similar to: Local Management via su or ssh ?

Displaying 20 results from an estimated 5000 matches similar to: "Local Management via su or ssh ?"

2001 May 20
4
ssh - NO SALE or NO GIVE ?
Thanks to everyone who has replied to my emails so far - to summarise: AIX allows setting of rlogin=false and and a su group, or a list of users that are permitted to "su" to root. ( or other functional ids ) This means with entries in /etc/ftpusers, it is possible to : 1/ Track who used root via sulog and or external logging 2/ Protect root even if the root password is compromised 3/
2001 Apr 26
2
Functionality bug (possibly) in openssh on AIX 4.3 (fwd)
Has anyone else running AIX tried this patch? I'm looking for feedback if it should be applied before we release 2.9p1. - Ben ---------- Forwarded message ---------- Date: Tue, 24 Apr 2001 17:22:02 -0800 (AKDT) From: mikem at alaska.net To: openssh-unix-dev at mindrot.org Subject: Functionality bug (possibly) in openssh on AIX 4.3 Hi Folks, While compiling and testing openssh-2.5.2p2 on
2001 May 22
1
ssh looks at rlogin=false only at startup
Very early on in what seems to be quite a hot debate sometimes, I pointed out that sshd only controls rlogin=false at its startup, and if it is changed, sshd simply ignores it ie: chuser rlogin=true root sshd chuser rlogin=false root Will result in sshd ACCEPTING login from root, ie it seems to only check at its startup - is this a bit like ulimit behavior where you need need to log out and in
2002 Jan 22
7
AIX reading /etc/environment out of step.
I was discussing with Don about a private topic..and while skimming the code I noticed that during a 'ssh mouring at site ls' the /etc/environment is *ONLY* read if the remote machine is an AIX box. This is undocumented and I'm wondering if someone using AIX could explain WHY it exists in the session.c:do_child()? No other OS has this. I don't see why AIX should require it.
2001 May 21
0
permitrootlogin=no does NOT help
Thanks for replying guys but: The problem I have is this: I cannot turn off telnetd and rlogind for all users in one day - they use rlogin=false for each user ie: chuser rlogin=false root Unfortunetely ssh does not allow access when this is set. I would like to use ssh at first just for root, and then for other users after testing etc. permitrootlogin is a ssh concept, not applicable to
2015 Feb 06
4
Creating users "on - the - fly"
I guess I didn't want to litter the users table either - it just seems "wrong" to be actually adding things to the host when it is really so transient. It feels like it should be LDAP-ish. Just ask the server for the keys and do a one-off authentication. But I've seen even LDAP creates the user directories. I see that 2.6 kernels can have some 4B users, which should last me a
2001 Dec 26
3
auth*.c
Folks, During testing, we found a couple of issues with openssh3.0.2p1: 1. In userauth_finish() in auth2.c (as well as in do_authloop in auth1.c), the foll. check: if (authctxt->failures++ > AUTH_FAIL_MAX) is never satisfied and thus packet_disconnect() never gets called. I suspect the code just drops out of the dispatch_run function list instead. This should be an == instead of >.
2002 Feb 01
3
3.0.2p1 under IRIX (coredumps)
Hello, I am unable to build a working OpenSSH 3.0.2p1 for IRIX 6.5 using either 1. gcc 2.95.3 + binutils 2.11.2 2. SGI MIPSpro cc, CC=cc, LD=/usr/bin/ld, CFLAGS='-mips3 -n32' Under both setups: - zlib seems to build fine - OpenSSL seems to build fine and tests out okay - OpenSSH builds, and then: openssh-3.0.2p1 % ./ssh -v myhost Trace/BPT/RangeErr/DivZero/Ovflow trap (core
2004 May 18
1
samba3.0.4 with FreeBSD
???????????? samba, I compile kerberos5 root@romanof2 : cd /usr/ports/security/krb5/ root@romanof2 : make && make install && make clean && rehash ------------------------------------------------------ This port of MIT Kerberos 5 includes remote login daemons (telnetd and klogind). These daemons default to using the system login program (/usr/bin/login). Please see the
2014 Nov 25
2
TELNENT TO LOCALHOST IN CENTOS 7
On Nov 24, 2014, at 3:46 PM, Warren Young <wyml at etr-usa.com> wrote: > Now compare telnet: always vulnerable, all the time, since the day it was created, before most of the people on this list were born: Technically, you can run kerberized (krb5) telnet/telnetd, and it's not quite as insecure as unkerberized telnet. The telnet protocol supports security measures, but most people
2006 Jun 30
1
OpenSSH public key problem with Solaris 10
Hi ya'll- I've got this odd openssh problem with Solaris 10 I was hoping someone could shed some light on. Not sure if it is a bug... Basically I'm trying to use pubkeys as an auth method, but am having issues. I can log in using passwords no problem, but as soon as it notices a matching public key it closes the connection. I ran the sshd server (on Solaris 10 box) in debug
2007 Apr 17
2
Samba sessions
Hi, We have implemented a new AIX 5.3, P55A using Samba...we have about 70 users online most of the day. We assign a particular Samba share to everyone when they login so it shows up in their Windows Explorer. Is it standard that we see so many "smbd" processes running when I do a "ps -ef"? Here is a portion of the output below. We have been experiencing lag at times
2001 Sep 27
1
AIX lastlog change?
Somewhere between 2.9p1 and 2.9.9p2 there was a change to auth2.c that removed the userauth_reply() function. There were a few lines of code in that function, #ifdef'd with WITH_AIXAUTHENTICATE, that handled the AIX method of lastlog type stuff (specifically, a loginsuccess() call). There is a similar call in auth1.c, down in do_authentication(), which is still there in 2.9.9p2. So with
2008 Oct 29
1
how to get rid of "kerberos"
Hi How to get rid of kerberos, or at least to prevent to go into path? Where is defined the path for users? I need to configure and use rtools (I know that I should use ssh, but I need rtools) and I think very annoying the messages from Kerberized rsh or rlogin, like this: -sh-3.2$ rsh kitten02 connect to address 192.168.89.2 port 543: Connection refused Trying krb4 rlogin... connect to
2003 Sep 16
1
3.6.1p1/SNAP-20030910, AIX & /etc/nologin (similar to bug #178)
I'm seeing a problem under AIX (4.3.3, 5.1, 5.2) very similar to bug #178. It occurs with both 3.6.1p1 and openssh-SNAP-20030910. If /etc/nologin is present, a session requesting a pty will hang, apparently when the sshd parent tries to close the pty slave. As in bug #178, adding a brief sleep to the child sshd anytime after the fork seems to clear up the problem (though I agree that this
2001 May 17
5
AIX SSH 2.x ssh and /etc/ftpusers rcp rlogin WRONG !
IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark
2003 Apr 23
2
Kerberized Telnet Badly Broken (Patch enclosed)
Ugh. With MAKE_KERBEROS5=yes, on a recent STABLE, I get the following trying to use Kerberized telnet: # telnet -l test big.x.kientzle.com Trying 66.166.149.54... Connected to big.x.kientzle.com. Escape character is '^]'. [ Trying mutual KERBEROS5 (host/big.x.kientzle.com@X.KIENTZLE.COM)... ] Bus error (core dumped) Fortunately, it's pretty easy to track down: (gdb) up #2
2007 Aug 15
9
OpenSSH 4.7: call for testing.
Hi All. OpenSSH 4.7 is preparing for release so we are asking for any interested folks to please test a snapshot. The main changes are: * sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. * The SSH channel window size has been increased, which improves performance on high-BDP networks. * ssh(1) and sshd(8) now preserve MAC
2007 Jan 14
2
merging two lists but get indexes
Suppose I have two columns of entries, how can I get the union of the two columns? Please note: I input my columns through excel. These entries have text format in excel. Also, out of curiosity, how can I find out the data type of a data frame ? > a <- read.csv("book1.csv") > a n1 n2 1 apple soda 2 orange apple 3 soda green 4 red yellow 5 white blue 6
2016 Dec 20
2
Request: Increasing MAX_NUM_DLLS in Rdynload.c
Thanks Henrik this is very helpful! I will try this out on our tests and see if gcDLLs() has a positive effect. mlr currently has tests broken down by learner type such as classification, regression, forecasting, clustering, etc.. There are 83 classifiers alone so even when loading and unloading across learner types we can still hit the MAX_NUM_DLLS error, meaning we'll have to break them