similar to: OpenSSH on HP-UX 11 with TCB

If SCO OpenServer is configured for large passwords, i.e. u_pwseg is greater than 1 in /etc/auth/system/default, then user authentication in auth-passwd.c will fail for users whose passwords are longer than 8 characters. The "traditional" level of security installs with u_pwseg#1, so most users would never encounter this problem. This has been an issue in openssh since I started using

Dear list, since the order of authentication and AFS token/KRB TGT forwarding changed (around 3.0), we have had problems with users accidentally overwriting their credentials from a "password" login with forwarded credentials. E.g. user A logs in as user B, but stays with the AFS permissions of user A. A workaround is to use "-k" on these sessions, but "it worked without

Hi, I'm writing to you on behalf of the Pasteur Institute's (Paris, France) IT team. We're currently using dovecot-0.99.10.5_2 on a FreeBSD 5.3. We're planning to upgrade to dovecot-1.x with an openLDAP user and password database and patch it at the same time to include some authentication feature we're using : Since most of our user currently don't use dovecot at all and

This is based on openssh-2.0.0beta1. There are a few rough spots: 1) SunOS doesn't have ut_type in struct utmp so I just whacked in the old login() from openssh-1.2.3. 2) There is a SUNOS4 section added to defines.h -- this could probably be a bit cleaner. 3) sigaction on SunOS is implemented via #defines to sigvec, thus there is no SA_RESTART (this is the default behavior).

The current configuration only works if xauth can be found at /usr/X11R6/bin/xauth, which creates some problems when running sshd on an openwin system. Contained below are patches to find the path of xauth in configure, and set the path in config.h. (also contained is a patch for configure for those without autoconf) Also-- added #include "bsd-daemon" to includes.h, which quiets a

Hello, already checked the Mailinglist archive for HPUX Problems, but havent found exact this: ./configure --prefix=/opt --without-pam --with-ssl-dir=/opt/OpenSSL --with-lastlog=/var/adm/wtmp --with-egd-pool=/dev/entropy --with-tcp-wrappers --with-pid-dir=/var/run --sysconfdir=/etc/ssh and get after a make: gcc -O2 -Wall -D_HPUX_SOURCE -I/usr/local/include -I/opt/include

On Tue, 7 Apr 2015, Laszlo Ersek wrote: > Whereas syslinux.efi apparently uses the embedded gpxe/ tree, and that > one uses TCP timestamps. See tcp_xmit() in gpxe/src/net/tcp.c: Actually syslinux.efi seems to be using the implementation calling into UEFI via these functions: http://git.kernel.org/cgit/boot/syslinux/syslinux.git/tree/efi/tcp.c I've tried to add debug messages to these

I'm using OpenSSH_3.5p1 (server protocol 2.0 ) on a Compaq device V5.1A with C2 Security (SIA) configured. I must set UsePrivilegeSeparation to no to get this working. Does anyone have PrivilegeSeparation working on a Compaq device with C2 Security configured? Source device: ssh user at destination ( produces these errors) sshd: /var/tcb/files/__db_lock.share: Permission denied sshd:

Hi there, everybody; As promised, here's the new version for my chroot patch. It applies cleanly over OpenSSH 2.1.1p4, and I'm attaching 2 versions: - openssh-2.1.1p4-chroot.patch-wc, is the chroot patch plus a "--with-chroot" patch for the "configure" script. - openssh-2.1.1p4-chroot.patch, is the same without the "--with-chroot" part. Have fun,

Hi there, everyone; Attached to this mail is the 2.2.0p1 version of my chroot patch. For those of you interested, my usual warning: This is NOT plug&pray. You'll have to build a whole binaries/libs/conf files tree within the new root. (it's just like the "classic" anonymous ftp behaviour) Configure with "configure --with-chroot" to use. Regards; RC --

Hi All. Attached is a patch against OpenBSD, based in part on the owl-always-auth patch. The idea is that the only way out of auth_passwd for the failure case is the "return 0" at the bottom. I don't know if this is a good way to do it or not, it's presented for discussion. Also, I don't think 3.6.1p2 is quite right WRT these timing issues (eg, you get a fast failure

There''s a number of calls in the Rails source to convert_to_model, which takes an activerecord object instance: convert_to_model(object) Here''s the thing. All convert_to_model does is calls to_model, which returns self (the ActiveModel instance). Am I missing something here? Why call a method that returns the same thing? @user => #<User id: 3, name:

Hi, I am following the excellent tutorial http://www.railsforum.com/viewtopic.php?id=14216 (post 5) on how to implement an access control feature i.e. only a friend is allowed to view a profile of a particular member. I am not using the restful authentication plugin as the author is using to implement the authentication feature (post 1) in the tutorial. All I am interested in is the post 5

Hi! I have just added login feature to my rails application (followed the instruction from (Agile Web Development with Rails) but now I am getting strange errors (looks to me like some kind of routing problem) under the passenger/apache. The error is: 500 Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. From the log:

Hi, I'm having trouble with auth_password() failing on my linux box using yellow pages. I've tracked the problem down to the following: pw_password = "RMf.YivanoZc2,o01N" encrypted_password = "RMf.YivanoZc2" This fails on the return(strcmp(encrypted_password, pw_password) == 0). because crypt() only returns 13 characters. I seem to remember the

I found a bit weird to use address space for this, since the offset of getting stack_guard in TCB is, unfortunately, negative: https://github.com/gcc-mirror/gcc/blob/master/gcc/config/rs6000/linux64.h#L610 In my understanding an address space is referring to a segment register (-on powerpc 32bit; or SLB entry on powerpc 64bit?) with a non-negative offset value, so that it's actually accessing

I have written the Users controller and Spec tests correctly for the "successful creation" in the User controller however I get the following two errors: 1) UsersController POST ''create'' success should create a user Failure/Error: lambda do count should have been changed by 1, but was changed by 0 #

When -fstack-protector is turned on, linker fails to find the symbol "__stack_chk_guard" because at least for powerpc64le, glibc doesn't provide this symbol. Instead, they put the stack guard into TCB. x86 fixed this issue by injecting a special address space (which is later translated to TCB register access) and hard code the offset of stack_guard, but I don't see a easy way to

----- Original Message ----- > From: "Eric Christopher" <echristo at gmail.com> > To: "Tim Shen" <timshen at google.com>, llvm-dev at lists.llvm.org, "Hal > Finkel" <hfinkel at anl.gov>, "Kit Barton" <kbarton at ca.ibm.com> > Sent: Wednesday, February 10, 2016 6:59:50 PM > Subject: Re: [llvm-dev] [PPC] Linker fails on

We run HP-UX 11.00 in "Trusted Mode". This creates and mananges a tcb database for all the users on the system. I have created the attached patch, for openssh-4.3p2, to update the date/time of a successful login. I have tested this patch on several systems here, but I am sure there is a cleaner way to implement the updates into openssh. In a perfect world I would like to update the tcb