Displaying 20 results from an estimated 3000 matches similar to: "SIA support patches for Tru64 UNIX"
2006 Sep 20
2
Tru64 Unix and SIA
I have recently written a (minimal) Tru64 Unix SIA password module for
Dovecot as part of testing a Dovecot installation.
Has anyone else written a Tru64 Unix SIA module?
Is anyone else interested in such a module?
If so, how might I/we go about getting this/such a module into the main
Dovecot source?
Thanks
--
Simon L Jackson
Carringbush.Net
+-
Carringbush.Net
Hosting * Development *
2005 Apr 07
1
PermitRootLogin and Tru64 SIA
I have "PermitRootLogin no" in my sshd_config, but under Tru64 and SIA,
the root login attempts still get passed to the SIA system (so I get
lots of warnings about failed root logins). On systems with a "max
failed attempts" setting, the root account can be locked out this way.
I started looking at the code, and I'm not sure I understand what I see.
In auth-passwd.c,
2000 Mar 27
1
scp: write stdout: Broken pipe error (Tru64 UNIX)
I'm working on adding SIA authentication support to OpenSSH for use on
Tru64 UNIX. The authentication bits are working but there's more work to be
done including checking for locked accounts and setting resource limits.
Anyway, most things seem to be working fine except for scp and I'm looking
for a little help. Here's some output:
% scp -v lopan:sl.tar .
Executing: host lopan,
2000 Jan 18
1
Tru64 UNIX plans?
Is anyone currently working on adding support for Tru64 UNIX's enhanced
security to OpenSSH?
2001 Mar 20
1
Tru64 UNIX SIA in 2.5.2p1 is hosed
Something really hosed Digital/Tru64 UNIX SIA support in 2.5.2p1. I
haven't been able to figure out what changed in the code, but the
symptom seems to be that the TTY name being registered with SIA is
truncated to eight characters. This apparently prevents it from
matching with entries in the tty database, and the dreaded "Cannot
obtain database information on this terminal
2003 Sep 16
1
OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)
Well, I had just finally gotten around to downloading a snapshot to test
the latest on Tru64 a couple of days ago but hadn't had a chance to
build it yet, and 3.7p1 has now been released. Sigh.
The problem is that Tru64 setreuid() and setregid() are broken, so
privsep doesn't work.
This could also be a security problem for SIA authentication in general
(any version of OpenSSH on Tru64,
2002 Sep 11
1
tru64 sia: move call of session_setup_sia() to do_setusercontext(), letting grantpty() and friends handle pty perms
Hi-
Under privsep, I experimented with moving the session_setup_sia() out of
do_child() and into do_setusercontext(), which is where the uids/gids are set
to the final execution user. The call is made with a NULL tty, and this
is functional provided that any later pty allocation uses grantpty() to
set the device permissions. Logging in with this method shows that a utmp
entry does get made for
2003 Sep 24
1
Patches for compatibility with Heimdal's libsia_krb5 SIA module
I have found the following patches to be desirable for using sshd on a
Tru64 UNIX system with the Kerberos 5 SIA module (libsia_krb5.so) from
Heimdal.
These patches do the following:
1) preserve context between the password authentication and the session
setup phases. This is necessary because the Heimdal SIA module stores
Kerberos context information as mechanism-specific data in
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
What do we loose by not having post-auth privsep?
What code is executed between authorization and actual setting of the
effective uid?
On Tue, 3 Sep 2002, Chris Adams wrote:
> Once upon a time, Toni L. Harbaugh-Blackford <harbaugh at nciaxp.ncifcrf.gov> said:
> > It appears that the integration of the sia session setup will either
> > have to be rethought or abandoned
2004 Feb 06
1
Tru64 SIA authentication: can it be called after kerberos?
Hi All.
There have recently (well, today :-) been changes to OpenSSH Portable's
auth-passwd.c from OpenBSD to accomodate forced changes of expired
passwords. (Rabid password expirers shoulon't get excited yet, it's
currently bsdauth only, but support for other platforms should start
trickling in shortly).
