Displaying 20 results from an estimated 5000 matches similar to: "[Bug 1497] New: sshd -T doesn't report UsePAM setting"
2008 Jul 23
10
[Bug 1490] New: sshd -T reports a string of UNKNOWNs
https://bugzilla.mindrot.org/show_bug.cgi?id=1490
Summary: sshd -T reports a string of UNKNOWNs
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2008 Jul 23
10
[Bug 1490] New: sshd -T reports a string of UNKNOWNs
https://bugzilla.mindrot.org/show_bug.cgi?id=1490
Summary: sshd -T reports a string of UNKNOWNs
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2016 May 03
3
StreamLocal forwarding
On Tue, 3 May 2016, Rogan Dawes wrote:
> Hi Damien,
> Thanks for the response!
>
> I tried moving the StreamLocalBindUnlink directive outside of the Match
> rule, and it worked. But that doesn't explain why the Match was not
> correctly setting the directive:
>
> This is running on an alternate port with -ddd:
>
> debug3: checking match for 'User
2013 Jan 31
2
OpenSSH NoPty patch
Hey everyone,
I wanted to add support for denying PTY allocation through OpenSSH. I'm
not certain if this is quite thorough enough for all cases, but for me
it might work for the moment.
I know that you can currently do this through authorized_keys, but as
far as I know that only works for an actual key. In my use case, I
wanted a user with no password which is forced to run a specific
2003 Sep 17
4
[Bug 647] Setting "UsePAM no" in sshd_config gives error if not config'ed w/ --with-pam
http://bugzilla.mindrot.org/show_bug.cgi?id=647
Summary: Setting "UsePAM no" in sshd_config gives error if not
config'ed w/ --with-pam
Product: Portable OpenSSH
Version: -current
Platform: Sparc
OS/Version: SunOS
Status: NEW
Severity: minor
Priority: P4
Component: sshd
2014 Feb 10
0
[PATCH] Basic SCTP support for OpenSSH client and server
This patch allows the OpenSSH client to make connections over SCTP,
and allows the OpenSSH server to listen for connections over SCTP.
SCTP is a robust transport-layer protocol which supports, amongst other things,
the changing of endpoint IPs without breaking the connection.
To connect via SCTP, pass -H or set "ConnectViaSCTP yes".
To listen via SCTP as well as TCP, set
2005 Apr 21
3
[Bug 1024] SSHD fails to connect when "UsePAM and UseLogin" is yes
http://bugzilla.mindrot.org/show_bug.cgi?id=1024
Summary: SSHD fails to connect when "UsePAM and UseLogin" is yes
Product: Portable OpenSSH
Version: 4.0p1
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2002 Feb 15
0
[Bug 118] New: Implement TIS (protocol 1) via PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=118
Summary: Implement TIS (protocol 1) via PAM
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: fcusack at
2002 Nov 24
1
[PATCH] PamServiceNameAppend
Hello,
Here's the situation I'm facing : I'm running OpenSSH on a server. On
a gateway, I forward TCP:22 to the server TCP:22. So far, so good. I can
log in from inside the lan by connecting using standard SSH port, or
from the other network through the gateway.
Now, I'd like a different configuration for connections from the
outside. I start another SSHd on the
2002 Jul 02
3
New PAM kbd-int diff
Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes
PAM kbd-int work with privilege separation.
Contrary to what I have previously stated - it *does* handle multiple
prompts. What it does not handle is multiple passes through the PAM
conversation function, which would be required for expired password
changing.
I would really appreciate some additional eyes over the
2000 Oct 24
2
feature request & patch submit: chroot(2) in sshd
Hello,
whereas most people take passwd/shadow/ldap/<whatever> as the place where
decision on a chrooted environment / sandbox for certain users is met (just
set the given usershell appropriateley), I needed a somewhat different
approach. Below is a tiny patch to 2.2.0p1 which enhances the sshd-config
by two options and, when set, places all users / users of a certain group
immediately in
2002 Jun 25
4
PAM kbd-int with privsep
The following is a patch (based on FreeBSD code) which gets kbd-int
working with privsep. It moves the kbd-int PAM conversation to a child
process and communicates with it over a socket.
The patch has a limitation: it does not handle multiple prompts - I have
no idea how common these are in real-life. Furthermore it is not well
tested at all (despite my many requests on openssh-unix-dev@).
-d
2002 Apr 26
0
PAM keyboard-interactive
The following patch (relative to -current) makes PAM a proper
kbd-interactive citizen. There are a few limitations (grep for todo), but
the code seems to work OK for protocols 1 & 2 with and without privsep.
Please have a play!
auth2-pam.c is based on code from FreeBSD.
Index: auth2-chall.c
===================================================================
RCS file:
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
Hello,
appended is a patch that makes it possible to use PAM both for
password authentication and TIS (i.e. s/key or opie or any other
interactive challenge/response scheme). I have developed this starting
from the patch at http://www.debian.org/Bugs/db/61/61906.html on
Debian with openssh-2.1.1p4-3. After configuring ssh with
--with-pam-tis, there are two PAM services, "sshd" and
2004 Sep 28
12
[Bug 936] S/Key authentication fails if UsePAM=no
http://bugzilla.mindrot.org/show_bug.cgi?id=936
Summary: S/Key authentication fails if UsePAM=no
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: ulm at
2003 Sep 25
2
unexpected change in "locked account" behaviour
I just ran into what I'd describe as an unexpected side-effect. I don't
think it's necessarily a bug, and I don't need any assistance in working
around it, but this information might be useful to others for
troubleshooting.
This was using OpenSSH built under Solaris 2.5.1, and running under
2.5.1 or 8.
The symptom was that after upgrading from 3.7.1p1 to 3.7.1p2, some
accounts
2003 Nov 18
4
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwor ds
It works for the "yes" case but not for the "without-password" case.
The function that checks (auth_root_allowed(auth_method) is special
cased for "password". The Pam case sends "keyboard-interactive/pam"
which like all other authentication methods except password succeeds.
Here is a patch to make it work for me. Please feel free to criticize
as
2000 Oct 15
1
Patch for Digital Unix SIA authentication
A while back, I sent in a patch that added Digital Unix SIA
authentication to OpenSSH. Well, I just figured out that it didn't
handle everything correctly (locked accounts could still log in). I
thought I had checked that, but I guess I missed it.
Anyway, here is a patch against OpenSSH 2.2.0p1 that fixes this.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator
2005 Jan 20
1
PermitRootLogin without-password functionality differs for UsePAM yes/no option
Hi,
I am using OpenSSH 3.9p1. For " UsePAM yes/no " option with "
PermitRootLogin without-password", the server functionality differs.
For " UsePAM yes ", the server allows authentication thru password,
meanwhile " UsePAM no " does not. I have fixed that problem and the
patch is given below.
2002 Dec 05
1
patch to add a PAMServiceName config option
I append a patch against openssh-3.5p1.tar.gz which adds a config option
PAMServiceName. The option allows one to specify the PAM service at
runtime in the config file rather than using __progname or having it
hardwired to SSHD_PAM_SERVICE at compile time. I expect this to be useful
if one wants to run multiple instances of sshd using different PAM
configurations.
With this patch