similar to: [Bug 99] auth2.c modifications for correct UNICOS behavior

Hi All. As noted in a previous post, the logging of failed user logins is somewhat spread out. This patch creates a record_failed_login() function in sshlogin.c and moves the AIX and UNICOS code to it, eliminating 3 #ifdefs from the main code. It also provides an obvious place to add the code for any other platforms that support this. I've tested this on AIX 4.3.3. Wendy Palm was kind

Hi All. This is a re-send of a patch I submitted before 3.6p1. As noted in a previous post, the logging of failed user logins is somewhat spread out. This patch creates a record_failed_login() function in sshlogin.c and moves the AIX and UNICOS code to it, eliminating 3 #ifdefs from the main code. It also provides an obvious place to add the code for any other platforms that support

Hi All, I've been poking around various parts of the auth code for a while. Some platforms support failed login counters and it occurs to me that there's as few too many instances of: #ifdef [PLATFORM] if (authenticated == 0 && strcmp(method, "password") == 0) some_login_failure_func(); #endif The attached patch creates a record_failed_login() function in

http://bugzilla.mindrot.org/show_bug.cgi?id=98 ------- Additional Comments From wendyp at cray.com 2002-04-23 08:41 ------- updated patch for 22 april snapshot: --- auth1.c.orig Mon Apr 22 14:28:12 2002 +++ auth1.c Mon Apr 22 14:29:48 2002 @@ -26,6 +26,9 @@ #include "session.h" #include "uidswap.h" #include "monitor_wrap.h" +#ifdef _CRAY +#include

sorry, Darren. Long over due comments. [..] >+/* Record a failed login attempt. */ >+void >+record_failed_login(const char *user, const char *host, const char *ttyname) >+{ >+#ifdef WITH_AIXAUTHENTICATE >+ loginfailed(user, host, ttyname); >+#endif >+#ifdef _UNICOS >+ cray_login_failure((char *)user, IA_UDBERR); >+#endif /* _UNICOS */ >+} I like the

I need a way to make sshd require S/KEY authentication to succeed before allowing either password or public-key authentication. Currently, we can only have S/KEY+password, by using PAM for authentication, and configuring PAM accordingly. But PAM of course can't handle SSH public keys. I thought for a while that ideally we could actually use PAM to tell sshd what methods of authentication to

http://bugzilla.mindrot.org/show_bug.cgi?id=99 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:45

http://bugzilla.mindrot.org/show_bug.cgi?id=101 ------- Additional Comments From wendyp at cray.com 2002-04-23 08:43 ------- updated patches for 22 april snapshot: --- session.c.orig Mon Apr 22 14:36:13 2002 +++ session.c Mon Apr 22 16:31:15 2002 @@ -64,6 +64,10 @@ #define is_winnt (GetVersion() < 0x80000000) #endif +#ifdef _CRAY +#include <tmpdir.h> +#endif /*

http://bugzilla.mindrot.org/show_bug.cgi?id=101 Summary: session.c modifications for correct UNICOS behavior Product: Portable OpenSSH Version: 3.0.2p1 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

OpenBSD tree is heading into a lock and this includes OpenSSH. So we are winding up for a 3.5 release. If we can get people to test the current snapshots and report any problems that would improve the odds that your platform won't be broke for 3.5. Issues I know off of right now. 1. I can't test NeXT. So I TRULY need someone in that community to test for me. Last I heard there was

http://bugzilla.mindrot.org/show_bug.cgi?id=100 ------- Additional Comments From mouring at eviladmin.org 2002-04-06 06:52 ------- The following code was committed to OpenSSH to catch some SysV issue. Does this keep UNICOS happy? while ((wait_pid = waitpid(-1, &wait_status, 0)) < 0) if (errno != EINTR) packet_disconnect("wait:

http://bugzilla.mindrot.org/show_bug.cgi?id=96 ------- Additional Comments From stevesk at pobox.com 2002-04-05 19:23 ------- the cray support is incomplete now, is that correct? if so, what is needed to complete it? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=100 ------- Additional Comments From markus at openbsd.org 2002-02-05 06:46 ------- hm, why can't you do while(waitpid) ? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=102 tim at multitalents.net changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|openssh-unix-dev at mindrot.org|tim at multitalents.net ------- Additional Comments From tim at multitalents.net 2002-02-26 17:01 ------- I've addressed this

http://bugzilla.mindrot.org/show_bug.cgi?id=97 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-04-23 08:39

http://bugzilla.mindrot.org/show_bug.cgi?id=96 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:40

http://bugzilla.mindrot.org/show_bug.cgi?id=100 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:41

http://bugzilla.mindrot.org/show_bug.cgi?id=98 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:43

http://bugzilla.mindrot.org/show_bug.cgi?id=101 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:44

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of