similar to: Securid revisited

When comparing SSH 1.2.27 with OpenSSH 2.5.1 I see that the SecurID code/patch is not in OpenSSH 2.5.1. I'm not sure how or why that happened. Upon looking through the OpenSSH 2.5.1 source, I think I could fairly easily provide a 'SecurID Authentication Method' patch (which would rely on -DHAVE_SECURID, -I/blah/securid/include, and -L/blah/securid/lib... /blah/securid being a

Hello all, I looked long and hard for SecurID support for OpenSSH and I have not found it. So, I spent a few hours today and added SecurID authentication support into OpenSSH. Specifically the 2.2.0p1 portability release. I have beat on it for several hours and it seems to work just fine. I don't know if anyone would find these patches useful or not... I also don't know if the

Hello all, new version of SecurID patch is available on http://sweb.cz/v_t_m/ The new version of the patch is extended with "shared logins" possibility. It means that SecurID token can be used to login to an account shared by several persons. This cannot be solved using ACE server standard means. This patch depends on the AuthSelection patch (http://sweb.cz/v_t_m). After applying

I've been through the archive, and not found anything conclusive, except for a problem report of sorts from Theo E. Schlossnag (who has a set of patches for SecurID integration). I'm about to replace some ssh 1.2.26 (I know!) installations with OpenSSH 2.5.1p2, on Solaris 2.6 sparc boxes, and we use SecurID tokens for these boxes. I've compiled up OpenSSH 2.5.1p2 with --with-pam,

> Hello > I complied openssh like this "./configure --with-pam" and I did configure > /etc/pam.conf as follows > # PAM configuration > # > # Authentication management > # > sshd auth required /lib/security/pam_securid.so reserve > sftp auth required /lib/security/pam_securid.so reserve > # > login auth required

What are the chances of getting the SecurID patch integrated into OpenSSH? I think I asked before and was told that it could be done with PAM, but I (and others) are not satisfied with the PAM support. This "tight" integration seems to work much better. If not, I'll just sit on my rogue patches :-( -- Theo Schlossnagle 1024D/A8EBCF8F/13BD 8C08 6BE2 629A 527E 2DC2 72C2 AD05 A8EB

http://bugzilla.mindrot.org/show_bug.cgi?id=966 Summary: Will OpenSSH integrates SecurId ? Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hello Theo, > > > Could you let me know where this test patch would be available. > > > > Try: > > http://www.omniti.com/~jesus/SecurID/ > > > > -- Regarding your patch, did you continue the integration (mainly: Handle PIN creation and changing ...)? Do you foreseen to transport it in new release 2.3.0p1? Kind regards, Joel

currently we don't support secure id. On Mon, Oct 01, 2001 at 03:13:10PM +0000, Quick, Edward T wrote: > Hi, > > I'm not sure if this is just the ftp site I downloaded from or not, but the SecurID.diff file (that goes under the contrib directory) on the new openssh2.9.9p2 distribution seems to be missing. > > Regards, > > Edward.

Hello all, SecurID authentication for OpenSSH 3.6.1p1 is now available at http://sweb.cz/v_t_m/ Vaclav ______________________________________________________________________ Reklama: P?iprav se na nejp???ern?j?? z??itek v ?ivot? na http://ad2.seznam.cz/redir.cgi?instance=46466%26url=http://www.priserky.cz

On Fri, May 11, 2001 at 04:26:57PM -0400, Ault, James R (CRD) wrote: > I was reading the changelog from version 2.9 that was recently released, and I coudln't help noticing > this item: > > from openssh changelog: > > - markus at cvs.openbsd.org 2001/04/17 12:55:04 > [channels.c ssh.c] > undo socks5 and https support since they are not really used and >

Hello all, I have made SecurID authentication for OpenSSH 3.6.1p2. This patch was totaly rewritten, so please test it before use. Kbd-int authentication is now integrated into challenge response auth. Privsep is now fully suported. PS: What do you think of selective access to the individual authentications, similar to AllowGroups/DenyGroups or maybe AllowUsers/DenyUsers ? Vaclav Tomec

I was reading this SecurID patch to openssh-3.1p1, List: openssh-unix-dev Subject: =?iso-8859-2?Q?SecurID=20support=20for=20OpenSSH?= From: =?iso-8859-2?Q?V=E1clav=20Tomec?= <v_t_m at seznam.cz> Date: 2002-03-25 14:53:34 and think I've found a copy bugs, the patch for which is included below. First there's a an #ifdef'd if-statement which applies to

Hi, I would like to do some development on the securid patch to get it to display the passcode prompt when users log in with securid on ssh. Can anyone tell me which scripts currently handle the logon/password prompt in openssh please? Thanks, JS. _________________________________________________________________ Join the world?s largest e-mail service with MSN Hotmail.

I have received many queries as to the status of the SecurID patch for openssh 3.4. I finally found some time in my schedule to port and test. The integrated SecurID patches for OpenSSH version 3.4p1 are now available at the same old place: http://www.omniti.com/~jesus/projects/ The porting effort included moving all auth code to the new privilege separation model. Enjoy. -- Theo

Hello, I've redone Theo Schlossnagle's SecurID patches for openssh to support the ACE 5.0 API. The new API takes advantage of two-step authentication and multithreaded support. If anyone is interested, please let me know. I've tried contacting Theo for him to incorporate it, but haven't received any respose yet. Note that Theo's patch includes a "AllowNonSecurID"

Hi, I have the securID patch applied to openssh3.4p-1 and it's compiled with pam. The problem I'm getting is that SecurID auth works OK, but normal password auth doesn't. I narrowed down the failure to the following section in auth-pam.c : __pampasswd = password; pamstate = INITIAL_LOGIN; pam_retval = do_pam_authenticate( options.permit_empty_passwd ==

Hello all, the new versions of AuthSelection and SecurID patches are available for OpenSSH 3.8p1. securid-1 at ssh.com authentication was removed. I've made the logging patch too, it is based on sftplogging patch with some modifications and mainly !! scp logging !! is added. Look at: http://sweb.cz/v_t_m/ Vaclav ____________________________________________________________ Obchodn? d?m.cz

I am attempting to get our RSA SecurID tokens working in CentOS: http://www.rsa.com/node.aspx?id=1177 Has anyone had any experience with this? I know CentOS is not supported but one would think that it could be easily implemented... Here's the error I'm receiving: May 13 10:26:21 sshd[1662]: @(#)RSA Authentication Agent 5.3 for PAM [263] May 13 10:26:21 sshd[1662]: Entered

If I were going to do this, I would probably try moving to a Windows 200x AD domain controller, and implementing RSA SecurID on that machine. I have not worked with other OTP solutions. As far as I understand, if Samba is configured as a domain controller, it expects to be able to handle the authentication itself. OTP is , in my opinion, most valuable when you are exposing resources to the