similar to: SIA support patches for Tru64 UNIX

Displaying 20 results from an estimated 3000 matches similar to: "SIA support patches for Tru64 UNIX"

2006 Sep 20
2
Tru64 Unix and SIA
I have recently written a (minimal) Tru64 Unix SIA password module for Dovecot as part of testing a Dovecot installation. Has anyone else written a Tru64 Unix SIA module? Is anyone else interested in such a module? If so, how might I/we go about getting this/such a module into the main Dovecot source? Thanks -- Simon L Jackson Carringbush.Net +- Carringbush.Net Hosting * Development *
2005 Apr 07
1
PermitRootLogin and Tru64 SIA
I have "PermitRootLogin no" in my sshd_config, but under Tru64 and SIA, the root login attempts still get passed to the SIA system (so I get lots of warnings about failed root logins). On systems with a "max failed attempts" setting, the root account can be locked out this way. I started looking at the code, and I'm not sure I understand what I see. In auth-passwd.c,
2000 Mar 27
1
scp: write stdout: Broken pipe error (Tru64 UNIX)
I'm working on adding SIA authentication support to OpenSSH for use on Tru64 UNIX. The authentication bits are working but there's more work to be done including checking for locked accounts and setting resource limits. Anyway, most things seem to be working fine except for scp and I'm looking for a little help. Here's some output: % scp -v lopan:sl.tar . Executing: host lopan,
2000 Jan 18
1
Tru64 UNIX plans?
Is anyone currently working on adding support for Tru64 UNIX's enhanced security to OpenSSH?
2001 Mar 20
1
Tru64 UNIX SIA in 2.5.2p1 is hosed
Something really hosed Digital/Tru64 UNIX SIA support in 2.5.2p1. I haven't been able to figure out what changed in the code, but the symptom seems to be that the TTY name being registered with SIA is truncated to eight characters. This apparently prevents it from matching with entries in the tty database, and the dreaded "Cannot obtain database information on this terminal
2003 Sep 16
1
OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)
Well, I had just finally gotten around to downloading a snapshot to test the latest on Tru64 a couple of days ago but hadn't had a chance to build it yet, and 3.7p1 has now been released. Sigh. The problem is that Tru64 setreuid() and setregid() are broken, so privsep doesn't work. This could also be a security problem for SIA authentication in general (any version of OpenSSH on Tru64,
2002 Sep 11
1
tru64 sia: move call of session_setup_sia() to do_setusercontext(), letting grantpty() and friends handle pty perms
Hi- Under privsep, I experimented with moving the session_setup_sia() out of do_child() and into do_setusercontext(), which is where the uids/gids are set to the final execution user. The call is made with a NULL tty, and this is functional provided that any later pty allocation uses grantpty() to set the device permissions. Logging in with this method shows that a utmp entry does get made for
2003 Sep 24
1
Patches for compatibility with Heimdal's libsia_krb5 SIA module
I have found the following patches to be desirable for using sshd on a Tru64 UNIX system with the Kerberos 5 SIA module (libsia_krb5.so) from Heimdal. These patches do the following: 1) preserve context between the password authentication and the session setup phases. This is necessary because the Heimdal SIA module stores Kerberos context information as mechanism-specific data in
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
What do we loose by not having post-auth privsep? What code is executed between authorization and actual setting of the effective uid? On Tue, 3 Sep 2002, Chris Adams wrote: > Once upon a time, Toni L. Harbaugh-Blackford <harbaugh at nciaxp.ncifcrf.gov> said: > > It appears that the integration of the sia session setup will either > > have to be rethought or abandoned
2004 Feb 06
1
Tru64 SIA authentication: can it be called after kerberos?
