similar to: A bug in openssh-2.2.0-p1

i'm working on this. this is what i have now. sp_inact is not handled consistently across shadow platforms, so i'm going to not address that right now. the following is the predecessor to bug14. what is the timeframe for 3.2.1p1? markus suggested a few more weeks. Index: auth.c =================================================================== RCS file: /var/cvs/openssh/auth.c,v

I'm looking at the password aging and account lock checks in auth.c:allowed_user(), and specifically their behaviour on HP-UX. First, should this code be ifdef'd away if we're using PAM? Next: /* Check account expiry */ if ((spw->sp_expire > 0) && (days > spw->sp_expire)) return 0; If I lock an account by entering too many incorrect passwords, sp_expire

The primary purpose of the attached patches is for portable OpenSSH to support changing expired passwords as specified in shadow password files. To support that, I did a couple enhancements to the base OpenBSD OpenSSH code. They are: 1. Consolidated the handling of "forced_command" into a do_exec() function in session.c. These were being handled inconsistently and allocated

Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd =

This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required

Hello, I have recently downloaded and compiled openssh-3.7.1p2 on both HP-UX 10.20 and HP-UX 11.00. The compile went fine. Logging in on the system used for the build works fine. However, logging in on a different system (where the newly compiled openssh is installed) results in the following error: Permission denied (publickey,password,keyboard-interactive). I have tried several things I

Dear All, I can install OpenSSH 3.7.1p2 with OpenSSL 0.9.7c on HP-UX 11.0 without problem. However, I find that all valid accounts are treated as "locked" (even specify "AllowUsers USER1" in sshd_config) and can't make SSH connection to the server. Here is the message shown in syslog.log. Oct 3 16:49:17 SERVER_NAME sshd[12994]: User USER1 not allowed because account is

Hi. I have found a error of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords. I reported a same type of error to Mr. Miller when openssh-1.2.1pre23 was released. On our systems, our local machines have shadowed /etc/passwd (and /etc/shadow) and our NIS server distributes non-shadowed password of general users. We have to use

I have used SSHD from openssh-3.7.1p1 on HP-UX 11:11. It works correctly and the entry in the logfile is: Sep 24 07:01:20 garm sshd[6625]: Accepted password for japs from 192.38.97.131 port 2463 Next I have upgraded to openssh-3.7.1p2 and restarted SSHD. It does not accept the password any more and the entries in the logfile are: Sep 24 12:21:38 garm sshd[19542]: User japs not allowed because

After upgrading to openssh-3.4p1, password authentication is no longer working on my system. I'm running Linux RedHat 6.2 with: kernel 2.2.20 openssh-3.4p1 openssl-0.9.6 pam-0.72-6 pwdb-0.61-0 I've tried it with and without compression, with and without priv sep, and I always get errors like this: Jun 30 19:07:48 sugarfreejazz sshd[1344]: Failed password for randy from 10.10.10.2 port

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

How are people handling password expirations in (non-pam) openssh? I'm currently running a program in the various startup scripts that reports to the user when their password will expire and runs passwd if that date is getting close. How are other people dealing with this? Is anyone working on integrating password changing into openssh? Is doing so even desired, since it's fairly trivial

http://bugzilla.mindrot.org/show_bug.cgi?id=281 Summary: unable to authorize with local shadow password Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

I have installed OpenSSH on a RedHat 7.1. When I try to log on I get a 'connection closed' after I enter my password. What is wrong??? Here is the debug info: # /usr/sbin/sshd -ddd debug1: sshd version OpenSSH_3.5p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type

Greetings, complete debug below > -----Original Message----- > From: Ben Lindstrom [mailto:mouring at etoh.eviladmin.org] > Sent: 10 July 2003 03:32 > To: Vikash Badal - PCS > Cc: 'openssh-unix-dev at mindrot.org' > Subject: Re: OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + > PasswordAuthentication no + PermitEmptyPasswords yes (followup) > > > > Would be

Greetings, When PasswordAuthentication no + PermitEmptyPasswords yes SSH2 allows access to a passwordless account without a valid key. This is my patch: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ wormhole# diff -u auth2-none.c.old auth2-none.c --- auth2-none.c.old Thu Jul 17 06:23:24 2003 +++ auth2-none.c Thu Jul 17 06:44:42 2003 @@ -100,7 +100,9 @@ if (check_nt_auth(1,

Hi All. I (actually the tinderbox[1]) found a problem with the fix for bug #422: when PAM is enabled on a platform that uses /etc/shadow, the variable "passwd" in auth.c is used uninitialized. There's a simple patch attached to fix this. The question is: should the locked account test be done when PAM is enabled or should we rely on PAM to do the right thing? In theory they

Hi All. Attached is a patch which adds AIX native password expiry support to sshd. It will only apply to -current and is a subset of the patch I have been working on in the last few months (see bug #14 [1]). It contains code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported by many others (see [2] for a full list). It adds a do_tty_change_password function that execs

http://bugzilla.mindrot.org/show_bug.cgi?id=731 Summary: sshd terminates a session after a successful login Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org