similar to: X.509 for verifying host keys

Displaying 20 results from an estimated 11000 matches similar to: "X.509 for verifying host keys"

2001 Oct 26
2
Expired passwords on Solaris with PAM
I've been doing so more tests with 2.9.9p2 on Sol8. Here are my finding so far: When a user needs to change his password and trys to run a command in non-interactive mode, it just succeeds without even trying to prompt the user for a new password. Damien submitted a fix - it works for me (is it going into CVS?). When a user needs to change his password and trys to login in interactive
2001 Oct 25
3
PAM conversation stuff
Okay, I'm confused again. They way you guys are talking about the conversation routine, it would seem that you think it is a way to fetch something from the user - like a new password. Is this possible? Does calling pam_chauthtok() cause the underlying pam_sm_chauthtok() eventually print something on stdout and read a new password from stdin (the socket to the client) using the conversation
2001 Oct 08
1
FAQ 3.10
I'm having trouble getting any sort of work-around for 3.10 on Solaris 8 with Sun's tcsh. I've tried using "hup" to correct it but to no avail. This problem wasn't present with ssh version 1 - it just seem to work. Now we get all kinds of abandoned ssh processes lying around that have to be manually killed. Does anyone know if there is going to be a fix for this problem
2001 Oct 31
2
Problem compiling 2.9.9p2 on Sol 2.6
It appears that "fixpaths" has "/usr/bin/perl" hard-coded in. This causes make to fail immediately after running configure. Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
2001 Nov 27
1
Problem connecting to v2.9.9p2 on Solaris 8
I ran into a weird problem yesterday where Putty can't connect to my OpenSSH/Sol box (and still can't ever since). On the Putty side I get the error message: "internal fault: chaos in SSH 2 transport layer" I've attached the "sshd -d -d -d" syslog output. Any ideas what's going wrong here? From a layman's point of view, it would appear that Putty and
2001 Nov 08
2
sshd can't change expired password on Sol8 with Openssh3.0p1 + PAM
The reason I ask about the patches is because I think the problem you're seeing might actually be a bug in pam_unix.so.1 - it's something to try at least. We don't use password aging and we don't use the "passwd" command to change passwords, so we haven't run into this at our site even though we probably don't have pam_unix.so patched up. Also, the passwd
2001 Nov 15
2
X11 cookies and forwarding
I'm guess I wasn't following the whole cookies discussion completely (putting cookies in /tmp to avoid putting them on NFS, etc.), but I noticed today that with 2.9.9p2, if I use "ssh -X" to start a shell on the server, in that shell XAUTHORITY is set to /tmp/ssh-XXXXXXXX/cookies and there are cookies placed there there. These are the "fake" cookies for the
2001 Nov 06
1
Solaris 7 changing password via PAM reply
Hi, Sorry no core dumps, the sshd programme is perfectly happy just fails to consider changing the password. Cheers, Martyn -----Original Message----- From: Ed Phillips [mailto:ed at UDel.Edu] Sent: 06 November 2001 18:38 To: Roberts,M,Martyn,IVLH4 C Cc: openssh-unix-dev Subject: Re: Solaris 7 changing password via PAM On Tue, 6 Nov 2001 martyn.a.roberts at bt.com wrote: > Date: Tue, 6
2001 Oct 26
1
PAM session cleanup on Sol8 with v2.9.9p2
In do_pam_cleanup_proc(), there are 3 calls to PAM: 1) pam_close_session() - do lastlog stuff 2) pam_setcred(PAM_DELETE_CRED) - delete credentials 3) pam_end() - close PAM It appears that pam_setcred() always fails with the error PAM_PERM_DENIED. This is due to a check done pam_unix.so to not allow a caller with euid 0 to even try to delete their SECURE_RPC credentials. When sshd calls
2001 Oct 19
1
TCP wrappers and 2.9.9p2
I don't know if this is still a problem in the latest snapshot, but with 2.9.9p2, if you do a "./configure ... --with-tcp-wrappers", there's no way to specify a location for tcpd.h and libwrap.a. This is troublesome on Solaris where you might install stuff like that in /opt/lib or /usr/local/lib or something that is not searched by default. Ed Ed Phillips <ed at
2001 Oct 26
1
Makefiles in v2.9.9p2
If I change openbsd-compt/readpassphrase.c and type "make" from the top-level, nothing happens. I have to remove openbsd-compat/libopenbsd-compat.a to get "make" to do its thing. Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
2002 Apr 05
1
Quick question: /dev/random on Solaris 8
Can someone tell be briefly how to get OpenSSH3.1p1 configured and compiled to use /dev/random? Can OpenSSH use /dev/random directly now? Thanks, Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
2001 Oct 22
2
sshd dumps core in pam_sm_open_session
(I vaguely remember talk about PAM session stuff recently... please excuse me if this is the same problem.) I compiled v2.9.9p2 on Solaris 8 with the following configuration and the Sun Workshop v5 compiler: OpenSSH has been configured with the following options: User binaries: /opt/openssh-2.9.9p2/bin System binaries: /opt/openssh-2.9.9p2/sbin
2001 Oct 26
5
New password echoes on Sol8
I tried replacing readpassphrase() for v2.9.9p2 on Sol8 with a different version that just calls getpassphrase(). It appears to solve the echo problem when the user tries to login in interactive mode and needs to change their password. Can anyone else try this with v2.9.9p2 on Solaris? Be sure to add: #define HAVE_GETPASSPHRASE ... to config.h when compiling (since it's not a configurable
2002 Feb 13
1
x509 test patch - can't compile
cc -g -I. -I. -I/opt/openssl-0.9.6c/include -I. -I/usr/local/include -DETCDIR=\"/opt/openssh-3.0.2p1-x509/etc\" -D_PATH_SSH_PROGRAM=\"/opt/openssh-3.0.2p1-x509/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/opt/openssh-3.0.2p1-x509/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/opt/openssh-3.0.2p1-x509/libexec/sftp-server\" -D_PATH_SSH_PIDDIR=\"/var/run\"
2001 Nov 02
7
Entropy and DSA keys
I remember a discussion to the effect that using DSA keys in sshd increases the requirement for random bits available on the system... and that this requirement (was it a 128 bit random number per connection?) presents security problems on systems that don't have a decent source of entropy? Am I misinterpreting those discussions? We are having a problem deploying sshd (no prngd) where sshd
2001 Oct 10
0
ssh hangs instead of exiting
On Mon, 8 Oct 2001, Markus Friedl wrote: > Date: Mon, 8 Oct 2001 23:12:41 +0200 > From: Markus Friedl <markus at openbsd.org> > To: Ed Phillips <ed at UDel.Edu> > Subject: Re: ssh hangs instead of exiting > > On Mon, Oct 08, 2001 at 05:07:12PM -0400, Ed Phillips wrote: > > On Mon, 8 Oct 2001, Markus Friedl wrote: > > > > > Date: Mon, 8 Oct 2001
2002 Apr 11
4
X11UseLocalhost option and the DISPLAY variable
I wasn't paying much attention when there was a lot of conversation about these issues. I recently ran into a problem where an X app won't run with OpensSSH 3.1p1's default "X11UseLocalhost yes" setting. If I run the X app with the display set to "localhost:16.0" it gets a "BadAccess" error, but if I run it with the display set to
2002 Jul 02
0
PAMAuthenticationViaKbdInt no
If I set it to "no", should I still be able to login with a typed-in password? I get messages such as these: --- Jul 2 12:23:39 remedy.udel.edu sshd[6811]: [ID 800047 local4.debug] debug1: userauth-request for user ed service ssh-connection method password Jul 2 12:23:39 remedy.udel.edu sshd[6811]: [ID 800047 local4.debug] debug1: attempt 1 failures 1 Jul 2 12:23:39 remedy.udel.edu
2001 Nov 06
0
Okay...
Who sent the Stalking Ninja after me.... I haven't been THAT bad today have I? ;-) Ed > Date: Tue, 06 Nov 2001 16:05:00 -0600 > From: NINJA-DISPATCH at bluesforbuddha.com > To: Ed Phillips <ed at UDel.Edu> > Subject: You are being stalked by an enemy ninja! > ... Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network