similar to: [Bug 189] pam_setcred() failures should not be treated as fatal

http://bugzilla.mindrot.org/show_bug.cgi?id=189 Summary: pam_setcred() failures should not be treated as fatal Product: Portable OpenSSH Version: 3.1p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=189 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-01-07 17:40

http://bugzilla.mindrot.org/show_bug.cgi?id=284 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From stevesk at pobox.com 2002-06-23 09:11

Should pam_setcred() be called if pam_authenticate() wasn't called? I would say not; both of these functions are in the authenticate part of pam. It seems the the 'auth' part of pam config controls which modules get called, so if you didn't to _authenticate() you shouldn't do _setcred(). thx /fc

https://bugzilla.mindrot.org/show_bug.cgi?id=2399 Bug ID: 2399 Summary: openssh server should fatal out when pam_setcred and pam_open_session fail Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2549 Bug ID: 2549 Summary: [PATCH] Allow PAM conversation for pam_setcred for keyboard-interactive authentication Product: Portable OpenSSH Version: 7.1p2 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=173 ------- Additional Comments From stevesk at pobox.com 2002-03-19 08:31 ------- see sshd.8 X11UseLocalhost ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=153 ------- Additional Comments From stevesk at pobox.com 2002-03-31 02:55 ------- can you provide sshd -ddd output and additional information such as linux distribution, etc? also "Cannot bind any address." appears to be from a different sshd invocation. ------- You are receiving this mail because: ------- You are the assignee for

http://bugzilla.mindrot.org/show_bug.cgi?id=109 ------- Additional Comments From stevesk at pobox.com 2002-03-31 05:06 ------- i'm not sure. can someone dup and debug this? can you still dup with 3.1p1? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=282 ------- Additional Comments From stevesk at pobox.com 2002-06-22 06:15 ------- what kernel and glibc version? try with "stty -parenb" on client side. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=312 ------- Additional Comments From stevesk at pobox.com 2002-07-18 14:07 ------- why is it required? i don't see any canohost.h functions in those files. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=389 ------- Additional Comments From stevesk at pobox.com 2002-08-30 07:12 ------- *** Bug 390 has been marked as a duplicate of this bug. *** ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hello, We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a non-root user with PAM [pam-kerberos] then I get the following error. debug3: PAM: opening session debug1: PAM: reinitializing credentials PAM: pam_setcred(): Failure setting user credentials This is particularly for non-root users with PrivSep YES. When I connect to a root user with PrivSep YES or to a non-root

Hello. I'm wondering how one would go about configuring dovecot to invoke pam_setcred() from the same process as (or a parent process of) the process which eventually reads the user's mail off the disk. This is required for pam modules that set kernel-level credentials which are later used to access the user's mail files. In particular, I'm trying to use dovecot with pam_krb5

http://bugzilla.mindrot.org/show_bug.cgi?id=231 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From stevesk at pobox.com 2002-07-21 05:05

Hi, This is included in the release now; any feedback? Privilege separation, or privsep, is method in OpenSSH by which operations that require root privilege are performed by a separate privileged monitor process. Its purpose is to prevent privilege escalation by containing corruption to an unprivileged process. More information is available at:

http://bugzilla.mindrot.org/show_bug.cgi?id=245 ------- Additional Comments From wknox at mitre.org 2002-05-18 00:58 ------- Same issue with Solaris 8 built with gcc 2.95.2 with the following configure options: --without-rsh --with-tcp-wrappers --with-pam --disable-suid-ssh --with-prngd-socket --with-default-path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin Running a ssh -v

http://bugzilla.mindrot.org/show_bug.cgi?id=239 ------- Additional Comments From stevesk at pobox.com 2002-05-10 06:36 ------- i have heard that newer releases have getaddrinfo() and that it does not function properly. is HAVE_GETADDRINFO defined? if so, can you raise the issue with HP support before we do something like add BROKEN_GETADDRINFO? ------- You are receiving this mail

http://bugzilla.mindrot.org/show_bug.cgi?id=243 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

http://bugzilla.mindrot.org/show_bug.cgi?id=789 Summary: pam_setcred() not being called as root Product: Portable OpenSSH Version: 3.7.1p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: openssh-bugs at mindrot.org ReportedBy: