Displaying 20 results from an estimated 10000 matches similar to: "feature request in sshd: require both "pubkey" & "password""
2002 Jun 24
1
Require multiple methods of authentication.. status...
All,
Forgive me if this is has been covered. I didn't find what I was looking
for in the man pages or on the list archives.
What is the status of being able to require a user to perform multiple
methods of authentication.
I.E.
BOTH kerberos and pubkey
-or-
BOTH kerb V and smartcard
-etc. etc. etc.-
I saw an entry on the archive from Markus and Tom in Arpil 2001 that said
2003 Aug 22
5
No interest in partial auth?
Hi,
I don't mean to be annoying, but it seems like there isn't any interest in
partial authentication. Is this true? It's not a future plan for OpenSSH
to have this feature?
I'd just like to know if I'm on my own or not.
Thanks
Erik.
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
When I looked at `man pam_unix`, I did not see any obvious options that
would
cause ssh to authenticate without prompting for a password at all, short of
setting an empty password which is similar to PermitEmptyPasswords option.
However, I am not very familiar with the internals of PAM, so pointers to
documentation would be greatly appreciated.
Also, I think adding a single line to sshd_config
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
On 6/26/2024 9:34 PM, Henry Qin wrote:
> Hi folks,
>
> I've recently started to work on a patch for openssh that introduces a new
> option to disable authentication.
> I'd like to explain why I think this might be generally useful, and solicit
> opinions on whether such a patch would be acceptable to the maintainers as
> a pull request.
Why not just use a different
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
see pam_permit(8)
On Thu, Jun 27, 2024 at 10:37?AM Henry Qin <hq6 at cs.stanford.edu> wrote:
>
> When I looked at `man pam_unix`, I did not see any obvious options that
> would
> cause ssh to authenticate without prompting for a password at all, short of
> setting an empty password which is similar to PermitEmptyPasswords option.
>
> However, I am not very familiar
2007 Nov 04
5
[Bug 1388] New: Parts of auth2-pubkey. c are completely devoid of debug logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1388
Summary: Parts of auth2-pubkey.c are completely devoid of debug
logging
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: Other
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component:
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
Thanks for the pointer!
I played around with PamServiceName set to 'sshd_disable_auth' and got it
working with the minimum contents below in the file
/etc/pam.d/sshd_disable_auth.
auth required pam_permit.so
account required pam_permit.so
session required pam_permit.so
Thus, this does indeed enable disabling authentication.
Unfortunately, as far as I can tell, only root can create files
2003 Jan 08
6
[Bug 464] sshd seems to corrupt the wtmpx
http://bugzilla.mindrot.org/show_bug.cgi?id=464
------- Additional Comments From pas50 at cam.ac.uk 2003-01-09 02:11 -------
This is apparently a bug with compiling in 64 bit.
David foster saw this.
http://www.sunmanagers.org/pipermail/summaries/2002-October/004018.html
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
i'm not a maintainer, but my personal opinion is that it's probably
easier to prepare a container with this pam configuration
On Thu, Jun 27, 2024 at 2:26?PM Henry Qin <hq6 at cs.stanford.edu> wrote:
>
> Thanks for the pointer!
> I played around with PamServiceName set to 'sshd_disable_auth' and got it working with the minimum contents below in the file
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
I would like to understand your opinion a little more deeply.
Are you suggesting that it's easier to (prepare the container and add a
line at runtime) compared to (add a line to an sshd config at runtime)? The
latter scenario would be the case if the patch is merged.
Or did you mean that it's easier to prepare the container than to implement
a correct patch into sshd to enable the option
2024 Jun 27
1
Proposal to add a DisableAuthentication option to sshd ServerOptions
it's not just adding a line at runtime. it's the openssh maintainers
maintaining an odd codepath and testing it at each release and
answering questions about the configuration, etc.
On Thu, Jun 27, 2024 at 3:00?PM Henry Qin <hq6 at cs.stanford.edu> wrote:
>
> I would like to understand your opinion a little more deeply.
>
> Are you suggesting that it's easier to
2024 Jun 27
2
Proposal to add a DisableAuthentication option to sshd ServerOptions
Hi folks,
I've recently started to work on a patch for openssh that introduces a new
option to disable authentication.
I'd like to explain why I think this might be generally useful, and solicit
opinions on whether such a patch would be acceptable to the maintainers as
a pull request.
*Why is this useful?*
Openssh has useful capabilities such as remote and local port-forwarding,
as well
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi,
I'm trying to use pam_listfile.so to deny logins from all others but few
users (names in /etc/loginusers). With password authentication it works
fine, but with public key authentication OpenSSH lets in users whose
names arent't in /etc/loginusers. AllowUsers in sshd_config does what
one would expect.
I'm using OpenSSH-3.0.2p1 on Debian testing (package version
1:3.0.2p1-6)
2001 Jul 09
1
sshd problem on Solaris 7: Control-C hangs shell
I have a strange problem with sshd (from openssh-2.9p2) on Solaris 7. My shell is bash. When I open an ssh session , and type a Control-C to bash's prompt, the shell hangs. (But, if I for instance run "sleep 10" (during which time the pty is in cooked mode) and press Control-C, the sleep command is interrupted quite normally, and the bash prompt returns.)
Adding some debugging
2004 Mar 22
3
Distributed computing
Dear all,
does anyone know if there exists an effort to bring some kind of
distributed computing to R? The most simple functionality I'm after is
to be able to explicitly perform a task on a computing server. Sorry if
this is a non-informed newbie question...
Best regards
Anders Sj?gren
PhD Student
Dept. of Mathematical Statistics
Chalmers University of Technology
Gothenburg, Sweden
2001 Apr 04
1
random openssh todo notes
fyi
http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/TODO
2016 Feb 18
3
Call for testing: OpenSSH 7.2
On 2/17/16 6:02 PM, Darren Tucker wrote:
> On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote:
> [...]
>> Is there a sane way to run just one test script? LTESTS can't be overridden
>> AFAIK...
>
> make t-exec LTESTS=testname
>
> where testname is the name of the specific test script without the .sh
> extension.
Nope, that runs
2001 Apr 25
6
Updated partial auth patch against CVS
Here is a new version of my partial auth patch against the April 24, 2001
CVS image. It fixes a couple of things (thanks to Karl M
<karlm30 at hotmail.com>), and includes support for hostbased auth. It's still
not pretty, but it works. 2 things Karl mentioned aren't fixed:
- auth methods are still hard-coded into servconf.c. Fixing this would
require a lot of work, and all the
2016 Feb 18
5
Call for testing: OpenSSH 7.2
On 2/17/16 3:02 PM, Carson Gaspar wrote:
>
> Sadly I'm hitting a different autoconf bug :-(
I was being an idiot - configure was bombing out & I didn't notice (boy
that openssl version error message is loooooong...)
With Mr. Wilson's patch, I still get:
"sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used
with the Solaris sandbox"
2013 Apr 02
4
Too many public keys
Apparently my ssh agent is feeling energetic today:
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: [...]
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: [...]
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: