similar to: [Bug 1794] New: sshd segfault when calling pam_authenticate() in pam_unix module which has option "try_first_pass"

OpenSSH 5.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

http://bugzilla.mindrot.org/show_bug.cgi?id=880 ------- Comment #3 from djm at mindrot.org 2006-04-03 21:45 ------- Created an attachment (id=1110) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1110&action=view) Revised diff ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hi, I've gone and ported the latest version of openssh, 3.1p1, to GNU/Hurd. I've tried to learn from the other threads on this topic, but I still had to get rid of MAXHOSTNAMELEN where I could. James A. Morrison diff -urN openssh-3.1p1.old/Makefile.in openssh-3.1p1/Makefile.in --- openssh-3.1p1.old/Makefile.in Tue Feb 26 14:24:22 2002 +++ openssh-3.1p1/Makefile.in Tue Apr 9 16:16:49

Hi, The systrace and rlimit sandboxes have been committed and will be in snapshots dated 20110623 and later. This diff adds support for pre-auth privsep sandboxing using the OS X sandbox_init(3) service. It's a bit disappointing that the OS X developers chose such as namespace-polluting header and function names "sandbox.h", "sandbox_init()", etc. It already forced me to

Hi All, I'm trying to get winbind working on a HP-UX 11.0 Box, running Samba 2.5. It seems to be working, except that when I log into the machine with DOMAIN+user, ie BLAR+fred it disconnects the session, here is the last part of the log report 0298 auth_resp : 23baed01 029c status : NT_STATUS_OK Plain-text authenticaion for user WESTCOASTDHB+mroper returned NT_STATUS_OK

Obviously I have an account. This is Solaris 10. I have been tinkering with the /etc/pam.conf without success. Does anyone have a solution? I have this currently in the pam.conf. dovecot auth required pam_passwd_auth.so.1 try_first_pass dovecot account required pam_unix_account.so.1 I have tried: dovecot auth required pam_unix_account.so.1 nullok dovecot account

Hello! This is my first post to this list... ;) I'm not shure if someone will be interested in this topic. For me, it has interest, as long as I maintain 100+ unix (linux) servers with dialup access and every package update cost some significant time to download, so package size is somewhat important here. I looked to openssh and realized that package consists of several programs, all uses

openssh 4.7p1 SCO OSR6 Password authentication is non-functional. This seems dependent on USE_LIBIAF which further depends on HAVE_LIBIAF (in defines.h), but there is no longer any code in configure to define the latter. Building with HAVE_LIBIAF defined enables password authentication, but only for non-long (<9 char) passwords, even though UNIXWARE_LONG_PASSWORDS seems to be defined. I

Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.

Patch PHCO_22265 (s700_800 11.00 cumulative libpam and libpam_unix patch) is now available that fixes a problem discussed a while back on the list regarding an incorrect return value from pam_acct_mgmt(), which effected the ability to change an expired password: (SR: 8606160402 CR: JAGad29724) HP-UX is inconsistent with the PAM standard with respect to the return value for

Hi All, Well, i've managed to enable some debugging in syslog, I had to put in /etc/syslog.conf ;*.debug on the syslog line. So at least I have an error which is being returned into syslog from winbind. This is what I get from winbind Feb 4 21:13:17 coastdr pam_winbind[20753]: Verify user `lonnie' Feb 4 21:13:18 coastdr pam_winbind[20753]: user 'lonnie' granted acces Feb 4

Hi all. Now that we have SSHDLIBS for the libraries required by sshd only, it's possible to remove some of the single-purpose variables from Makefile. If this is worth doing, the next step would probably be to move the OpenSSL libs into CRYPTOLIBS since binaries such as scp and sftp don't need to be linked with libcrypto. Index: Makefile.in

Yo All! openssh-SNAP-20010209.tar.gz fails to compile on Slackware. Patch at the end of this message. Here is the error: gcc -o sftp sftp.o sftp-client.o sftp-common.o sftp-int.o log-client.o -L. -Lopenbsd-compat/ -L/usr/local/ssl/lib -L/usr/local/ssl -lssh -lopenbsd-compat -lcrypt -lz -lnsl -lutil -lcrypto -lwrap openbsd-compat//libopenbsd-compat.a(bsd-arc4random.o): In function

Should pam_setcred() be called if pam_authenticate() wasn't called? I would say not; both of these functions are in the authenticate part of pam. It seems the the 'auth' part of pam config controls which modules get called, so if you didn't to _authenticate() you shouldn't do _setcred(). thx /fc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is there any way to disable logging of failures during pam_authenticate? I ask because OpenSSH is currently generating an extra "authentication failure..." message at each login. The problem is that OpenSSH likes to try a blank password attempting any other authentication. This is a shortcut for anonymous SSH servers (e.g. OpenBSD's

Hello, I would like to ask for your help. I have noticed some error messages issued by dovecot. Mar 13 20:00:57 relay dovecot: auth-worker(default): pam(example at example.com): pam_authenticate() failed: authentication error (/etc/pam.d/dovecot missing?) Not surprisingly $ l /etc/pam.d/dovecot ls: /etc/pam.d/dovecot: No such file or directory The funny thing is that authentication does work

Testing installation of Dovecot. Log is showing two errors. Any ideas how to fix this thing??? dovecot: May 07 05:19:06 Error: auth-worker(default): pam(Yoda,127.0.0.1): pam_authenticate() failed: User not known to the underlying authentication module dovecot: May 07 05:21:48 Error: IMAP(Yoda): open() failed with mbox file /var/mail/Yoda: Permission denied Here's the dovecot.conf file #

I'm having the same problem.... Did anyone find a solution? -- Geoff -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://dovecot.org/pipermail/dovecot/attachments/20060512/64e2b38c/attachment-0001.html>

Hi List, I have a problem with auth for just one user: dovecot: Sep 30 09:56:16 Info: auth(default): new auth connection: pid=3809 dovecot: Sep 30 09:56:17 Info: auth(default): client in: AUTH 1 PLAIN service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 resp=AGoucnVpc0BtZXJreC12ZXJrZXJrLm5sAGJsb2VtMDEh dovecot: Sep 30 09:56:17 Info: auth(default): pam(j.ruis at

I have a need to provide ssh client binaries for use elsewhere on several platforms, some without /dev/random support. I can't assume that users will know how to install/run prngd or egd, so I was planning to rely on the builtin prng code. However this require the ssh_prng_cmds file to exist in a fixed location -- which would mean making binaries which either look for it in . or other