Displaying 20 results from an estimated 700 matches similar to: "[Bug 188] pam_chauthtok() is called too late"
2002 Mar 26
0
[Bug 188] New: pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
Summary: pam_chauthtok() is called too late
Product: Portable OpenSSH
Version: 3.1p1
Platform: Other
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2002 Jun 03
0
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
------- Additional Comments From stevesk at pobox.com 2002-06-04 05:46 -------
20020426
- (djm) Disable PAM password expiry until a complete fix for bug #188
exists
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jul 18
0
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
stevesk at pobox.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |smueller at atsec.com
------- Additional Comments From stevesk at pobox.com 2002-07-18 15:46 -------
*** Bug 256 has been marked as a
2002 Aug 29
0
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
stevesk at pobox.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dirk.bockmann at customs.gov.au
------- Additional Comments From stevesk at pobox.com 2002-08-30 07:08 -------
*** Bug 362 has been
2003 May 14
2
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From djm at mindrot.org 2003-05-14 22:32
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
Hi All.
This patch calls pam_chauthtok() to change an expired password via PAM
during keyboard-interactive authentication (SSHv2 only). It is tested on
Redhat 8 and Solaris 8.
In theory, it should have simply been a matter of calling pam_chauthtok
with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is
if it's expired, right? From the Solaris pam_chauthtok man page:
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2007 May 29
3
wich apc ups?
Hi,
I want to buy a UPS wfor a PE2800 but I'm mnot sure wich one to choose. is
1000 VA enough or do I need the 1500 VA version?
1) APC Smart-UPS 1000 VA Black SMART UPS 1000 VA BLACK 1000 VA
LINE-INTERACTIV [SUA1000I]
2) Power Supply Apc-ups 1500va Floorstand Incl Control Cable Usb And Com
Port Output Power 980w
Other suggestions are also welcome As long as they can talk to the apcd
2001 Nov 07
2
Flaw in empty password authentication in sshd
The auth-pam.c of sshd server contains a small flaw that allows empty
password logins even if "PermitEmptyPasswords" option in the sshd config
file is set to "no". The scenario is as follows:
Using ssh the user tries to logon to the machine using an account that has
empty password. If the user presses enter on the password prompt (NULL
password) access is
2001 Oct 09
1
TISviaPAM patch
Here is a patch that does TIS auth via PAM. It's controlled by a switch
in the sshd_config. You'd use it by having a PAM module that sets
PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs.
The patch is against the 2.9.9p2 distribution.
I'm not on the list, a reply if this patch is accepted would be great.
(But not required, I know some folks have a distaste for
2000 May 31
1
pam_chauthtok placement
Can I ask for some advice, as to where in the code would be the logical
place to add code to ask a user to change his password? Presumably
do_pam_account is the *wrong* place. Guess I should build a
do_pam_password function, but who should be calling it?
2002 Mar 12
2
[Bug 160] Race condition in clientloop.c?
http://bugzilla.mindrot.org/show_bug.cgi?id=160
------- Additional Comments From Nicolas.Williams at ubsw.com 2002-03-13 09:10 -------
Created an attachment (id=40)
Debug output, lsof output, etc...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2018 Sep 28
2
Support for RFC4252 in sshd with PAM
Hi
I'm trying to integration a Java application using SSHJ
<https://github.com/hierynomus/sshj> client-side - into OpenSSH 7.4. This
is fine, except where I get to a password expiry situation.
Looking at RFC4252 <https://www.ietf.org/rfc/rfc4252.txt> (which is
supported by SSHJ) I don't see any SSH_MSG_USERAUTH_PASSWD_CHANGEREQ [60]
messages getting passed from
2002 Mar 07
0
[Bug 147] New: ssh dies if it gets SSH_MSG_USERAUTH_PASSWD_CHANGEREQ
http://bugzilla.mindrot.org/show_bug.cgi?id=147
Summary: ssh dies if it gets SSH_MSG_USERAUTH_PASSWD_CHANGEREQ
Product: Portable OpenSSH
Version: 3.0p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P4
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
2004 Jun 17
2
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ and 3.1.0 F-SECURE SSH - Proces s Software SSH for OpenVMS
I have found that this server,
<snip>
debug1: Remote protocol version 1.99, remote software version 3.1.0 F-SECURE
SSH - Process Software SSH for OpenVMS
debug1: no match: 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS
</snip>
does not follow the IETF secsh draft [1] related to the
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ message.
<snip>
...
Normally, the server responds
2001 Jun 04
1
password_authtentication option ignored in auth handling
There is one spot where the password_authentication option was ignored,
patch follows.
Wichert.
diff -wur org/openssh-2.5.2p2/auth2.c openssh-2.5.2p2/auth2.c
--- org/openssh-2.5.2p2/auth2.c Sun Mar 11 21:01:56 2001
+++ openssh-2.5.2p2/auth2.c Mon Jun 4 23:31:54 2001
@@ -397,7 +397,7 @@
authenticated = auth2_challenge(authctxt, devs);
#ifdef USE_PAM
- if
2002 May 06
6
SCP file corruptions
Hi,
I apparently was asleep at the wheel using scp, and accidentally copied a
file onto itself. Scp generated an Input/Output error and did not perform
the copy. However, now the file is corrupt. Is this a but? Is there anyway
to fix the file I messed up?
Thanks,
Don Gathman
208.396.6675
2004 Dec 28
2
LinuxPAM and sshd: changing conversation function doesn't work but claims to.
Hi.
I'm one of the OpenSSH developers, and I've done some of the work on
sshd's PAM interface recently.
I've discovered some behaviour peculiar to LinuxPAM that I can't
explain: changing the conversation function does not appear to work,
even though the pam_set_item() call claims to succeed. The previous
conversation function is still called.
Background: the PAM API
2003 May 12
10
[Bug 559] PAM fixes
http://bugzilla.mindrot.org/show_bug.cgi?id=559
Summary: PAM fixes
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: fcusack at fcusack.com
- start PAM
2002 Nov 04
2
Sweave - documenting a long function
Hi,
I would like to use Sweave to document a long function.
Is it possible to split the function's code into chunks
such that Sweave will accept each chunk without complaining.
I have tried various approaches without sucess
but I feel sure that someone has done this already.
Here is one attempt
==============
% First, define the funciton header
<<defFunHdr, eval=FALSE>>=
x <-