similar to: Kerberos / PAM bug in OpenSSH CVS

Adrian Baugh wrote: > > Hi, > I'm using the Linux port of OpenSSH 1.2-pre15. > One of my users complained of not being able to log in using password > authentication but being able to log in okay using RSA authentication. > I set up the server in debug mode and got the following for RSA > authentication (usernames, machine names and IPs obfuscated): I think I have found

BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable

http://bugzilla.mindrot.org/show_bug.cgi?id=170 Summary: Double free() and heap corruption when krb4 auth fails Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

I remember a discussion to the effect that using DSA keys in sshd increases the requirement for random bits available on the system... and that this requirement (was it a 128 bit random number per connection?) presents security problems on systems that don't have a decent source of entropy? Am I misinterpreting those discussions? We are having a problem deploying sshd (no prngd) where sshd

I have a few patches for AIX. The patchfile is attached below. The patch has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25, with openssl-0.94, using RSAref. 1) authenticate support - this function allows the system to determine authentification. Whatever the system allows for login, authenticate will too. It doesn't matter whether it is AFS, DFS, SecureID, local.

Hi, I would like to report a bug in OpenSSH-1.2.2 (release) under Linux. Under certain conditions the sshd client process segfaults while doing the password authentification. I have observed the behaviour with glibc 2.0.7 (non-PAM), glibc 2.1.1 (PAM) and glibc 2.1.2 (PAM), when 'RhostsRSAAuthentication yes' is chosen in sshd_config. It appears to happen regardless whether PAM is used or

I believe auth-rhosts.c, function check_rhosts_file(), contains a bug that shows up when doing host-based authentication where the client_user name is not the same as the server_user name. Line 76 reads: strlcpy(userbuf, server_user, sizeof(userbuf)); I believe it should read: strlcpy(userbuf, client_user, sizeof(userbuf)); Otherwise later in the function this test will fail: /* Verify that

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

What is autom4te.cache/ and why is it in the snapshot?

Hello - I am trying to use scp (openssh_3.0), but every time I run it, I get the following error: stty: Not a typewriter When I run it with -v , it shows that authentication (pub key) succeeds, but it fails to read the file. If anybody has a clue as to what's going on here, any help will be appreciated. Thanks. Tariq tariq.lahyani at aa.com

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

Cf. http://seclists.org/fulldisclosure/2008/Jul/0090.html This Mrdkaaa character claims to have exploited this, but does not say how. The issue is that if do_pam_account() fails, do_authloop() will call packet_disconnect() with loginmsg as the format string (classic printf(foo) instead of printf("%s", foo) bug). The stuff that do_authloop() appends to loginmsg is harmless (the user

Folks, During testing, we found a couple of issues with openssh3.0.2p1: 1. In userauth_finish() in auth2.c (as well as in do_authloop in auth1.c), the foll. check: if (authctxt->failures++ > AUTH_FAIL_MAX) is never satisfied and thus packet_disconnect() never gets called. I suspect the code just drops out of the dispatch_run function list instead. This should be an == instead of >.

Hi, I work on openssh-2.9p2 installed on LynxOS i386 system. sshd, ssh, scp and sftp-server all work fine. The problem is sftp client, in interactive mode, exits after authentication printing the sftp prompt. sftp client works fine in non-interactive mode. i.e., lynxos>sftp hari at linuxsystem:test works fine But, lynxos>sftp hari at linuxsystem ... sftp> lynxos> Any help, as to why

Hi, OpenSSH 2.9p2 behaves differently with 'PermitRootLogin without-password' than does SSH 2.2.27 with 'PermitRootLogin nopwd': nopython.imorgan 153> ssh root at sun523 root at sun523's password: ROOT LOGIN REFUSED FROM nopython.nas.nasa.gov nopython.imorgan 154> ssh root at sun566 root at sun566's password: Permission denied. In the case of OpenSSH, you simply

It appears that "fixpaths" has "/usr/bin/perl" hard-coded in. This causes make to fail immediately after running configure. Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key

Hi, I've compiled openssh 3.0p1 (portable) on an openbsd 2.6 machine, compile goes fine however the sshd deamon will not start: > [usura at outpost]:/tmp/openssh-3.0p1 {28}$ ./sshd -p 3333 > bad addr or host: 0.0.0.0 (name or service is not known) > > [usura at outpost]:/tmp/openssh-3.0p1 {29}$ ./sshd -4 -p 3333 > bad addr or host: 0.0.0.0 (name or service is not known) >