similar to: change in rhosts-rsa behavior

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

Hello all, I'm not quite sure what has changed in the recent rsh commands, but I can't seem to get around the password promting. I need a clnk rsh between two machines in order to run my backup script. I added all the usual .rhosts with the proper permissions et al added the xinetd.d confilg files, opened ports 543 and 544 in my firewall, yet when I use the rsh commands, I get either a

IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark

Has ANYONE been able to verify that Rhosts authentication works with 3.4.p1? Does it work with other SSHv2 implementations? Anybody tried it on a RedHat 7.3 system? Also, I'm curious about this code I found in sshd.c: /* * Check that the connection comes from a privileged port. * Rhosts-Authentication only makes sense from priviledged * programs. Of course, if

Hi, How to use hosts.equiv and .rhosts in samba and can you please send me an example of them ____________________________________________ Mohammed Al-Shabib Baker <http://www.bakerhughes.com/> Hughes.com Tel. (+973) 586000 Fax (+973) 580626 P.O. box 18199, Manama, Bahrain My <mailto:Mohammed.Al-Shabib@bakerhughes.com> E-Mail Baker Hughes Geoscience

I've installed OpenSSH 2.9p1 on Solaris 2.7 and I am trying to get rhost authentication working. Something appears to be wrong with the client side as I can do rhost auth with a ssh1.2.27 client. Any help would be appreciated. /opt/openssh-2.9p1/etc/ssh_config is: ForwardX11 yes RhostsAuthentication yes /opt/openssh-2.9p1/etc/sshd_config is: Port 22 IgnoreRhosts no StrictModes yes

I simply cannot get use rhosts = yes to work; whether I have security set to user or share it will only work if I have the share set to public (and then it maps to the guest user). I do have .rhosts files set up with proper permissions and ownership; I can post details but if this isn't supposed to work anymore there's no point.

hi... i've got an "access denied" issue with rsh on one of my boxes (and before we start, no "use ssh" comments.. rsh is what i'm dealing with for now!!) i've got a few boxes in my network, and i can successfully rsh into them with no issue. however, on one box, i can't access it using rsh, and i'm running out of things to try... kind of curious. i can

Hi, According to ChangeLog someone "(bal)" removed -{enable/disable}-suid-ssh from configure (dating from 2002/06/07). Don't know the reason, probably this has something to do with PrivilegeSeparation. Consequence is: Users with UID != 0 are no longer able to allocate privileged ports, sshd answers "Rhosts Authentication disabled, originating port will not be

I have done some experimenting but if am incorrect I would like someone to correct me. I am trying to run multiple streams so what I have created additional directories such as mrock24, mRock64, and mRock128 in the '/etc/ices' directory . In these directories I have placed new conf files and playlist files respectively streaming 24, 64, and 128. These directories are also the name of the

Anyone, HELP!!!!!!!!!!!!!! I currently installed openssh-2.9p2 on SunOS 5.7 and 5.8. From the very moment that start to ssh out I get "Rhosts Authentication disabled ;the originating ip will not be trusted". I 've put "Useprivileged yes " in the ssh_config file, but then the ssh complains that there is a bad config line. Can some one tell me what is going on and how can I

Hi, I have discovered a bug in the rhost module of Linux-PAM-0.57. This bug leads to a vulnerability in the remote login authentication, with the effect that ordinary user accounts may not be password protected. There is only one case when the bug causes a vulnerability: The problem case is when the user''s .rhost file has the name of a machine with *more than one IP address* as the

I found this problem when working with the Suse9.1 distribution, but have since reproduced it with a vanilla build of Openssh (openssh-3.9p1.tar.gz). Basically I cannot get a command like this: XXXX>ssh -vvv -1 -o "RhostsAuthentication yes" AAAA to work. Yes the appropriate settings are in the servers sshd_config file. Hostbased protocol 1 ssh using rhosts between computers is

I have a ssh enabled server and client machine (we'll call them "server" and "client" respectively...) They both have proper RSA and DSA keys,using protocol version 2 works fine between them. (so ssh itself and the network is working fine) However, I want to get something that will work with rsync without having to manually enter passwords, passphrases, or enter such

hello, I'm also developing a ssh application in java and I also got stuck with DH-Key Exchange. I just get to the SSH_MSG_KEXDH_REPLY from the server. But what is he expecting me to send then, as far as I understand the Transport Layer Protcol I should send the SSH_MSG_NEWKEYS message, but that doesn't work. Does anyone know what to send then? (the hint from Markus Friedl with kexdh.c

Hi, yesterday I upgraded Dovecot from 1.2 to 2.0.11. I'd seen that there was a config file converter to make the upgrade smooth so was expecting it to be pretty quick and easy. In the end I spent a long time trying to get it working as it just wouldn't listen on the ssl ports, imaps and pop3s. I am using per portocol SSL certificates, as I was in version 1.2. The part of my

Hi. To compartmentalize things a bit (e.g., to help limit the damage should one of my machines be hacked and my private RSA keys stolen) I use different RSA key pairs on my different client machines. So it occurs to me that it would be nice if ssh could log which key was used when logging in to a particular account that has more than one entry in .ssh/authorized_keys. Right now it simply says

Following Situation: Having an intranet-application that needs to know the ip-Address of the clients before running. Clients anywere in the Internet with any ip-address. So I thought about using masquerading the opposite way than normal. But then anybody could use this application. Dos anybody know how to make it a little bit more secure, like proofing the mac-address of the client, or something

On Thu, 3 Nov 2016 08:13:53 +0100, Ralph Böhme via samba <samba at lists.samba.org> wrote: > On Thu, Nov 03, 2016 at 05:34:21PM +1100, Martin Schwenke via samba wrote: > > If you lock the file from a client attached to 1 node and > > "smbstatus -L" shows the lock from all the nodes then CTDB is doing > > what it is meant to. That is, it makes sure that Samba

OpenSSH still has this feature, SSH-1.2.27 no longer has it. Admittedly it can be useful sometimes, even though I'd prefer this to be done using a trivial shell wrapper, which would be the UNIX way of doing things. Not being able to call OpenSSH's ssh by another name (say ``ssh1'') can get in the way when having to maintain two versions of ssh in parallel because the ``ssh ->