similar to: pam_ssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:09.pam_ssh Security Advisory The FreeBSD Project Topic: pam_ssh improperly grants access when user account has unencrypted SSH private keys

I have a shell user who is able to login to his accounts via sshd on FreeBSD 8.2 using any password. The user had a .ssh/id_rsa and .ssh/id_rsa.pub key pair without a password but nullok was not specified, so I think this should be considered a bug. During diagnosis, /etc/pam.d/sshd was configured for authentication using: ------------- auth required pam_ssh.so

Hello! We experienced crashes of the dovecot-auth process during user verification with pam_ssh. After a little debugging I saw that pam_ssh and dovecot both provide a buffer_free() function. During cleanup of pam_ssh the buffer_free() from dovecot was called. The members of the buffer had all "out of bound" addresses. After rename the buffer_free() in dovecot the pam login works

OpenSSH 7.3 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that

On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that

Hi, This mail is a request for vendors who have integrated OpenSSH into their products or devices to step up and provide some financial assistance back to the project. Please note that this request is intended for *vendors* - our individual userbase already helps us in every appropriate way. You may have noticed a similar request for OpenSSH/OpenBSD funding made by Marco Peereboom in this last

Hi, This mail is a request for vendors who have integrated OpenSSH into their products or devices to step up and provide some financial assistance back to the project. Please note that this request is intended for *vendors* - our individual userbase already helps us in every appropriate way. You may have noticed a similar request for OpenSSH/OpenBSD funding made by Marco Peereboom in this last

I am having problems upgrading samba 3.0.36 to 3.3.7. I have a working installation of Samba 3.0.36 on FreeBSD 7.2 amd64, configured as a domain member in a 2003 AD, running in native mode. Domain controllers have Services for Unix 3.5 installed and I am using idmap backend with SFU schema mode. I have enclosed my configuration files and compile options further down. When I upgrade to version

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A couple of silly errors, and one dangerous bug were in the pre26 release. This release corrects them. http://violet.ibs.com.au/openssh/files/openssh-1.2.1pre27.tar.gz If you want RPMs or any of the other files, please use a mirror: http://violet.ibs.com.au/openssh/files/MIRRORS.html Changes: - Using __snprintf is *NOT SAFE* on old Solaris.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A couple of silly errors, and one dangerous bug were in the pre26 release. This release corrects them. http://violet.ibs.com.au/openssh/files/openssh-1.2.1pre27.tar.gz If you want RPMs or any of the other files, please use a mirror: http://violet.ibs.com.au/openssh/files/MIRRORS.html Changes: - Using __snprintf is *NOT SAFE* on old Solaris.

I'm setting up a freebsd server which will authenticate against an Active Directory I mean: the server will NOT have any local users (except mandatory and minimum required for management and configuration) and will authenticate requests for login and access FOR EVERY SERVICE against an Active Directory Server I have configured the samba service and currently I can login to local terminal,

A colleague was having trouble running OpenSSH 3.3p on his server. He, like many of us, has been clobbered by the mighty security penis of Theo De Raadt into enabling "privsep". But on some Linux 2.2 kernels, this is broken. Apparantly, OpenSSH "portable" relies on non-POSIX compliant mmap() features. Making the mmap() call in monitor_mm.c look something like this:

xdm is the classic X11 Display Manager, using the Athena Widgets toolkit. While it lacks in support for accessibility, internationalization, or other modern features, it is still used in some sites for historical reasons. This release collects 7 years worth of bug fixes and code cleanups, including the fix for CVE-2013-2179 that was previously distributed as a patch against the prior release.

Hi list, Sorry for the cros-post, I'm not sure which list is better for me as I got a question related to samba, configuration, FreeBSD. I'm trying to configure NT authentication on FreeBSD 5.4 with Samba 3.0.12 (installed form the ports collection). I've folowed the Samba 3 howto I've managed the following : wbinfo -g returns correctly the domain groups wbinfo -u returns all

Hi list, Sorry for the cros-post, I'm not sure which list is better for me as I got a question related to samba, configuration, FreeBSD. I'm trying to configure NT authentication on FreeBSD 5.4 with Samba 3.0.12 (installed form the ports collection). I've folowed the Samba 3 howto I've managed the following : wbinfo -g returns correctly the domain groups wbinfo -u returns all

I'm running samba 2.5 on a FreeBSD box using winbind to do authentication with my PDC/BDC. I'm able to configure shares that everyone on the NT network can access but when I configure private shares (only 1 or 2 users have access to) the users get prompted for a username and password and are not allowed access. What am I doing wrong? Below I have included a copy of my smb.conf and pam.conf

I've built a domain member. It works pretty good with the exception that I want on-the-fly home directories being built. I'm not sure this is doable with a domain member as everything I've tried isn't even called - as far as I can tell. Using log level 3. If anyone can shed light on how to dynamically create home directories, that'd be great. anyway, here's my

Just a warning and a call to action: Theo de Raadt has convinced me to remove SOCKS support from our port of OpenSSH. His argument is that it can be easily and generically implemented as a ProxyCommand. This fits with my desire to keep our divergences from the OpenBSD codebase to a minimum. This looks like a few hours work (for someone more familiar the SOCKS API that I). It is basically a

OpenSSH 3.6.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. This is a release of the Portable version only. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes