similar to: Disabling Password-based auth? (was RE: recent breakins)

Crap. I hit send too fast. Last sentence in first paragraph should have read "no completely secure way" for authentication to be passed-- because the agent-based forwarding program could have been compromised as well--except for the cases already mentioned such as SRP and RSAAuth where the auth. information is better protected. Even if the SF server had been capable of forwarding the

>From http://www.apache.org/info/20010519-hack.html: "The ssh client at SourceForge had been compromised to log outgoing names and passwords, so the cracker was thus able get a shell on apache.org." user's ssh --> SF's ssh --> apache.org's sshd So basically the user's password was entered in the clear to an untrusted program (SF's ssh). Never mind that

The trojaned ssh client is nothing new to the hacker community, and the statement in the previous thread claiming "This type of man-in-the-middle attack (trojaned ssh) is not theoretical anymore, and password authentication is broken." is an example of how many poeple still think "hacking" is something very difficult and nothing short of a genius is required to make the

Hai Mark, I see the bugreport for this is still untouched. https://bugzilla.samba.org/show_bug.cgi?id=11998 Is vfs_full_audit not an option? with %I you can log the IP address of the client machine. But i dont know if that wil work of if vfs_full_audit hase that option. With something like this. full_audit:prefix = %u|%I|%m|%S full_audit:failure = connect full_audit:success = connect

-----Original Message----- From: Loomis, Rip Sent: Tuesday, 19 June, 2001 09:10 To: 'geoff at raye.com' Subject: RE: poor permissions on ssh binary Geoff-- You stated that you consider it "a poor choice of permissions" to install the ssh binary as mode 0711. Since it will run perfectly with even more restrictive permissions (we typically install it mode 0511 here), what is

This may have been asked before, but I can't find it. I am getting repeated external attempted to log into our AD/DC (running Samba 4.4.14). In /var/log/samba/log.samba I get entried like: 2017/09/19 05:02:25.562957, 2] ../source4/auth/ntlm/auth.c:430(auth_check_password_recv) auth_check_password_recv: sam_ignoredomain authentication for user [HPRS\333] FAILED with error

On Tue, 2017-09-19 at 17:02 +0200, L.P.H. van Belle via samba wrote: > Hai Mark, > > I see the bugreport for this is still untouched. > https://bugzilla.samba.org/show_bug.cgi?id=11998 I've closed that bug now. Extensive work has been done to add this feature to Samba 4.7, due out this week: https://wiki.samba.org/index.php/Setting_up_Audit_Logging Two new debug classes,

On 3/14/06, David Holroyd <ruby-talk@badgers-in-foil.co.uk> wrote: > On Wed, Mar 15, 2006 at 02:23:04AM +0900, Mauricio Fernandez wrote: > > On Tue, Mar 14, 2006 at 09:27:14AM +0900, David Holroyd wrote: > > > On Wed, Mar 01, 2006 at 01:31:11AM +0900, Mauricio Fernandez wrote: > > > > Source code, additional information, screenshots... available at > >

Samba 2.0.7, NT WS 4.0 sp6, Slackware 7.0 (glibc 2.1.2), linux kernel 2.2.15 with crypto patch patch-int-2.2.14.1. Samba configured/compiled with the following switches: --with-smbmount --with-syslog Most of the time writing to, or copying from samba shares, hangs, then fails. Trying to copy scrt303.exe from HOMES share to NT box, smbstatus reports: Samba version 2.0.7 Service uid

Joyce-- > I did not install /www/gzip.org/zlib because I assumed that I > probably have that, since I have gunzip.... gunzip being present doesn't usually mean that zlib is present, but you might actually have zlib. Look for a libz.a in /usr/local/lib (or appropriate other directory structure depending on where gunzip is on your system...) > Openssh compiled but I kept receiving

Samba gives read_socket_data: recv failure for 4 when trying to write or read with NT4 WS, why? Samba 2.0.7, NT WS 4.0 sp6, Slackware 7.0 (glibc 2.1.2), linux kernel 2.2.15 with crypto patch patch-int-2.2.14.1. Samba configured/compiled with the following switches: --with-smbmount --with-syslog Most of the time writing to, or copying from samba shares, hangs, then fails. Trying to copy

Hello! My name is Egor Rukhvadze. I'm looking for a job in US as a UNIX/FreeBSD system administrator and/or network administrator that lets me utilize my experience in an Internet Service Providing (ISP). Name: Egor M. Rukhvadze. Birthday: April 13 1973. Contacts: Phone number: home +7 (095) 126-41-84 (8AM-1PM PST or 8AM-4PM EST). Cell: +7 (903) 792-31-53 e-mail: gara@mail.ru ICQ#

Aloha Jiwen (I used to get kama'aina discounts, but no longer)-- First, you didn't tell us what OpenSSH source code version you're trying to compile. Without that info there are any number of possible problems--so I'll assume (for now) that you're using the latest released portable version of OpenSSH. Please reply with specific version info. The fact that things are blowing

This is to announce the availability of SRP (Secure Remote Password) support for OpenSSH. A tarball is available on Tripod: http://members.tripod.com/professor_tom/archives/ http://members.tripod.com/professor_tom/archives/openssh-2.5.2p2-srp5.tar.gz (Note: Tripod requires you to LEFT click on links to download files.) To install, unpack, configure --with-srp, and make install, then create an

The way things are now, input_userauth_request() calls the authmethod, and then does a bunch of checks, like the special case for root. If an authmethod requires a challenge-response conversation, these checks are skipped, unless they are duplicated by the authmethod. For example, in auth2-chall.c, some of the code is duplicated (logging, sending the reply), but the root special case is skipped.

Does anybody use openbsd-compat/vis.c? Not at the moment I think: % find . -name '*.[ch]' -exec grep -l "vis *(" {} \; ./openbsd-compat/vis.c ./openbsd-compat/vis.h % find . -name '*.[ch]' -exec grep -l VIS_ {} \; ./includes.h ./openbsd-compat/vis.c ./openbsd-compat/vis.h The reason I ask is, AT&T's graphviz package includes a vis.h, and when I try to compile

I was having a discussion with a MS person about the performance of NT. I got this reply: ---------- Forwarded message ---------- By the way, I looked into that claim that Linux could outperform NT server, and my source claimed that the test was done on different hardware (i.e. it was rigged) and that Linux still loses to NT on equivalent HW, although "it has gotten closer." Do you

The latest snapshot (20020324) fails to compile here. Linux 2.4.18-rc1 Alpha The first messages are: monitor_wrap.c: In function `mm_request_receive': monitor_wrap.c:91: warning: int format, different type arg (arg 3) monitor_wrap.c:100: warning: int format, different type arg (arg 3) which have to do with fatal() calls and int not being the same as ssize_t... But the next one is the

On Sun, 29 Apr 2001, RJ Atkinson wrote: > At 06:26 27/04/01, Tom Wu wrote: > >For those of you who were following the discussion about the new draft > >and implementation of SRP-based password authentication in OpenSSH, I > >promised to have Stanford issue the IETF an official, explicit, > >statement reiterating the unencumbered royalty-free licensing terms. > >The

I noticed that (perhaps because ':' is invalid in a username) you can say ssh -l user:style host, where the "user:style" is sent by the client, and the server strips the ":style" part off and makes it available as part of the authentication context. It's currently unused. What are the plans for this, if any? I was experimenting with the idea of using it with SRP