Displaying 20 results from an estimated 600 matches similar to: "[Bug 118] New: Implement TIS (protocol 1) via PAM"
2001 Oct 09
1
TISviaPAM patch
Here is a patch that does TIS auth via PAM. It's controlled by a switch
in the sshd_config. You'd use it by having a PAM module that sets
PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs.
The patch is against the 2.9.9p2 distribution.
I'm not on the list, a reply if this patch is accepted would be great.
(But not required, I know some folks have a distaste for
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
Hello,
appended is a patch that makes it possible to use PAM both for
password authentication and TIS (i.e. s/key or opie or any other
interactive challenge/response scheme). I have developed this starting
from the patch at http://www.debian.org/Bugs/db/61/61906.html on
Debian with openssh-2.1.1p4-3. After configuring ssh with
--with-pam-tis, there are two PAM services, "sshd" and
2001 Mar 13
0
[PATCH] openssh 2.5.1p2 TIS authserv support
Hi,
We have updated our TIS authserv support patch for OpenSSH 2.5.1p2. You'll
find it attached to my message.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
-------------- next part --------------
diff -urN openssh-2.5.1p2/Makefile.in openssh-2.5.1p2-tis/Makefile.in
--- openssh-2.5.1p2/Makefile.in Sun Feb 18 20:13:33 2001
+++
2003 Mar 02
0
[RFC][PATCH] Require S/KEY before other authentication methods.
I need a way to make sshd require S/KEY authentication to succeed before
allowing either password or public-key authentication.
Currently, we can only have S/KEY+password, by using PAM for
authentication, and configuring PAM accordingly. But PAM of course can't
handle SSH public keys.
I thought for a while that ideally we could actually use PAM to tell
sshd what methods of authentication to
2002 Jul 30
0
patch: disable credential forwarding after password auth.
Dear list,
since the order of authentication and AFS token/KRB TGT forwarding
changed (around 3.0), we have had problems with users accidentally
overwriting their credentials from a "password" login with forwarded
credentials. E.g. user A logs in as user B, but stays with the AFS
permissions of user A. A workaround is to use "-k" on these sessions,
but "it worked without
2001 Nov 07
2
Flaw in empty password authentication in sshd
The auth-pam.c of sshd server contains a small flaw that allows empty
password logins even if "PermitEmptyPasswords" option in the sshd config
file is set to "no". The scenario is as follows:
Using ssh the user tries to logon to the machine using an account that has
empty password. If the user presses enter on the password prompt (NULL
password) access is
2009 Dec 01
1
Password Change from Windows machines ("You do not have permission to change your password")
Hello,
I just wasted several hours trying to figure out why I could not
change Samba passwords from Windows XP computers. I'm posting here so
that there is some form of documentation about this on the web.
My setup is basically this:
- Samba 3.3.2 (running under Ubuntu 9.04)
- OpenLDAP user database
- Full O.S. support for OpenLDAP auth, using nsswitch and PAM.
(My client
2003 May 07
1
3.6.1p2, Spurious PAM failure messages WITH "PermitEmptyPasswords no", and a (micro) fix
Hi,
after installing 3.6.1p2 I noticed spurious PAM login failures
even with PermitEmptyPasswords set to "no":
sshd(pam_unix)[1740]: authentication failure; logname=XXX uid=0 euid=0
tty=NODEVssh ruser= rhost=localhost user=XXX
After looking at the code I noticed the following in the portability p2
patch:
+++ openssh-3.6.1p2/auth-passwd.c 2003-04-29 19:12:08.000000000 +1000
2002 Mar 27
3
[Bug 192] monitor.c:545: undefined reference to `auth_password with USE_PAM on
http://bugzilla.mindrot.org/show_bug.cgi?id=192
------- Additional Comments From mouring at eviladmin.org 2002-03-28 04:04 -------
If I understand the PAM code (none of the PRIVSEP code has been made to work
with it right now) one should never called auth_password() they should
be calling auth_pam_password()..
So in mm_answer_authpassword() function it should look something like this
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
Hi,
the following patch fixes a potential security hole in the Cygwin
version of sshd.
