similar to: [Bug 1439] New: Adds Virtual Token (VToken) authentication method to kbdint

https://bugzilla.mindrot.org/show_bug.cgi?id=1438 Summary: Adds an out-of-band challenge (OBC) authentication method (via kbdint) Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal

The Virtual Token (VToken) patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1439) creates a kbdint device that provides a new challenge-based authentication mechanism. The server calculates a challenge from two secrets and a counter. You authenticate by proving by correctly answering the challenge, proving you know the secrets. This creates a software-based token, similar in function to

https://bugzilla.mindrot.org/show_bug.cgi?id=1393 Summary: patch modifies gnome-ssh-askpass to optionally use one- time password Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All URL: http://www.swcp.com/~pgsery OS/Version: Linux Status: NEW Keywords:

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgsery at swcp.com --- Comment #18 from Damien Miller <djm at mindrot.org> 2008-06-13 13:56:12 --- *** Bug

https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #26 from Paul Sery <pgsery at swcp.com> 2010-01-08 08:09:14 EST --- The configuration below is incorrect. When using protocol 2, it should read: ... RequiredAuthentications2 password Also, there's no need to specify publickey in conjunction with other authentication methods because it will always be tried first (as specified

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Paul Sery <pgsery at swcp.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1768|0 |1 is obsolete| | --- Comment #30 from Paul Sery <pgsery at swcp.com> 2010-11-12

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au Blocks| |1626 --- Comment #23 from Darren Tucker

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Petr Lautrbach <plautrba at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2138|0 |1 is obsolete| | --- Comment #54 from Petr Lautrbach <plautrba at

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #34 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:24 EST --- Retarget unresolved

This patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1438) creates a kbdint device that provides a server-based authentication mechanism. The server generates and emails you a random string when you attempt to login. You're authenticated if you can correctly answer the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the

The patch (against 4.7p1) modifies gnome-ssh-askpass to optionally generate a one-time password and transmits it to the user via an out-of-band communication channel. If you can read the password and enter it back into the gnome-ssh-askpass dialog, ssh-agent is allowed to continue with the authentication process. There are two ways to use the modified gnome-ssh-askpass. The first

http://bugzilla.mindrot.org/show_bug.cgi?id=580 Summary: disable kbdint if host key mismatch Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: fcusack at

I'm using dovecot 2.2.24 on FreeBSD 10.3. I'm working on converting users from maildir to mdbox, for the usual reasons. I have converted some test users and they generally work fine. But when I run "doveadm mailbox status" I get a Panic if I ask for the vsize field (or "all"), but other fields work fine. For example: # doveadm mailbox status -u bubbacheex3

https://bugzilla.mindrot.org/show_bug.cgi?id=1435 Summary: Multiple authentication methods patch Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org

I took Markus Friedl's advice and set up a KbdintDevice for Kerberos password authentication/expiry. It took me a bit to wrap my head around privsep, but I think it's working properly (code stolen shamelessly from FBSD's PAM implementation :->). The hardest part was working out how to get the interaction between krb5_get_init_creds_password() (along with the prompter) to work

http://bugzilla.mindrot.org/show_bug.cgi?id=568 Summary: Kerberos password auth/expiry kbdint patch Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P4 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Hello, I was chasing some unexpected behaviour from OpenSSH, and have come across an oddity in the source code which may or may not be a bug. In auth2-kbdint.c, the Authmethod struct declares options.kbd_interactive_authentication as the enabled flag for this method. However in the implementation function a few lines above, it checks options.challenge_response_authentication to decide whether to

Hello, I'm preparing to convert from qpopper + UW-IMAP to dovecot. So far testing has gone very well. One problem we haven't figured out is that long-running POP sessions keep the mailbox locked, so that the MDA times out while trying to deliver. We're using "maildrop" as our MDA if that matters. We don't see this issue for dovecot IMAP sessions. During long-running

Hi. I'm new to Dovecot and about to start using it in production. In the config file, I set the option, auth_debug_passwords, to yes. I do not see any failed passwords logged, however. It did cause more verbose authentication logging, but failed passwords are still hidden. I have also set these options to yes, because I thought they might be required for auth_debug_passwords to work:

? Sun, 7 Apr 2024 23:47:52 -0600 Dave Dixon <ddixon at swcp.com> ?????: > > second_records <- read.csv(file_name, skip = 2459465, nrows = 5) It may or may not be important that read.csv defaults to header = TRUE. Having skipped 2459465 lines, it may attempt to parse the next one as a header, so the second call read.csv() should probably include header = FALSE. Bert's advice