similar to: Bug report: OpenSSH 3.1p1

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

Host based authentication does not seem to be working for us after upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at 0.96d). Any time we try to connect from another unix box also running openssh-3.4p1, we get the following error (on the server side) and host based auth fails (it falls back to password prompt). sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:

How do you enable hostbased authentication in OpenSSH? I have two Red Hat 7.3 machines running openssh-3.4p1, and I would like to be able to ssh from either of the machines to the other, as any user, without using passwords or per-user keys. My /etc/ssh/sshd_config contains: [...] IgnoreRhosts no HostbasedAuthentication yes [...] My /etc/ssh/ssh_config contains: [...]

http://bugzilla.mindrot.org/show_bug.cgi?id=356 Summary: 3.4p1 hostbased authentication between Linux and Solaris Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5

In do_authloop() in auth1.c(), the Kerberos 4 and 5 code both allocate, then xfree() the client_user string. The call to do_pam_account() later in the function then tries to use this string, resulting in a corrupt remote user. Finally, before exiting, the function frees client_user again, resulting in a double free and much mess. Patch attached. Cheers, Simon. -- Simon Wilkinson

We have 10 SuperMicro PDSMi+ 5015M-MTs that are panic'ing every few days. This started shortly after upgrade from 6.2-RELEASE to 6.3-RELEASE with freebsd-update. Other than switching to a debugging kernel, a little sysctl tuning, and patching with freebsd-update, they are stock. The debugging kernel was built from source that is also being patched with freebsd-update. These systems are

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

The variable local_user was allocated by xstrdup and is not freed or pointed to in this branch. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sshconnect.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/sshconnect.c

BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

This patch introduces iprio class for cfq data control layer. By applying this patch, controller can also handle the RT/IDLE properties among groups. Signed-off-by: Satoshi UCHIDA <s-uchida at ap.jp.nec.com> --- block/cfq-cgroup.c | 344 +++++++++++++++++++++++++------------------ include/linux/cfq-iosched.h | 1 + 2 files changed, 203 insertions(+), 142 deletions(-)

This patch introduces iprio class for cfq data control layer. By applying this patch, controller can also handle the RT/IDLE properties among groups. Signed-off-by: Satoshi UCHIDA <s-uchida at ap.jp.nec.com> --- block/cfq-cgroup.c | 344 +++++++++++++++++++++++++------------------ include/linux/cfq-iosched.h | 1 + 2 files changed, 203 insertions(+), 142 deletions(-)

Adrian Baugh wrote: > > Hi, > I'm using the Linux port of OpenSSH 1.2-pre15. > One of my users complained of not being able to log in using password > authentication but being able to log in okay using RSA authentication. > I set up the server in debug mode and got the following for RSA > authentication (usernames, machine names and IPs obfuscated): I think I have found

Hello, I'm new to the list, new to NUT, but not new to Unix-likes. I could use some help getting NUT to talk to my Tripp Lite G1000U. Searching Google for "Tripp Lite G1000U" returns exactly two hits at this writing, so that may not be a good sign. ;-) It may just be rebranded for sale through this source (Costco). Externally, the G1000U looks much like the SMART1000LCD: an amber

This patch introcude cfq_cgroup structure which is type for group control within expanded CFQ scheduler. In addition, the cfq_cgroup structure has "ioprio" entry which is preference of group for I/O. Signed-off-by: Satoshi UCHIDA <s-uchida at ap.jp.nec.com> --- block/cfq-cgroup.c | 148 +++++++++++++++++++++++++++++++++++++++++

please test Olaf Kirch's patch. it looks fine to me, but i don't to K5. i'd like to see this in the next release. thx -m -------------- next part -------------- --- openssh-3.4p1/auth-krb5.c.krb Sun Jun 9 21:41:48 2002 +++ openssh-3.4p1/auth-krb5.c Tue Jul 23 15:15:43 2002 @@ -73,18 +73,17 @@ * from the ticket */ int -auth_krb5(Authctxt *authctxt, krb5_data *auth, char

I have setup a few Asterisk systems for customers using Digium TDM400 cards and Aastra phones. No problems with sound quality at all except at this one site. Every time I try their system I don't hear any problems but they tell me that it is really bad. They describe it a a loud scratching sound. Are there any tests that can be done to pinpoint the problem? Has anyone seen this before? Are

Hi, Here's a helpful patch from one of our (Debian's) users. I'd guess that the similar if/xfree a few lines above in the #if PAM section could do with the same treatment. Cheers, Phil. --[[message/rfc822]] Date: Sat, 29 Jan 2000 11:11:32 +0000 From: Colin Watson <cjw44 at cam.ac.uk> To: 49902 at bugs.debian.org [Bug was that when sshing one's password is denied,

Hello, I'm having a problem trying to use ssh to login from my machine with server_user as hughes to myself with server_user as hughes. I have no problem using rlogin - no password required. How do I use ssh to login from my machine as hughes at pnguy to myself with the same server_user (hughes) (etc. ssh pnguy) without a password required. My .rhosts, .shosts in /users/hughes/.ssh