Displaying 20 results from an estimated 2000 matches similar to: "permitrootlogin=no does NOT help"
2001 May 22
1
ssh looks at rlogin=false only at startup
Very early on in what seems to be quite a hot debate sometimes, I pointed
out that sshd only controls rlogin=false at its startup, and if it is
changed, sshd simply ignores it ie:
chuser rlogin=true root
sshd
chuser rlogin=false root
Will result in sshd ACCEPTING login from root, ie it seems to only check at
its startup - is this a bit like ulimit behavior where you need need to log
out and in
2001 May 20
4
ssh - NO SALE or NO GIVE ?
Thanks to everyone who has replied to my emails so far - to summarise:
AIX allows setting of rlogin=false and and a su group, or a list of users
that are permitted to "su" to root. ( or other functional ids )
This means with entries in /etc/ftpusers, it is possible to :
1/ Track who used root via sulog and or external logging
2/ Protect root even if the root password is compromised
3/
2001 Jun 02
4
authorized_keys2 directory idea
Hi,
In a mail about two weeks ago, I brought up an idea:
---
How SSH makes this easier is that you only have to sync the
authorized_keys2 database to root account's .ssh/ every time new admin
comes in/leaves the house. This can even be automatized rather easily. A
more modular hack would be using authorized_keys2 _directory_, and the
keys in there would all be counted as authorized. Thus
2008 Jun 24
1
rsh issue/update (access denied)...
hi...
i've got an "access denied" issue with rsh on one of my boxes (and before we
start, no "use ssh" comments.. rsh is what i'm dealing with for now!!)
i've got a few boxes in my network, and i can successfully rsh into them
with no issue. however, on one box, i can't access it using rsh, and i'm
running out of things to try... kind of curious.
i can
2002 Mar 09
1
smbd and login scripts
Hello
I've two strange problems:
- smbd
I've attached you my smb.conf, inetd.conf and my log file. Sometimes smbd and
nmbd run and somtimes only nmbd run (I check it with ps -ax). But I have
access over my shares (I test it with my Win95 machine). Also in my log
file there're some error messages (I don't now from where the came).
- login scripts
My scripts won't run but if
2001 May 21
1
Local Management via su or ssh ?
ssh could give us:
1/ Centrally managed keys and access
2/ No more user accounts in wheel groups lying around various systems
3/ Standard tracking with logging to a server via syslogd.
4/ Passwords managed centrally via pass phrases instead of passwords on
every machine.
As far as not using root is concerned, all for it, but I am just trying to
get some sort of control over root now. sudo etc
2006 Jun 30
1
OpenSSH public key problem with Solaris 10
Hi ya'll-
I've got this odd openssh problem with Solaris 10 I was hoping someone
could shed some light on. Not sure if it is a bug... Basically I'm
trying to use pubkeys as an auth method, but am having issues. I can
log in using passwords no problem, but as soon as it notices a matching
public key it closes the connection. I ran the sshd server (on Solaris
10 box) in debug
2000 Oct 06
0
FreeBSD Security Advisory: FreeBSD-SA-00:52.tcp-iss
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SA-00:52 Security Advisory
FreeBSD, Inc.
Topic: TCP uses weak initial sequence numbers
Category: core
Module: kernel
Announced: 2000-10-06
2001 May 17
5
AIX SSH 2.x ssh and /etc/ftpusers rcp rlogin WRONG !
IF ssh is a replacement for rlogin,rsh etc I can accept it respecting
rlogin=false as rlogin does and rsh does not, however scp is a replacement
for rcp, and rcp does NOT use rlogin attribute, so the implementation is
NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented.
thanks
mark
2002 Aug 22
7
[Bug 383] PublicKeyAuthentication failure when rlogin set to false
http://bugzilla.mindrot.org/show_bug.cgi?id=383
------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 -------
what does "rlogin set to false" mean?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2007 Jan 02
1
Getting host keys with samba
I have samba working find against our windows 2000/3 network under
solaris 9/10. Users can attach to samba using the Kerberos credentials
on their windows XP PCs.
I would now like to kerberise the unix applications. Statring with the
supplied Sun rlogind, telnetd, etc.
As I understand things I now need to have a host key on the end systems.
Will samba's net ads keytab create do
2004 May 18
1
samba3.0.4 with FreeBSD
???????????? samba,
I compile kerberos5
root@romanof2 : cd /usr/ports/security/krb5/
root@romanof2 : make && make install && make clean && rehash
------------------------------------------------------
This port of MIT Kerberos 5 includes remote login
daemons (telnetd and klogind). These daemons default
to using the system login program (/usr/bin/login).
Please see the
2015 Mar 01
0
[Bug 1284] allow sftp when rlogin=false
https://bugzilla.mindrot.org/show_bug.cgi?id=1284
Michael Felt <aixtools at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aixtools at gmail.com
--- Comment #1 from Michael Felt <aixtools at gmail.com> ---
Just thought it could be
2007 Mar 24
0
openpty() and AIX
I'm not on this mailing list so please make sure that I'm listed in
any replies.
There seems to be a basic flaw in either AIX pty's or many Linux
applications and sshd falls into this category.
sshd has a routine called openpty and it looks like ssh's version
mimics the version in Linux. (I'm not sure where openpty comes from
-- I'm assuming Linux.) The key to
2013 Mar 25
1
Bug#703936: logcheck-database: SSH Bad Protocol Version Idenitifcation Rule is incomplete
Package: logcheck-database
Version: 1.3.13
Severity: normal
The rule for SSH ignoring "Bad protocol version identification" assumes there are no single quotes
inside the version string ('[^']'). I am however getting mails including those lines:
Mar 25 22:57:04 Debian-60-squeeze-64-minimal sshd[12144]: Bad protocol version identification
2010 May 25
1
Bug#583155: logcheck-database: Please create rules for amavis(d-new)
Package: logcheck-database
Version: 1.3.8
Severity: wishlist
HI,
can you please create a rule/some rules for amavis(d-new).
I get for every mail this mesage:
May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \
<aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \
Hits:
2011 Jul 02
1
Bug#632471: logcheck-database: spamd child cleanup message broken after upgrade to squeeze
Package: logcheck-database
Version: 1.3.13
Severity: normal
Tags: patch
After upgrading to debian squeeze I get several messages a day in the form of:
Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0
This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0
2005 Mar 09
0
Samba 3.0.11 on AIX 4.3
Hi All,
Pls has anyone successfully installed Samba 3 on an AIX 4.3 (RS6000)
system? The only precompiled binary I was able to find - v 3.0.4 from
bullfreeware.com did not work after installation. I haven't been
successful
trying to install it from source. I have downloaded various requisite
programs such as kerberos (which won't compile either) and openldap.
I am particularly
2014 Feb 27
0
AIX WINBIND ISSUES
All,
I am having a winbind module load error on aix 7.1 trying to load winbind
module for 3.6.0.
methods.cfg
WINBIND:
program_64 = /usr/lib/security/WINBIND_64
(have tried authonly here)
NIS:
program = /usr/lib/security/NIS
program_64 = /usr/lib/security/NIS_64
DCE:
program = /usr/lib/security/DCE
[root] on [barrow] on [/rehash/samba-3.6.0] {932}
2014 Feb 27
0
AIX 7.1 Winbind Module Load Issues
All,
I am having a winbind module load error on aix 7.1 trying to load
winbind module for 3.6.0.
methods.cfg
WINBIND:
program_64 = /usr/lib/security/WINBIND_64
(have tried authonly here)
NIS:
program = /usr/lib/security/NIS
program_64 = /usr/lib/security/NIS_64
DCE:
program = /usr/lib/security/DCE
[root] on [barrow] on [/rehash/samba-3.6.0] {932}