similar to: openssh & solaris (part 2)

Displaying 20 results from an estimated 4000 matches similar to: "openssh & solaris (part 2)"

2002 Feb 27
0
[Bug 128] New: PAM with ssh authentication and pam_krb5 doesn't work properly
http://bugzilla.mindrot.org/show_bug.cgi?id=128 Summary: PAM with ssh authentication and pam_krb5 doesn't work properly Product: Portable OpenSSH Version: 3.0.2p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:
2002 Apr 26
0
PAM keyboard-interactive
The following patch (relative to -current) makes PAM a proper kbd-interactive citizen. There are a few limitations (grep for todo), but the code seems to work OK for protocols 1 & 2 with and without privsep. Please have a play! auth2-pam.c is based on code from FreeBSD. Index: auth2-chall.c =================================================================== RCS file:
2002 Jul 02
3
New PAM kbd-int diff
Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes PAM kbd-int work with privilege separation. Contrary to what I have previously stated - it *does* handle multiple prompts. What it does not handle is multiple passes through the PAM conversation function, which would be required for expired password changing. I would really appreciate some additional eyes over the
2002 Jun 25
4
PAM kbd-int with privsep
The following is a patch (based on FreeBSD code) which gets kbd-int working with privsep. It moves the kbd-int PAM conversation to a child process and communicates with it over a socket. The patch has a limitation: it does not handle multiple prompts - I have no idea how common these are in real-life. Furthermore it is not well tested at all (despite my many requests on openssh-unix-dev@). -d
2001 Jun 26
1
OpenSSH 2.9p2 with PAMAuthenticationViaKbdInt
When using PAM to do password authenticaion the attempt/failure counter appears to be getting confused. This is using a rh62 system with the openssh-2.9p2-1 rpms... On the client side... [matthewm at toadhall (7) matthewm]$ grep Auth /etc/ssh/ssh_config RhostsAuthentication no RhostsRSAAuthentication no HostbasedAuthentication no RSAAuthentication no PubkeyAuthentication yes
2002 Jun 26
0
OpenSSH Security Advisory (adv.iss)
1. Versions affected: All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 and later are not affected. OpenSSH 3.2 and later prevent privilege escalation if UsePrivilegeSeparation is enabled in sshd_config. OpenSSH 3.3 enables
2002 Jun 26
0
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the PAMAuthenticationViaKbdInt code. All versions between 2.9.9 and 3.3
2002 Jun 26
1
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the PAMAuthenticationViaKbdInt code. All versions between 2.9.9 and 3.3
2002 Jun 26
2
OpenSSH Security Advisory (adv.iss)
1. Versions affected: All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 and later are not affected. OpenSSH 3.2 and later prevent privilege escalation if UsePrivilegeSeparation is enabled in sshd_config. OpenSSH 3.3 enables
2002 Jul 01
0
Revised OpenSSH Security Advisory
This is the 4th revision of the Advisory. This document can be found at: http://www.openssh.com/txt/preauth.adv 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the
2002 Jul 01
0
Revised OpenSSH Security Advisory
This is the 4th revision of the Advisory. This document can be found at: http://www.openssh.com/txt/preauth.adv 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the
2002 Feb 27
0
[Bug 127] New: PAM with ssh authentication and pam_krb5 doesn't work properly
http://bugzilla.mindrot.org/show_bug.cgi?id=127 Summary: PAM with ssh authentication and pam_krb5 doesn't work properly Product: Portable OpenSSH Version: 3.0.2p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:
2003 Jan 08
2
OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS (fwd)
There has not been any mention of this, so.. I'm having hard time trying to figure out whether this is for real or just a joke. (Anyway, I don't use those possibly vulnerable features myself.) Any analysis yet? -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R.
2001 Sep 05
1
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>> >Could we please have a clarification on the semantics of >> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS? >> >> My interpretation is: >> >> You call PAM_ESTABLISH_CRED to create them >> You call PAM_REINITIALIZE_CRED to update creds that can expire over time, >> for example a kerberos ticket. Oops. I meant
2002 Feb 27
0
openssh & solaris
while trying to sort out the PAM incompatabilities between openssh 3.0.2p1 and solaris 8 and sun's pam_krb5 i got some things to work. i'm really not sure where the appropriate place to submit patches is so for now i'm sending them here. this patch will allow PAM interoperability when using sun's pam_krb5 without using the system login routine (this way X forwarding will
2001 Sep 05
2
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>Neither the Sun PAM documentation nor the Linux-PAM documentation >describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail. I would agree it is vague, but then that is also a problem with the XSSO document (http://www.opengroup.org/onlinepubs/008329799/) >Could we please have a clarification on the semantics of >PAM_CRED_ESTABLISH vs. the semantics of
2002 Feb 24
0
Sol8/pam_krb5/OpenSSH 3.0.2
with the following pam.conf entries, after being prompted for a login password the connection is closed: other auth sufficient /usr/lib/security/$ISA/pam_krb5.so.1 other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass the system logs the error: sshd[4215]: fatal: input_userauth_info_response_pam: no authentication context if the pam.conf entry is changed to the
2013 Jan 19
1
PAM function ordering
Dear all, I've been looking into hacking with some PAM modules, and thought I could learn from the OpenSSH source (it's probably the closest thing to a canonical cross-platform consumer of the API). One thing I've noticed I don't understand though is how OpenSSH's invocation of do_pam_session/setcred can work (in main of the process forked in sshd.c). Ignoring privsep for the
2004 Mar 30
2
[Bug 688] PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail
http://bugzilla.mindrot.org/show_bug.cgi?id=688 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |822 nThis| | Status|NEW |ASSIGNED
2001 Feb 10
3
Protocol 2 remote forwarding patch
Hi all, I'm very new in this list, as looking for codes to plug up the lack of functionality of "Protocol 2 Remote Forwardig". Fortunately, I could find it in MARC's archive. Mr. Jarno Huuskonen posted the codes in Sept, last year, and I tried applying it to my FreeBSD box environment. I couldn't apply an original patch, of course, for incompatibility of virsion. The