similar to: [Bug 147] New: ssh dies if it gets SSH_MSG_USERAUTH_PASSWD_CHANGEREQ

I have found that this server, <snip> debug1: Remote protocol version 1.99, remote software version 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS debug1: no match: 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS </snip> does not follow the IETF secsh draft [1] related to the SSH_MSG_USERAUTH_PASSWD_CHANGEREQ message. <snip> ... Normally, the server responds

Darren, > -----Original Message----- > From: Darren Tucker [mailto:dtucker at zip.com.au] > Sent: Thursday, June 17, 2004 11:08 PM > To: Scott Rankin > Subject: Re: SSH_MSG_USERAUTH_PASSWD_CHANGEREQ and 3.1.0 > F-SECURE SSH - Pr oces s Software SSH for OpenVMS > > > Scott Rankin wrote: > >>That will depend on which versions exhibit the problems. Is it >

Hi I'm trying to integration a Java application using SSHJ <https://github.com/hierynomus/sshj> client-side - into OpenSSH 7.4. This is fine, except where I get to a password expiry situation. Looking at RFC4252 <https://www.ietf.org/rfc/rfc4252.txt> (which is supported by SSHJ) I don't see any SSH_MSG_USERAUTH_PASSWD_CHANGEREQ [60] messages getting passed from

[Reminder: The early registration for Connectathon closes at the end of this month.] Get ready for Connectathon 2003! The 17th annual interoperability testing event for engineers only will be held Feb. 27-March 6, 2003 in San Jose, California. For the past 2 years, Connectathon booth space has sold out! Get your registration forms and fees in early and take advantage of registration

Guys, Get ready for Connectathon 2004! The 18th annual interoperability testing event for engineers only will be held Feb. 19-26, 2004 in San Jose, California. For the past 3 years, Connectathon booth space has sold out! Get your registration forms and fees in early and take advantage of registration discounts available through December 19th. Connectathon, sponsored by Sun Microsystems, Inc.,

http://bugzilla.mindrot.org/show_bug.cgi?id=148 Summary: Key Exchange Guesses not supported Product: Portable OpenSSH Version: 3.0p1 Platform: All OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ** [SMR] Samba Mashup Report (#2) for Wednesday, May 14, 2008 ** Table of Contents: 1. Samba 3.2.0 Moves closer to Release 2. Bug fix release for Samba 3.0 in the works 3. Developer Interests - Volker Lendecke 4. Samba at Connectathon 5. Samba4 - Fact or Fantasy? 6. Call for submissions and summaries

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ** [SMR] Samba Mashup Report (#2) for Wednesday, May 14, 2008 ** Table of Contents: 1. Samba 3.2.0 Moves closer to Release 2. Bug fix release for Samba 3.0 in the works 3. Developer Interests - Volker Lendecke 4. Samba at Connectathon 5. Samba4 - Fact or Fantasy? 6. Call for submissions and summaries

I was directed to the following site by one of our customers regarding a keyserver built into openssh. There's a patch for 3.4p1 on their site, but the license isn't very clear, nor is it clear if they have approached the openssh team regarding the inclusion of this subsystem into openssh proper. I've been asked to patch Mandrake's openssh with this feature, but I'm

Hi guys, OpenSSH 2.9p1 using SSH2 currently caches the username sent in the USERAUTH_REQUEST [none] packet. This does not allow you to change the username in a later authentication packet. >From SSH Authentication Protocol, section 2.1: "The user name and service are repeated in every new authentication attempt, and MAY change. The server implementation MUST carefully

Hello, We are having issue with SFTP for Windows server. The OpenSSH reports the "Exit Staus -1" upon exiting the sftp session ( Though the file is successfully getting transferred!!). I have opened ticket with VanDyke Software - vShell and reported this issue. Accordiong to VanDyke Software, there is no issue with vShell configuration / its debug logs. Would you

I need a way to make sshd require S/KEY authentication to succeed before allowing either password or public-key authentication. Currently, we can only have S/KEY+password, by using PAM for authentication, and configuring PAM accordingly. But PAM of course can't handle SSH public keys. I thought for a while that ideally we could actually use PAM to tell sshd what methods of authentication to

hi, i don't understand how 3.6.1p2 breaks ssh1.... On Fri, Sep 12, 2003 at 10:27:15AM -0700, Mike Bethune wrote: > Hello, > the new way this works breaks windows ssh clients using v1 (I know, who cares :) > since when these options are enabled and you connect w/v1, the server asks: > Password: > Response: > and I guess these clients (tested putty, pscp, vandyke) expect

Jeff Van Dyke's "Public Key Assistant subsystem" was previously discussed here: (end of a short thread) http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=103436908422003&w=2 I do see a few comments that seem to point out his arrogance and some disgust about OpenBSD's RCSID, but has anybody found it to be unsecure or if it was bug ridden. The subject sorta dies right

Gang, For those who asked about making a Solaris system a Kerberos client to Active Directory, the magic document to have is: http://www.connectathon.org/seam1.0/files/c0101.htm See the section "How to Configure a SEAM Client Using a Windows 2000 KDC". SEAM was Sun's Kerberos client stuff in Solaris 8; it is just there as part of Solaris 9 and 10. These instructions apply if

http://bugzilla.mindrot.org/show_bug.cgi?id=188 Summary: pam_chauthtok() is called too late Product: Portable OpenSSH Version: 3.1p1 Platform: Other OS/Version: All Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

The patch below follows changes in AIX utmp handling made between AIX 4.3.3 and 5.1. With it, utmp entries are properly recorded again. The patch applies to OpenSSH 3.1p1, and seems to work fine. The co-worker who sent me the patch hasn't tested backwards compatibility on AIX 4.3.3 systems. Richard ------- *** openssh-2.9.9p2/auth-passwd.c.org Tue Jul 3 23:21:15 2001 ---

http://bugzilla.mindrot.org/show_bug.cgi?id=1100 Summary: GSSAPI-with-mic doesn't handle empty usernames Product: Portable OpenSSH Version: 4.2p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy:

I've recently been contacted by an (unnamed) NAS vendor who has seen some problems with Vista clients against 3.0.23d. This has been reported by customers so it's a very important issue for them. As we care greatly about our OEM's I'm proposing that we create a "Vista patchset" of source-code patches that vendors and OEMs can apply to their 3.0.23d based products based

Hi. I'm one of the OpenSSH developers, and I've done some of the work on sshd's PAM interface recently. I've discovered some behaviour peculiar to LinuxPAM that I can't explain: changing the conversation function does not appear to work, even though the pam_set_item() call claims to succeed. The previous conversation function is still called. Background: the PAM API