similar to: expire checks

I'm looking at the password aging and account lock checks in auth.c:allowed_user(), and specifically their behaviour on HP-UX. First, should this code be ifdef'd away if we're using PAM? Next: /* Check account expiry */ if ((spw->sp_expire > 0) && (days > spw->sp_expire)) return 0; If I lock an account by entering too many incorrect passwords, sp_expire

Hello! Today I've found, downloaded and compiled openssh-2.2.0-p1. It basically worked, except that users other than root were not allowed to login. My system is a Linux-2.4.0-test7 with glibc-2.1.3. No PAM is installed/used. It uses MD5 passwords and shadow with account expiration feature. In handling of the latter, a probable bug was found. In auth.c, allowed_user(), there is a code at

The primary purpose of the attached patches is for portable OpenSSH to support changing expired passwords as specified in shadow password files. To support that, I did a couple enhancements to the base OpenBSD OpenSSH code. They are: 1. Consolidated the handling of "forced_command" into a do_exec() function in session.c. These were being handled inconsistently and allocated

This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required

Hi. I have found a error of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords. I reported a same type of error to Mr. Miller when openssh-1.2.1pre23 was released. On our systems, our local machines have shadowed /etc/passwd (and /etc/shadow) and our NIS server distributes non-shadowed password of general users. We have to use

Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd =

QNX Neutrino does not support the shadow password database properly. Apart from misdocumenting /etc/shadow as having 4 fields when in fact it has 5 (including the "last changed" field), its getspnam() fills in the sp_expire field of the spwd structure with 0. And since by default, shadow support is enabled and the configure script turns on HAS_SHADOW_EXPIRE when it finds that field,

http://bugzilla.mindrot.org/show_bug.cgi?id=281 Summary: unable to authorize with local shadow password Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

I have installed OpenSSH on a RedHat 7.1. When I try to log on I get a 'connection closed' after I enter my password. What is wrong??? Here is the debug info: # /usr/sbin/sshd -ddd debug1: sshd version OpenSSH_3.5p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type

Greetings, complete debug below > -----Original Message----- > From: Ben Lindstrom [mailto:mouring at etoh.eviladmin.org] > Sent: 10 July 2003 03:32 > To: Vikash Badal - PCS > Cc: 'openssh-unix-dev at mindrot.org' > Subject: Re: OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + > PasswordAuthentication no + PermitEmptyPasswords yes (followup) > > > > Would be

Greetings, When PasswordAuthentication no + PermitEmptyPasswords yes SSH2 allows access to a passwordless account without a valid key. This is my patch: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ wormhole# diff -u auth2-none.c.old auth2-none.c --- auth2-none.c.old Thu Jul 17 06:23:24 2003 +++ auth2-none.c Thu Jul 17 06:44:42 2003 @@ -100,7 +100,9 @@ if (check_nt_auth(1,

After upgrading to openssh-3.4p1, password authentication is no longer working on my system. I'm running Linux RedHat 6.2 with: kernel 2.2.20 openssh-3.4p1 openssl-0.9.6 pam-0.72-6 pwdb-0.61-0 I've tried it with and without compression, with and without priv sep, and I always get errors like this: Jun 30 19:07:48 sugarfreejazz sshd[1344]: Failed password for randy from 10.10.10.2 port

Hi All. Attached is a patch which adds AIX native password expiry support to sshd. It will only apply to -current and is a subset of the patch I have been working on in the last few months (see bug #14 [1]). It contains code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported by many others (see [2] for a full list). It adds a do_tty_change_password function that execs

http://bugzilla.mindrot.org/show_bug.cgi?id=731 Summary: sshd terminates a session after a successful login Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

Hi All. Attached is a patch introduces password expiry handling for AIX (other platforms to follow). It is more or less the same as the previous patch but has been updated to reflect recent changes to auth-passwd.c I'm wondering if the AIX parts of auth.c should be moved to port-aix.c and if the generic password change functions (currently at the end of auth-passwd.c) belong in a separate

Hi Group, recently I upgraded to v 3.7.1p2 on Reliant Unix (former SINIX). With sser root everything works fine, but with a "normal" user the session terminates.. I put the logfile of the "sshd -dddd" at the end. What is wrong? regard Stephan --------------- debug2: read_server_config: filename /etc/sshd_config debug1: sshd version OpenSSH_3.7.1p2 debug1: private host key:

I am porting over the portable version of openssh to our uCLinux implementation. Everything has worked with minimal effort and I appreciate all the work. But, I am having a problem whereby the sshd executable is crashing and I really could use some help on where to look at this in more details. Here is how I start up the sshd for testing. /usr/sbin/sshd -D -ddd -f /etc/ssh/sshd_config -p 65

I encountered a couple of strange events with respect to password authentication this morning. Two of our staff were unable to login onto several systems using their usual passwords. Both users had last logged in on these hosts using their accounts and passwords on Friday past. The two accounts could not log on to any of the servers for which they had access and the message log on each showed

I have used SSHD from openssh-3.7.1p1 on HP-UX 11:11. It works correctly and the entry in the logfile is: Sep 24 07:01:20 garm sshd[6625]: Accepted password for japs from 192.38.97.131 port 2463 Next I have upgraded to openssh-3.7.1p2 and restarted SSHD. It does not accept the password any more and the entries in the logfile are: Sep 24 12:21:38 garm sshd[19542]: User japs not allowed because