similar to: lastlog on Solaris with PAM (patch included)

on hp-ux 11 i see: $ date;ssh jenny Fri Oct 12 14:44:13 PDT 2001 Last successful login for stevesk: Fri Oct 12 10:45:42 PST8PDT 2001 on pts/2 Last unsuccessful login for stevesk: Mon Sep 24 22:55:53 PST8PDT 2001 Last login: Fri Oct 12 10:45:43 2001 from 172.31.1.53 You have mail. so solaris PAM is different. can other solaris+PAM users confirm this? On Fri, 12 Oct 2001, Benn Oshrin wrote:

I'm using openssh 2.5.2p2 on Solaris-x86 2.6. I ran into a couple problems when I set UseLogin to "yes": The big one seems to have been reported before: login refuses to run without a utmpx entry. This problem appears to have been caused by the changes in revision 1.24 of session.c. Before this revision, the record_login() function was always called, no matter how UseLogin was

I'm using OpenSSH-2.9.9p2 on Solaris 8 sparc64. 2.9p2 worked fine, but 2.9.9p2+ is giving me trouble with one thing - sshd segfaults if I try to connect and execute a command, such as "ssh machine ls". Otherwise it works great. sshd will fork, and the child process segfaults. CVS snapshot does the same thing. I've narrowed this down somewhat. It will only happen if you use

Hi while testing a new pam module i found this problem: System: Linux 2.4.18/OpenSSH 3.8p1 client/server The output from do_login() in session.c (motd, lastlog, stored pam messages) isn't displayed when Privilege Separation is enabled. I added a fflush(stdout) as the last line of do_login(), now it works. Frank

Okay, here is a fixed version of the patch I sent before for fixing the problems I know about with Digital Unix SIA: displaying too much info (MOTD, last login, etc.) when access is denied, and the loss of the error message sometimes when access is denied. It does break some code out of do_login into a couple of separate functions. I did this to avoid duplicating the code in a couple of places.

-- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message ---------- Date: Tue, 14 Nov 2000 16:33:18 +0100 From: System

http://bugzilla.mindrot.org/show_bug.cgi?id=87 Summary: Last logon that gets reported upon login is the current login time Product: Portable OpenSSH Version: 3.0.2p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

heres a fix for pam support im openssh, inline and attached.. openssh calls do_pam_session early, before a fork(). it does this on the proc still running as root, so it checks the users limits, against what root has running, and depending on limits can fail at the fork() (and almost always does). this patch moves it past the fork. ive been running it for a couple of weeks and everything seems

okay, i reversed that patch out and solaris 7 still works fine with pam... devon ----- Original Message ----- From: <mouring at etoh.eviladmin.org> To: <devon at admin2.gisnetworks.com> Sent: Thursday, February 22, 2001 10:43 AM Subject: Re: Solaris and Latest snapshot (2001-02-21) (fwd) > > > ---------- Forwarded message ---------- > Date: Wed, 21 Feb 2001 17:54:19

Attached is the latest version of my UseLogin patch that makes "UseLogin true" work on Solaris and UNICOS. As usual, I have provided configure.in changes that set the appropriate defines for Solaris, but I have not provided the configure.in changes for UNICOS (since they would be incomplete, and Wendy is working on this). This version fixes a problem with the last-login time always

I was having problems getting the UseLogin option to work on Solaris. I would recieve this error: No utmpx entry. You must exec "login" from the lowest level "shell". This led me to believe that Solaris login wants a utmpx entry in order to function. I put together a patch that calls record_login on Solaris when using the system login. I also noticed that writing a wtmpx

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I am not sure if this is the correct place to ask these question, if I am at the wrong place please advise. I am currently working on some modifications to openssh which record the users rsa/dsa identity comment file to a log file when the user logs in (password authentication is disabled). The ssh1 portion of the modification works

I've attached two patches. The first just changes the output of "ssh -V" to print that it was built against rsaref if libRSAglue (which is built as part of openssl only when it is built against rsaref) is present at build-time. The second adds appropriate calls to pam_setcred() in sshd. Without them, our systems can't access AFS because the PAM modules only get tokens at a

I'm fairly new to the list and new to submitting patches. Can someone please verify the attached patch for running a HP-UX Trusted System with PAM and OpenSSH 3.4p1? The problem seemed to be that pam couldn't verify the user via __pamh after the call to permanently_set_uid in session.c. So I called do_pam_session prior to the call and added a function do_pam_set_tty in order to set the

http://bugzilla.mindrot.org/show_bug.cgi?id=419 Summary: HP-UX PAM problems with 3.5p1 Product: Portable OpenSSH Version: -current Platform: HPPA OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

Hi All. Attached is a patch that implements password expiry with PAM and privsep. It works by passing a descriptor to the tty to the monitor, which sets up a child with that tty as stdin/stdout/stderr, then runs chauthtok(). No setuid helpers. I used some parts of Michael Steffens' patch (bugid #423) to make it work on HP-UX. It's still rough but it works. Tested on Solaris 8 and

For root sessions pam_open_session is called, but not pam_close_session. sshd behavior is broken for root logins because if pam session is run from the child, close is never called due to exec: on open since use_privsep is not set, parent calls do_exec_pty(), which does not open session. then, it skips calling do_setusercontext(), so it does not open session. child calls

Hello All. Attached is an update to my previous patch to make do_pam_chauthtok and privsep play nicely together. First, a question: does anybody care about these or the password expiration patches? Anyway, the "PRIVSEP(do_pam_hauthtok())" has been moved to just after the pty has been allocated but before it's made the controlling tty. This allows the child running chauthtok to

i haven't heard of problems with configure/lastlog on 10.20. i'll copy the development list as there are folks there who use 10.20. On Thu, 6 Sep 2001, Jesse Caldwell wrote: :one last problem with openssh -- building openssh on HPUX 10.20 fails :on loginrec.c (i don't have the errors handy but i would be more than :happy to recreate them). i get the same error with 2.9p2 and 9/6/2001

Hello all, I'd greatly appreciate a patch that will stop PAM mucking around after I log in with a Kerberos 4 ticket and forward an AFS ticket (KTH Kerberos 1.1.1 used for libkrb/libkafs). The trouble is, I need pam_krb4, so that folks, who log in with without tickets using tunnelled plaintext password, would get Kerberos 4 tickets for the box. I rebuilt sshd without PAM in order to verify