If you're logging in to a Cygwin sshd with version 2 protocol using an
arbitrary user name which is not in /etc/passwd, the forked sshd which
is handling this connection crashes with a segmentation violation. The
client side encounters an immediate disconnect ("Connection reset by
peer").
2000 Oct 15
1
Patch for Digital Unix SIA authentication
A while back, I sent in a patch that added Digital Unix SIA
authentication to OpenSSH. Well, I just figured out that it didn't
handle everything correctly (locked accounts could still log in). I
thought I had checked that, but I guess I missed it.
Anyway, here is a patch against OpenSSH 2.2.0p1 that fixes this.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator
2001 Feb 12
1
pam protocol 1 fix
is this ok?
symptom is:
debug1: Starting up PAM with username "stevesk"
debug1: Trying to reverse map address 127.0.0.1.
debug1: PAM setting rhost to "localhost"
debug1: Attempting authentication for stevesk.
debug1: PAM Password authentication for "stevesk" failed[9]: Authentication failed
Failed rsa for stevesk from 127.0.0.1 port 49568
Index: auth1.c
2001 Mar 01
1
Bug report against openssh-2.3.0p1
I am writing to report a bug in openssh-2.3.0p1, and to suggest
a fix.
I have OpenSSH installed on a Solaris 8 box. The output of
uname -a is:
> SunOS dipper.csi.cam.ac.uk 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-5_10
OpenSSH was configured with the following options:
> ./configure --prefix=/jackdaw --with-default-path=/jackdaw/bin:/usr/bin
On this OS, with this configuration, it
2001 Nov 04
2
OPIE patch for current CVS
I redid my previous OPIE patch for the current ssh tree. It seems
to work fine here, and I'ld love to see it merged before the 3.0
release.
Wichert.
diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in
--- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001
+++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001
@@ -50,7 +50,7 @@
SSHOBJS= ssh.o
2001 May 23
1
[PATCH]: Drop the use of `check_nt_auth'.
Hi,
the following patch removes some of the Cygwin specific code from
OpenSSH.
Since Cygwin is able to change the user context on NT/W2K even without
a password since the new Cygwin version 1.3.2, there's no need anymore
to allow changing the user context only if the sshd user is the same
user as the one which logs in or when a password is given.
For that reason the whole function
2015 Aug 21
0
Problems with embedded R, ReplDLL
Along with getting pqR to work on Windows, I've also been testing it
in the context of embedded R, and in the process have found some
problems with the examples given of embedded R use.
One problem can be seen in R_ReplDLLinit, in src/main/main.c:
void R_ReplDLLinit(void)
{
SETJMP(R_Toplevel.cjmpbuf);
R_GlobalContext = R_ToplevelContext = R_SessionContext = &R_Toplevel;
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2003 Jun 20
1
Problems with conversation functions PAM + OpenSSH
Hello
sorry, for bothering you with this problem, but I ca't find solutions.
I write small PAM module, and I've got the problem with conversation
function with OpenSSH 3.5p1.
When the message style is PAM_PROMPT_ECHO_ON, or PAM_PROMPT_ECHO_OFF
everything is allright. But when I use PAM_TEXT_INFO, or PAM_ERROR_MSG,
ssh prints nothing on the client side. Does anyone know the reason of
2001 Mar 03
0
[PATCH] PrintLastLog option
Some time ago, Ben wrote about a PrintLastLog patch:
> If the person who originally submitted it wants to write a complete
> patch and submit it. Then we would be happy to debate if it will be
> included.
Well, here it is, because: "You Asked For It!"
PS: I'm tired of maintaining my own version of Debian's ssh just to
have this option available, so I hope you find
2000 Feb 25
0
Letting PAM add a user
Hello. I have a linux-based system that acts as a cvs-server on an
NT-domain. The cvs-repository is reached whith ssh.
My comments are for version 1.2.2 (debian distribution 1.2.2-1).
I made a pam-module for adding users automatically when they have been
authorized by the pam_smb_auth. Problem is that sshd checks if the user
exists in passwd before going to pam for authorization. I made a