similar to: New password echoes on Sol8

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for

In do_pam_cleanup_proc(), there are 3 calls to PAM: 1) pam_close_session() - do lastlog stuff 2) pam_setcred(PAM_DELETE_CRED) - delete credentials 3) pam_end() - close PAM It appears that pam_setcred() always fails with the error PAM_PERM_DENIED. This is due to a check done pam_unix.so to not allow a caller with euid 0 to even try to delete their SECURE_RPC credentials. When sshd calls

When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users noticed that it did not honor password expiration consistently with other Solaris login services. The patch below is against OpenSSH 2.2.0p1 and adds support for PAM password changes on expiration via pam_chauthtok(). A brief summary of changes: auth-pam.c: * change declaration of pamh to "static pam_handle_t *pamh",

I've been doing so more tests with 2.9.9p2 on Sol8. Here are my finding so far: When a user needs to change his password and trys to run a command in non-interactive mode, it just succeeds without even trying to prompt the user for a new password. Damien submitted a fix - it works for me (is it going into CVS?). When a user needs to change his password and trys to login in interactive

Hi, I'm sorry if this has already come up on the list, I did a quick search of the archive and didn't notice it. I noticed IMHO strange behavior in read_passphrase: If readpassphrase returns NULL and sets errno to ENOTTY, then read_passphrase returns an empty passphrase to the caller instead of error, now what happens with password authentication is that if readpassphrase fails every

http://bugzilla.mindrot.org/show_bug.cgi?id=230 ------- Additional Comments From krh at lemniscate.net 2002-04-29 10:53 ------- I should add that I also have PrintMotd off so that the motd is printed only once, and yes, I am connecting with the SSH 2 protocol. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Sorry; here's the message I sent with the Keychain Patch yesterday. I didn't realize that the list wouldn't extract the text parts of the message. Enjoy. Hey all, Here's the patch to let SSH store passwords in the Mac OS X Keychain. I don't know whether you guys want to include it or not with the distribution; some people have said that since Keychain is not an open

http://bugzilla.mindrot.org/show_bug.cgi?id=377 Summary: Reduce compiler warnings. Use unsigned args to the ctype.h is*() macros. Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: trivial Priority: P2 Component: Miscellaneous

https://bugzilla.mindrot.org/show_bug.cgi?id=1590 Summary: ^C is not supported in sftp Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: sftp AssignedTo: unassigned-bugs at mindrot.org ReportedBy: jg at jguk.org I

https://bugzilla.mindrot.org/show_bug.cgi?id=2539 Bug ID: 2539 Summary: Add missing sanity check for read_passphrase() in auth-pam.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: PAM support

If I change openbsd-compt/readpassphrase.c and type "make" from the top-level, nothing happens. I have to remove openbsd-compat/libopenbsd-compat.a to get "make" to do its thing. Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key

http://bugzilla.mindrot.org/show_bug.cgi?id=234 Summary: OpenSSH does not compile on OpenBSD 3.1 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: OpenBSD Status: NEW Severity: normal Priority: P1 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

Under Samba 2.2.4 (and possibly earlier), smbpasswd (when run locally) only really reads the first 8 characters, as opposed to the full password. Obviously, this can cause mass confusion. :) The fix is pretty simple (I would offer a diff, but this is the kind of thing the configure script should check for...) - under Solaris getpass() will only return 8 characters - you must use getpassphrase()

Dear developpers, I'm using OpenSSH_2.9p1 with prngd on my Sony NEWS-OS 4.2.1R. NEWS-OS 4.x is based on 4.3BSD and lack of many POSIX and ANSI features. Today I tried to make the latest openssh_cvs and got the following error, gcc -g -O2 -Wall -O -I. -I.. -I. -I./.. -I/usr/local/ssl/include -DHAVE_CONFIG_H -c readpassphrase.c readpassphrase.c: In function `readpassphrase':

hi, using sol8 sparc platform with recommended patch set from sun. dloaded/installed rsync and popt(prerequsite) from sunfreeware.com (bin for sol8 sparc) # pkgadd -d ./popt-1.7-sol8-sparc-local all # pkgadd -d ./rsync-2.5.6-sol8-sparc-local all Problem : can rsync locally but cannot rsync over network ; can rcp over network can rsync locally : oracle@sys2:/apps/oracle/dba> touch

Hi all, Where could I get souce code for samba-2.2.8a-1-sol8-suncc-64bit.pkg, I checked in samba.org but I just found pacakage( samba-2.2.8a-1-sol8-suncc-64bit.pkg). Thanks, Madhavi

In OpenSSH 3.6.1p2, pam_open_session() ran with a conversation function, do_pam_conversation(), that fed text to the client. In OpenSSH 3.7.1p2, this is no longer the case: session modules run with a conversation function that just returns PAM_CONV_ERR. This means that simple session modules whose job involves printing text on the user's terminal no longer work: pam_lastlog, pam_mail, and

with the following pam.conf entries, after being prompted for a login password the connection is closed: other auth sufficient /usr/lib/security/$ISA/pam_krb5.so.1 other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass the system logs the error: sshd[4215]: fatal: input_userauth_info_response_pam: no authentication context if the pam.conf entry is changed to the

The usual suspects: Solaris 8 gcc 2.95.2 perl 5.60 egd 0.7 openssl 0.95.a openssh 1.2.3 # egd.pl /etc/entropy --- It works the first few minutes and then just stops working. OpenSSH connections started still work, ssh just hangs with a new connection. I've even tried --bottomless; no joy. 0.6 and Solaris 7 worked great. I'm going to try the /dev/random that was mentioned before. Any

Hi All, I'm seeing the same problem reported by Don Cooley on 3/30/01. Compiling OpenSSH 2.5.2p2 on Solaris 8, sun4u, 64bit using Sun's Forte 6 C compiler (-xarch=v9 option), /usr/ccs/bin/make and OpenSSL-0.9.6. RSA keygen works, DSA fails with Bus Error. I already had DSA keys generated on my test machine that were generated with Openssh-2.3.0p1 and trying to start the 2.5.2p2 sshd daemon