Displaying 20 results from an estimated 1300 matches similar to: "openssh-3.0p1, auth2.c"
2001 Sep 28
2
openssh-2.9p2, auth2.c
Even with option "HostbasedUsesNameFromPacketOnly yes", the trailing
dot in chost should be stripped before auth_rhosts2() is called from
hostbased_key_allowed().
Hans Werner Strube strube at physik3.gwdg.de
Drittes Physikalisches Institut, Univ. Goettingen
Buergerstr. 42-44, D-37073 Goettingen, Germany
Suggested change:
*** auth2.c.ORI Wed Apr 25 14:44:15 2001
---
2002 May 08
1
[PATCH] Strip trailing . when using HostbasedUsesNameFromPacketOnly
The following simple patch (against openssh-3.1) moves the test for a
trailing dot in the client-supplied hostname so that it is also stripped
when using the server option HostbasedUsesNameFromPacketOnly.
Please CC me on any replies, as I'm not subscribed to the list.
Cheers,
Bill Rugolsky
--- ssh/auth2.c~ Sun Feb 24 14:14:59 2002
+++ ssh/auth2.c Wed May 8 16:26:26 2002
@@ -709,15
2003 Sep 13
3
Trailing dot is not removed from client hostname if HostbasedUsesNameFromPacketOnly is yes
If HostbasedUsesNameFromPacketOnly is set to yes, sshd does not remove
the trailing dot from the client supplied hostname, causing sshd to
attempt to look up "foo.example.com." (note trailing period) in
known_hosts and .shosts instead of "foo.example.com"
Trivial patch attached.
--
Carson
-------------- next part --------------
An embedded and charset-unspecified text was
2005 Oct 06
1
Possible security problem in hostbased user authentication?
In auth2-hostbased.c, line #146
if (auth_rhosts2(pw, cuser, chost, chost) == 0)
^^^^^
shouldn't this be
if (auth_rhosts2(pw, cuser, chost, ipaddr) == 0)
^^^^^^
The code was found in 4.2.
Best regards,
Choung S.Park
2003 Feb 28
1
Hostbased Authentication Question
Hi,
I am still working on getting hostbased authentication working in
OpenSSH 3.5p1. I emailed the user list, and got no response. It seems so
simple, yet I have continued to have problems getting it working properly.
I've read posts about it on this list, and the openssh-unix-dev list, and
nothing I have tried seems to work. My question is this, does it matter
which key, either
2015 Jan 09
5
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
I run OpenSSH on linux
@ client
which ssh
/usr/local/bin/ssh
ssh -v
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
@ server
which sshd
/usr/local/bin/sshd
sshd -v
unknown option -- V
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
2002 Aug 07
0
[Bug 382] New: Privilege Separation breaks HostbasedAuthentication
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=382
Summary: Privilege Separation breaks HostbasedAuthentication
Product: Portable OpenSSH
Version: -current
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at
2002 Aug 01
0
[Bug 376] New: HostbasedAuthentication, followed snailbook but not working! :-(
http://bugzilla.mindrot.org/show_bug.cgi?id=376
Summary: HostbasedAuthentication, followed snailbook but not
working! :-(
Product: Portable OpenSSH
Version: -current
Platform: UltraSparc
URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-
2003 Feb 05
0
openssh 3.5p1 hostbased authentication
hello,
i did some debugging today, here is the weird portion form sshd -d -d -d
debug1: userauth-request for user jholland service ssh-connection method
hostbased
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser jholland chost i2-0. pkalg ssh-dss slen
55
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
2016 Feb 14
5
[Bug 2541] New: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c
https://bugzilla.mindrot.org/show_bug.cgi?id=2541
Bug ID: 2541
Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2
for auth1.c/auth2.c/auth2-hostbased.c
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
2001 Sep 28
3
openssh-2.9p2, short hostnames
For systems where the local hostname is obtained as a short name without
domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x
from ssh.com.