As part of that, some individual platforms have gained their own
2001 Mar 21
1
Tru64 UNIX SIA in 2.5.2p1 is hosed (still)
The recent patch posted by Steve VanDevender <stevev at darkwing.uoregon.edu>
for fixing the session code on Tru64 isn't quite right -- it still fails
in the case of NO tty being allocated.
The problem is that s->tty is a char[TTYSZ] rather than a char *, and
hence can't hold a NULL. Calling sia_ses_init() with the tty being an
empty string doesn't signify no tty, and
2007 Dec 01
2
Tru64 v5.1 with Sia
./configure --with-sia
# ./dovecot --build-options
Build options: ioloop=poll ipv6 openssl
SQL drivers:
Passdb: checkpassword passwd passwd-file
Userdb: checkpassword passwd prefetch passwd-file static
# ./dovecot --version
1.0.8
# ./dovecot -n
# 1.0.8: /usr/local/etc/dovecot.conf
protocols: pop3
listen: *:10100
ssl_disable: yes
disable_plaintext_auth: no
login_dir:
2004 Apr 14
1
[Bug 802] sshd configured with SIA doesn't link on Tru64.
http://bugzilla.mindrot.org/show_bug.cgi?id=802
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |821
nThis| |
Summary|sshd of openssh-3.8p1 |sshd configured with SIA
2004 Feb 26
14
[Bug 802] sshd of openssh-3.8p1 doesn't link on Tru64.
http://bugzilla.mindrot.org/show_bug.cgi?id=802
Summary: sshd of openssh-3.8p1 doesn't link on Tru64.
Product: Portable OpenSSH
Version: 3.8p1
Platform: Alpha
OS/Version: OSF/1
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: openssh-bugs at mindrot.org
2004 Sep 20
3
[Bug 933] compile problem on tru64 5.1A code outside of a #ifdef that should not be included on tru64
http://bugzilla.mindrot.org/show_bug.cgi?id=933
Summary: compile problem on tru64 5.1A code outside of a #ifdef
that should not be included on tru64
Product: Portable OpenSSH
Version: 3.8p1
Platform: Alpha
OS/Version: OSF/1
Status: NEW
Severity: normal
Priority: P2
Component: Build
2001 May 07
1
OSF1 and USE_SIA
Is the following (from configure.in) intended:
*-dec-osf*)
if test ! -z "USE_SIA" ; then
AC_MSG_CHECKING(for Digital Unix Security Integration Architecture)
should that be "$USE_SIA" or similar or what is the point of testing a constant
string for being zero length...
The reason I ask is the for complex reasons we don't want SIA enabled on Tru64
since it breaks some
2002 Aug 11
4
OSF/1 or Tru64 patch for Privsep
Either this never made it to the list or no one cares about Tru64. This
is the last time I'll send this patch to the list. If no one steps up and
finishes it or provides me with enough information to fix any remaining
bugs (one being complaint that 'ssh site cmd' does not work right).
If there is no activity on this for a week. I'll post it to bugzilla and
will ignore any
2002 Aug 28
5
Tru64 privsep patch testing
OK, I got a chance to try out the Tru64 patch for privsep. I applied the patch
to 3.4p1. Partial success, in that it now works for me for logins to "root".
Logins to ordinary accounts fail after authentication, when trying to set tty
characteristics. See the excerpt from the debug messages below. This is for
Tru64 V4.0F (with enhanced_security turned on, obviously.) I guess it's time
2002 Aug 28
2
Tru64 patch won't make it into 3.5 due to lack of interest.
Tru64 patch will not make it into 3.5 (this is final) due to lack of
willing people to test. I have given the Tru64/osf1 community almost a
month to test it. And *ONE* person came forward to give me verification.
And don't give me shit about "I don't have time." The person who tested
it was LEAVING his employer with Tru64. He found time.
IT IS YOUR GAWD DAMN PLATFORM. IF
2000 Oct 15
1
Patch for Digital Unix SIA authentication
A while back, I sent in a patch that added Digital Unix SIA
authentication to OpenSSH. Well, I just figured out that it didn't
handle everything correctly (locked accounts could still log in). I
thought I had checked that, but I guess I missed it.
Anyway, here is a patch against OpenSSH 2.2.0p1 that fixes this.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator