary thread).
The
2002 Oct 21
0
[Bug 419] New: HP-UX PAM problems with 3.5p1
http://bugzilla.mindrot.org/show_bug.cgi?id=419
Summary: HP-UX PAM problems with 3.5p1
Product: Portable OpenSSH
Version: -current
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2004 Mar 30
2
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
http://bugzilla.mindrot.org/show_bug.cgi?id=688
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |822
nThis| |
Status|NEW |ASSIGNED
2002 Jun 11
1
SSH / PAM Problem
Hallo
da mein English nicht so gut ist und bei der ?bersetzung auch noch
Missverst?ndnisse auftretten k?nnten, hier das Orginal :-)
Das Problem ist, dass bei der Kombination openssh pam und ldap, die
Verbindung zum Ldapserver so lange offen gehalten wird bis die ssh
Session geschlossen wird. Das ist nur bei SSH so ! Alle andere Dienste
sprechen den Server an und schliessen nach Best?ttigung des
2004 Nov 01
1
SSHD with PAM question
Let me refine my previous question:
> Can anyone provide some insight into why the auth-pam module uses a fork in
> pthread_create (auth-pam.c)? This completely breaks the ability of one PAM
function
> to pass data to others via the pam_set_data/pam_get_data functions.
Can anyone tell me how to #define USE_POSIX_THREADS when building --with-pam
defined? The autoconfig stuff
2005 Dec 10
1
Problems with openssh and pam_abl
I want to use sshd together with pam_abl to reduce
that logfile spamming with ssh attacks.
So the problem is as follows:
Setting maxAuthTries to 0 or any other values smaller than the default
of 6 changes the behaviour of pam_abl.
First, but this also happens with not using maxAuthTries option, is:
if the clientside closes connection after for example one failed
authentication try then the
2004 Nov 11
2
openssh-3.7p1+ and PAM on OS X
Hello list,
Bug 688 is causing me a massive headache on OS X.
The fact that each PAM authentication takes place in a separate process
means the PAM context data isn't shared and therefore prevents the
passing of data between modules. (pam_set_data, and pam_get_data)
Compiling with pthreads isn't really an option because of the added
security risk and the fact that some of the PAM
2014 Dec 12
0
PATCH - add username_format to the PAM auth module
Hi there,
Other auth modules (eg passwd-file) allow a username_format to be
specified, but not the PAM module.
The use-case, is where I want a static userdb configuration which takes the
domain into account but still want to use PAM for authentication, eg:
userdb {
driver = static
args = uid=8 gid=12 home=/mnt/storage/mail/vhosts/%d/%n
}
passdb {
driver = pam
args = username_format=%n
2017 May 06
3
[Bug 2712] New: Add fingerprint of key used for public key authentication to PAM handle
https://bugzilla.mindrot.org/show_bug.cgi?id=2712
Bug ID: 2712
Summary: Add fingerprint of key used for public key
authentication to PAM handle
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2001 Oct 26
1
PAM session cleanup on Sol8 with v2.9.9p2
In do_pam_cleanup_proc(), there are 3 calls to PAM:
1) pam_close_session() - do lastlog stuff
2) pam_setcred(PAM_DELETE_CRED) - delete credentials
3) pam_end() - close PAM
It appears that pam_setcred() always fails with the error PAM_PERM_DENIED.
This is due to a check done pam_unix.so to not allow a caller with euid 0
to even try to delete their SECURE_RPC credentials. When sshd calls
2006 Jan 16
0
passdb-pam: PAM_RHOST on FreeBSD >= 5.0 (where PAM != Linux-PAM)
This is actually something I had on my mind to write about in the past
few -stable and alpha releases, but did not get to and instead always
patched myself. Now having updated to the latest snapshot (which may
be released as beta1), I stumbled on it again:
In src/auth/passdb-pam.c, where the client host is passed to PAM, the
code looks like this:
#ifdef PAM_RHOST
const char *host =
2002 Dec 10
5
[PATCH] Password expiry with Privsep and PAM
Hi All.
Attached is a patch that implements password expiry with PAM and
privsep. It works by passing a descriptor to the tty to the monitor,
which sets up a child with that tty as stdin/stdout/stderr, then runs
chauthtok(). No setuid helpers.
I used some parts of Michael Steffens' patch (bugid #423) to make it
work on HP-UX.
It's still rough but it works. Tested on Solaris 8 and
2005 Oct 18
2
pam_abl for CentOS 3?
I'm looking for an RPM (SRPM is OK) for pam_abl, suitable for
installation on a CentOS 3.5 system. I've googled without identifying
one I'm confident of. Would the one for Fedora 3 be expected to work?
If not, what?
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2008 Oct 04
1
ssh error in /var/log/secure
Hi -
I just bought a xen VPS and am running CentOS 5 on it (updated to 5.2).
With all my personal machines sitting at home behind a router with all
ports (except for BitTorrent) closed - I had forgotten how frequent
brute force ssh attacks are, but within a day, the log was loaded with them.
So I did two things - I installed and configured pam_abl and I moved the
ssh port to 1294 ( a >