similar to: 2.9p1?? core dump in auth_log

Displaying 20 results from an estimated 3000 matches similar to: "2.9p1?? core dump in auth_log"

2001 Nov 08
2
logging of root logins
On Thu, Nov 08, 2001 at 01:59:25PM +0100, Arthur de Jong wrote: > root and warthur both have user id 0. Sorry, I should have made that > clearer. They both have different passwords and rsa keys and I would like > to be able to make the distinction in the logs. Currently ssh only logs > that a ROOT user has logged in, not which one. hm, i don't think uid sharing is a standard unix
2001 Apr 25
2
Makefile.in diff against CVS to prevent man/config rebuild every make
Bug: all .out files get rebuilt every make. This is silly, and breaks make install if root cannot write to your build dir. Fix: add dependancy check sop .out files only get rebuilt if the source file changes FixBug: if any source file gets changed, all .out files get rebuilt. This is because man pages and config files both get .out extensions but get created differently. It's
2001 Apr 25
1
Once more, with diffs... (configure.in aclocal.m4 patch against CVS)
The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths
2001 Apr 25
6
Updated partial auth patch against CVS
Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the
2001 Apr 25
0
Corrected Makefile.in diff
I attached a broken diff to my last mail. This one actually works. Sorry for the brain-o's tonight... -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body -------------- next part -------------- A non-text attachment was scrubbed... Name: makediff Type: application/octet-stream Size: 3569 bytes Desc: not available Url :
2002 Jul 30
0
patch: disable credential forwarding after password auth.
Dear list, since the order of authentication and AFS token/KRB TGT forwarding changed (around 3.0), we have had problems with users accidentally overwriting their credentials from a "password" login with forwarded credentials. E.g. user A logs in as user B, but stays with the AFS permissions of user A. A workaround is to use "-k" on these sessions, but "it worked without
2003 Jul 05
0
[PATCH] Replace AIX loginmsg with generic Buffer loginmsg
Hi All. I've decided to try to merge the -Portable parts of the password expiry patch (see bug #14) that do not depend on the OpenBSD change in bug #463. The attached patch is the first step in this process. It removes the AIX-specific "char *aixloginmsg" and replaces it with a platform-neutral "Buffer loginmsg". I think this is worth having in -Portable even if it
2001 Jun 15
1
EOL problem with channels.h in CVS
channels.h from today's CVS has MS-DOS ^M end-of-line chars. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body
2001 Jun 15
1
Patch for stdout/stderr buffer flush write() handling
The attached patch against today's CVS improves write() error handling and logging in clientloop.c when flushing stdout/stderr. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body -------------- next part -------------- A non-text attachment was scrubbed... Name: clientloop.c.diff Type: application/octet-stream Size: 966 bytes Desc: not available Url :
2006 Feb 12
1
sshd double-logging
Hi all. As Corinna pointed out, there are some cases where sshd will log some authentications twice when privsep=yes. This can happen on any platform although it seems most obvious on the ones that don't do post-auth privsep. It also occurs when sshd logs to stderr (eg running under daemontools) or when you have a /dev/log in the privsep chroot. The patch below attempts to solve this for
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
Hi, the following patch fixes a potential security hole in the Cygwin version of sshd. If you're logging in to a Cygwin sshd with version 2 protocol using an arbitrary user name which is not in /etc/passwd, the forked sshd which is handling this connection crashes with a segmentation violation. The client side encounters an immediate disconnect ("Connection reset by peer").
2001 Apr 25
0
configure.in aclocal.m4 patch against CVS
The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths
2001 Apr 25
0
Minor bug in HostbasedAuthentication
When using "HostbasedUsesNameFromPacketOnly yes", the ssh client sends the hostname with a trailing dot, but the server does not strip off the trailing dot when matching against .shosts et. al., or when looking up keys in ssh_known_hosts2. This causes the host to not be found. Adding the hostname with trailing dot to the config files "fixes" this, but I think sshd should
2001 Apr 25
0
Case study of new possibilities with PartialAuth and HostbasedAuth
Finally all the pieces are in place to allow strong user and host authentication with SSH2 and the latest OpenSSH code (plus my partial auth patch). Herein I describe one problem case, and a possible solution thereof. Target: Allow user logins from host charles to host steve using passwords Previously, you would have had to trust the IP headers to authenticate charles. If charles had a
2006 Sep 14
3
[PATCH] PermitRootLogin woes
Hi all, among other things, we provide shell access to various unix based platforms for our students and university staff. Recently, there has been increasing number of root login attacks on one particular Tru64 machine running OpenSSH. The host is configured with "PermitRootLogin no" but every once in a while SIA auth with TCB enhanced security locks the root account. I suppose
2003 Jan 27
1
[PATCH] Creation of record_failed_login() in sshlogin.c
Hi All, I've been poking around various parts of the auth code for a while. Some platforms support failed login counters and it occurs to me that there's as few too many instances of: #ifdef [PLATFORM] if (authenticated == 0 && strcmp(method, "password") == 0) some_login_failure_func(); #endif The attached patch creates a record_failed_login() function in
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required
2001 Nov 09
0
AIX lastlog change
Hi David, I'm sure loginfailed(..) should be called immediately after authenticate(..) returned an error. It is directly related to an invalid password try. (Please see my attached mail from May 2001 to the list). I'm not so sure when loginsuccess(..) should be called (setting the loginfailed counter to zero): Either 1) when somebody logs in successfully using all kinds of valid
2002 Mar 14
0
OpenSSH vs AIX 4.3.3 => 5.1 utmp patch
The patch below follows changes in AIX utmp handling made between AIX 4.3.3 and 5.1. With it, utmp entries are properly recorded again. The patch applies to OpenSSH 3.1p1, and seems to work fine. The co-worker who sent me the patch hasn't tested backwards compatibility on AIX 4.3.3 systems. Richard ------- *** openssh-2.9.9p2/auth-passwd.c.org Tue Jul 3 23:21:15 2001 ---
2016 Feb 18
3
Call for testing: OpenSSH 7.2
On 2/17/16 6:02 PM, Darren Tucker wrote: > On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote: > [...] >> Is there a sane way to run just one test script? LTESTS can't be overridden >> AFAIK... > > make t-exec LTESTS=testname > > where testname is the name of the specific test script without the .sh > extension. Nope, that runs