similar to: Handling of password & account expirations

BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable

http://bugzilla.mindrot.org/show_bug.cgi?id=109 ------- Additional Comments From stevesk at pobox.com 2002-03-31 05:06 ------- i'm not sure. can someone dup and debug this? can you still dup with 3.1p1? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

OpenSSH's UseLogin option allows remote access with root privilege. 1. Systems affected: The default installation of OpenSSH is not vulnerable, since UseLogin defaults to 'no'. However, if UseLogin is enabled, all versions of OpenSSH prior to 2.1.1 are affected. 2. Description: If the UseLogin option is enabled the OpenSSH server (sshd)

Greetings, In order to use solaris's BSM (Basic security module) also called c2 audit, which logs specific kernel calls depending on your audit_control, I would need to use login(1) to log users exec calls and whatnot because Portable OpenSSH does not have <bsm/audit.h> support, now that would mean I would have to enable Uselogin in sshd_config in order for that to work. I am running

Hello, By the 26th of May I will have been waiting for response for 17 days. I have posted this mail at 9 May 2001 20:38:58 and still this bug is not fixed and AFAIK no one have answered to this mail. I have to ask: why? ;-) ---------- My OLD message ---------- Hello, I have just discoverd that ssh -T does not work with servers which have UseLogin option enabled. This happends becouse

Hello, in the BSD Authentication system the login script can request environment variables to be set/unset. The call to auth_close() in auth-passwd.c does change the current environment, but those changes are lost for the child environment. It would be really useful to add some kind of mechanism to get those changes into the child environment. I've added two possible solutions. Both

I just cobbled up a little patch to add support for OPIE to OpenSSH. Currently untested, but feedback is welcome. Wichert. -- _________________________________________________________________ / Nothing is fool-proof to a sufficiently talented fool \ | wichert at cistron.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250

We have had another instance of this..... since I am forwarding to other lists, "this" involves a lost file, due to accidental deletion. in this case, we had a backup, but from the backup time, till deletion time, a lot of data had been lost. So, we have not enough disk space to do hourly backups, novell allowed recovery of a lost file like this, so: is there a filesystem that we

Currently under solaris 8 with a fairly generic build: CC="cc" ./configure \ --prefix=/opt/openssh \ --sysconfdir=/var/ssh \ --with-rsh=/usr/local/etc/rsh \ --with-ipv4-default \ --with-ssl-dir=/usr/local/ssl \ --with-ipaddr-display \ --with-pam \ --with-pid-dir=/var/ssh cron will quit working since ssh hasn't

-- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work) ---------- Forwarded message ---------- Date: Fri, 9 Jun 2000 17:06:30 +0200 From: Markus Friedl <markus.friedl at informatik.uni-erlangen.de> To: BUGTRAQ at SECURITYFOCUS.COM, misc at openbsd.org,

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the

A while back, I posted to the freebsd-questions list about a problem I was having getting custom MAIL environment variable settings in /etc/login.conf to take. Something had happened between FreeBSD 3.3 and 4.2 that caused MAIL to always be set to /var/mail/$USER. It turns out this was a problem with the sshd configuration. The problem was apparently related to the fact OpenSSH's sshd is now

I'm running OpenSSH 3.4 and have the situation that some users want to allow password authentication into their accounts and some explicitly want to disallow password authentication. Is this possible? I wasn't able to come up with a way looking through ssh_config and sshd_config, as well as some FAQs. It seems the problem is that there is no scoping of directives in sshd_config, thus

Hello, I tried UseLogin, because ssh does not seem to propagate the tty controlling characters from the local to the remote tty and the login(1) on my system offers a config file to set them. Unfortunately, when using UseLogin, sshd does not run xauth. I can only guess that it does so, because it would have to drop privileges for doing so, but that makes UseLogin about useless. I am not

I'm still a bit confused as to how control-d is interpreted in ssh vs telnet. The only thing I can figure is that telnet traps control-d as User_Exit or USER_Logout and ssh interprets it as EOF. If EOF is triggered, then the auditing subsystem doesnt care. The 'logout' command is only affected if you are NOT logged into the console. ==================== test_citi:/root # grep

http://bugzilla.mindrot.org/show_bug.cgi?id=378 Summary: sshd does not update utmp/utmpx records correctly when "UseLogin" feature on Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2

I noticed that (perhaps because ':' is invalid in a username) you can say ssh -l user:style host, where the "user:style" is sent by the client, and the server strips the ":style" part off and makes it available as part of the authentication context. It's currently unused. What are the plans for this, if any? I was experimenting with the idea of using it with SRP

https://bugzilla.mindrot.org/show_bug.cgi?id=378 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |djm at mindrot.org, |

I sent to samba list, with the wrong e-mail account, so it never made it... Any help with this is appreciated. Barry Smoke District Network Administrator Bryant Public Schools -----Forwarded Message----- > From: Steve Langasek <vorlon@dodds.net> > To: k12osn@redhat.com > Cc: lrlug-discuss@lrlug.org, samba@lists.samba.org > Subject: [Samba] Re: [K12OSN] Re:

https://bugzilla.mindrot.org/show_bug.cgi?id=1284 Michael Felt <aixtools at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aixtools at gmail.com --- Comment #1 from Michael Felt <aixtools at gmail.com> --- Just thought it could be