Hi All. There have recently (well, today :-) been changes to OpenSSH Portable's auth-passwd.c from OpenBSD to accomodate forced changes of expired passwords. (Rabid password expirers shoulon't get excited yet, it's currently bsdauth only, but support for other platforms should start trickling in shortly). As part of that, some individual platforms have gained their own
2001 Mar 21
1
Tru64 UNIX SIA in 2.5.2p1 is hosed (still)
The recent patch posted by Steve VanDevender <stevev at darkwing.uoregon.edu> for fixing the session code on Tru64 isn't quite right -- it still fails in the case of NO tty being allocated. The problem is that s->tty is a char[TTYSZ] rather than a char *, and hence can't hold a NULL. Calling sia_ses_init() with the tty being an empty string doesn't signify no tty, and
2007 Dec 01
2
Tru64 v5.1 with Sia
./configure --with-sia # ./dovecot --build-options Build options: ioloop=poll ipv6 openssl SQL drivers: Passdb: checkpassword passwd passwd-file Userdb: checkpassword passwd prefetch passwd-file static # ./dovecot --version 1.0.8 # ./dovecot -n # 1.0.8: /usr/local/etc/dovecot.conf protocols: pop3 listen: *:10100 ssl_disable: yes disable_plaintext_auth: no login_dir:
2004 Apr 14
1
[Bug 802] sshd configured with SIA doesn't link on Tru64.
http://bugzilla.mindrot.org/show_bug.cgi?id=802 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |821 nThis| | Summary|sshd of openssh-3.8p1 |sshd configured with SIA
2004 Feb 26
14
[Bug 802] sshd of openssh-3.8p1 doesn't link on Tru64.
http://bugzilla.mindrot.org/show_bug.cgi?id=802 Summary: sshd of openssh-3.8p1 doesn't link on Tru64. Product: Portable OpenSSH Version: 3.8p1 Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org
2004 Sep 20
3
[Bug 933] compile problem on tru64 5.1A code outside of a #ifdef that should not be included on tru64
http://bugzilla.mindrot.org/show_bug.cgi?id=933 Summary: compile problem on tru64 5.1A code outside of a #ifdef that should not be included on tru64 Product: Portable OpenSSH Version: 3.8p1 Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: Build
2001 May 07
1
OSF1 and USE_SIA
Is the following (from configure.in) intended: *-dec-osf*) if test ! -z "USE_SIA" ; then AC_MSG_CHECKING(for Digital Unix Security Integration Architecture) should that be "$USE_SIA" or similar or what is the point of testing a constant string for being zero length... The reason I ask is the for complex reasons we don't want SIA enabled on Tru64 since it breaks some
2002 Aug 11
4
OSF/1 or Tru64 patch for Privsep
Either this never made it to the list or no one cares about Tru64. This is the last time I'll send this patch to the list. If no one steps up and finishes it or provides me with enough information to fix any remaining bugs (one being complaint that 'ssh site cmd' does not work right). If there is no activity on this for a week. I'll post it to bugzilla and will ignore any
2002 Aug 28
5
Tru64 privsep patch testing
OK, I got a chance to try out the Tru64 patch for privsep. I applied the patch to 3.4p1. Partial success, in that it now works for me for logins to "root". Logins to ordinary accounts fail after authentication, when trying to set tty characteristics. See the excerpt from the debug messages below. This is for Tru64 V4.0F (with enhanced_security turned on, obviously.) I guess it's time
2002 Aug 28
2
Tru64 patch won't make it into 3.5 due to lack of interest.
Tru64 patch will not make it into 3.5 (this is final) due to lack of willing people to test. I have given the Tru64/osf1 community almost a month to test it. And *ONE* person came forward to give me verification. And don't give me shit about "I don't have time." The person who tested it was LEAVING his employer with Tru64. He found time. IT IS YOUR GAWD DAMN PLATFORM. IF
2000 Oct 15
1
Patch for Digital Unix SIA authentication
A while back, I sent in a patch that added Digital Unix SIA authentication to OpenSSH. Well, I just figured out that it didn't handle everything correctly (locked accounts could still log in). I thought I had checked that, but I guess I missed it. Anyway, here is a patch against OpenSSH 2.2.0p1 that fixes this. -- Chris Adams <cmadams at hiwaay.net> Systems and Network Administrator