For the server, there might be a corresponding option in order to strip
the domain name from the remote client name (if it matches the server's
DefaultDomain) for use in auth_rhost2, since netgroups usually contain
short
2002 Jul 16
0
[Bug 356] New: 3.4p1 hostbased authentication between Linux and Solaris
http://bugzilla.mindrot.org/show_bug.cgi?id=356
Summary: 3.4p1 hostbased authentication between Linux and Solaris
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
2002 Jul 01
3
3.4p1: 'buffer_append_space: alloc 10506240 not supported'
I have been trying to install 3.4p1 on a number of machines.
Servers on ia64 Linux, i386 Linux and SPARC Solaris are all working
like charms. On the other hand, I am having trouble at least with
HPUX 11, DEC OSF 5.1 and Unixware: on all those systems, sshd bails
out after authentication with an error in buffer_append_space.
Here is the output of sshd -d on the UnixWare machine
(uname -a:
2002 Jan 10
1
OpenSSH 3.0.Xp1, AIX -> Sun trusted host problem
Hi, Folks ...
Apologies in advance for the length of this message, but I wanted to
be thorough, and provide as much info as I could. I'm trying to
figure out a problem in trusted-host authentication using AIX hosts
as clients, and a Sun host as the server; either I'm missing
something real obvious, or there might be a bug somewhere in some
piece of software involved here.
-- All of
2001 Oct 29
5
HostbasedAuthentication problem
I'm trying to use HostbasedAuthentication. Running ssh -v -v -v user at host
the following error occurs:
debug3: authmethod_is_enabled hostbased
debug1: next auth method to try is hostbased
debug2: userauth_hostbased: chost <host>
debug2: we did not send a packet, disable method
What does this mean ? I enabled HostbasedAuthentication in
/etc/ssh/ssh_config and as it looks, this setting
2010 May 26
2
hostbase authentication of hostcertificate
Dear All,
I am trying to use the hostcertificate to do the hostbaed authentication with the steps in the regress/cert-hostkey.sh
But it seems that it can not login with the hostcertificate.:
Here is debug message from the ssh client :
ssh -2 -oUserKnownHostsFile=/opt/ssh/etc/known_hosts-cert \
> -oGlobalKnownHostsFile=/opt/ssh/etc/known_hosts-cert sshia3 -p 1111 -vvv
debug1: checking
2015 Jan 09
5
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
Hi,
On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote:
> My ssh_config has
> Host *
> HostbasedAuthentication yes
> EnableSSHKeysign yes
> NoHostAuthenticationForLocalhost yes
>
> NoHostAuthenticationForLocalhost is not necessary.
> The one you are missing is EnableSSHKeysign.
>
> Additionally, you made no mention of your ssh_known_hosts files. Make
> sure
2023 Oct 22
1
Host name lookup failure using hostbased authentication
There is a nasty problem when using hostbased authentication:
[thomas at sarkovy ~]$ journalctl -l -f | grep -Fe 'sshd['
Okt 22 15:20:54 sarkovy sshd[35034]: userauth_hostbased mismatch: client
sends htpc.koeller.dyndns.org, but we resolve 192.168.0.2 to 192.168.0.2
Okt 22 15:20:54 sarkovy sshd[35034]: Connection closed by authenticating
user thomas 192.168.0.2 port 36284 [preauth]
^C
2001 Jun 04
1
[PATCH]: Add check_ntsec to ownership/mode tests
Hi,
I have added calls to `check_ntsec()' to the code which checks
for the ownership and modes of identity files and directories.
As you might know, check_ntsec() tests if owner/modes are
supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem
(FAT/FAT32=no, NTFS=yes) and the current Cygwin settings
(ntea/ntsec).
Corinna
Index: auth-rhosts.c
2003 Oct 08
4
OS/390 openssh
Hello Steve, Hello OpenSSH-portable developers,
I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe
operating system, and I noticed you do the same for OS/390.
Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2
or some such), I thought it was fair enough to help with a little
co-operation; we might come up with a unified EBCDIC patch which could
be contributed to