similar to: AFS and tokenforwarding

Hello, I going to use ssh with Kerberos V5 support along with support for AFS. I don't want to use Kerberos V4 or AFS token passing. The only thing I need from AFS is creating an AFS token (using appropriate function from krb5 API) after user's authentication. It seems to me that such scenario is not much supported by the current code. Rather it is assumed only Kerberos 4 will be used

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

Hi! I've noticed that openssh always does a do_setpag() if compiled with AFS-support no matter which authentication method is used. Maybe I'm missing something but shouldn't it only get a pag, if AFS-token-passing is used? If password authentication is used, an AFS-pam-module (or the authenticate function on AIX) will do the job, otherwise, no token can be obtained and therefore no

While rototilling packet.c, I did some looking at cipher_encrypt in cipher.c. It ends up that for SSH_CIPHER_NONE in cipher_encrypt, it uses memcpy. However, it also appears that dest and src can be equal in cipher_encrypt. On most sane libc implementations, memcpy == memmove. However, ANSI C makes no such guarantee, and some implementations out there are bound to try to optimize memcpy

https://bugzilla.mindrot.org/show_bug.cgi?id=1844 drzraf <raphael.droz+floss at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |raphael.droz+floss at gmail.co | |m -- You are receiving this

https://bugs.freedesktop.org/show_bug.cgi?id=55258 Priority: medium Bug ID: 55258 Assignee: nouveau at lists.freedesktop.org Summary: nouveau failure on resume (reloc wait_idle failed) QA Contact: xorg-team at lists.x.org Severity: normal Classification: Unclassified OS: All Reporter: mr.dash.four at

I setup some IPSEC between 2 networks. From 1 network I can ping the other networks local connection but not anything beyond that. Network A - 10.0.1.1 (loc) 23.23.23.23 (net) Network B - 10.0.2.1 (loc) 44.44.44.44 (net) I''m on local machine 10.0.1.10 on network A, I can ping 10.0.2.1 but I cannot ping a machine on that network ex. 10.0.2.200. I was thinking it probally has to do

Hello all, I tried to connect to the server that supports protocol 1: # ssh -1 -o "cipher none" remotehost <No valid SSH1 cipher, using 3des instead> As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage. try_challenge_response_authentication() { .... if (options.cipher == SSH_CIPHER_NONE)

Hi, the following patch to cipher.c enables OpenSSH 3.9.1 to compile on IRIX 5.3 with the native IDO cc: --- cipher.c.orig 2004-10-17 12:04:10.000000000 +0200 +++ cipher.c 2004-10-17 13:43:22.000000000 +0200 @@ -76,15 +76,15 @@ u_int key_len; const EVP_CIPHER *(*evptype)(void); } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0,

OpenSSH 3.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support to the project, especially those who contributed source and bought T-shirts or

https://bugs.freedesktop.org/show_bug.cgi?id=46557 Bug #: 46557 Summary: nouveau: nv40 display corruption in framebuffer and X lockups unless nouveau.noaccel=1 Classification: Unclassified Product: xorg Version: git Platform: x86-64 (AMD64) OS/Version: Linux (All) Status: NEW Severity:

Enclosed is a patch against 2.2.0p1 that teaches ssh (and therefore slogin and scp) how to invoke ssh-askpass to request a password, RSA/DSA key passphrase, or an skey challenge response. I've tested this on Linux (i386), for passwords and RSA/DSA key passphrases. I cannot easily test whether the Right Thing will happen for skey challenge responses; I would appreciate it if someone who uses

Alan Coopersmith (2): Update README for gitlab migration Update configure.ac bug URL for gitlab migration Alexander Bersenev (1): Fix the FIXME in XIValuatorClass case of copy_classes function in XExtInt.c Emil Velikov (1): autogen.sh: use quoted string variables Jeff Smith (1): _XIPassiveGrabDevice needs to set time value Matt Turner (2): Replace open-coded

Hello *, i have some problems to compile/configure OpenSSH on SunOS 5.5.1 with AFS. See the attachment for the compile environment. The programs compile fine and token passing is without problems. Unfortunately it is not possible to login without a valid token (`Permission denied.'). There is following message in the syslog: Kerberos v4 TGT for ... unverifiable: Principal unknown

Dear list, since the order of authentication and AFS token/KRB TGT forwarding changed (around 3.0), we have had problems with users accidentally overwriting their credentials from a "password" login with forwarded credentials. E.g. user A logs in as user B, but stays with the AFS permissions of user A. A workaround is to use "-k" on these sessions, but "it worked without

http://bugzilla.mindrot.org/show_bug.cgi?id=371 Summary: OpenSSH fails to build on Alpha True64 in cipher.c Product: Portable OpenSSH Version: -current Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

Hey All, Found a very minor problem with client implementation of KerberosTgtPassing command line flag in ssh.c (first diff). We also made some readability patches to the config files and manpages to make the option clearer (the remainder of the diffs). diffs are against -current Index: ssh.c =================================================================== RCS file:

https://bugs.freedesktop.org/show_bug.cgi?id=71620 Priority: medium Bug ID: 71620 Assignee: nouveau at lists.freedesktop.org Summary: nouveau_fence_wait_uevent NULL pointer dereference Severity: normal Classification: Unclassified OS: Linux (All) Reporter: kdatanasov at gmail.com Hardware: x86-64 (AMD64)