Displaying 20 results from an estimated 10000 matches similar to: "Expired PAM accounts"
2002 Jun 25
1
PAMAuthenticationViaKbdInt and KeyAuth
Hi there,
when enabling the option PAMAuthenticationViaKbdInt, a login with password is
always possible, even though when you disabled it with PasswordAuthentication
no and PermitRootLogin without-password!
Is this intended? Why is there no documentation about this (or at least a
waring in the default configuration file)?
The problem is, it is enabled in the default installation of Debian
2004 Mar 04
3
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
http://bugzilla.mindrot.org/show_bug.cgi?id=808
Summary: segfault if not using pam/keyboard-interactive mech and
password's expired
Product: Portable OpenSSH
Version: 3.8p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
2002 May 26
0
[Bug 256] New: Expired password unchangeable again with pam support
http://bugzilla.mindrot.org/show_bug.cgi?id=256
Summary: Expired password unchangeable again with pam support
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2004 Jun 22
2
patch: openssh empty password fail with pam/sshv1
Hi,
We've encountered a bug with OpenSSH 3.8.1p1 on Linux. With an account
that has an empty password and with PAM and Privilege Separation turned
on through the SSH1 protocol, the login fails with:
fatal: mm_request_receive_expect: read: rtype 24 != type 46
I believe the problem is a missing do_pam_account() call. The patch below
to auth1.c fixes the problem. If this is correct, can
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
Hi All.
This patch calls pam_chauthtok() to change an expired password via PAM
during keyboard-interactive authentication (SSHv2 only). It is tested on
Redhat 8 and Solaris 8.
In theory, it should have simply been a matter of calling pam_chauthtok
with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is
if it's expired, right? From the Solaris pam_chauthtok man page:
2006 May 03
8
[Bug 1188] keyboard-interactive should not allow retry after pam_acct_mgmt fails
http://bugzilla.mindrot.org/show_bug.cgi?id=1188
Summary: keyboard-interactive should not allow retry after
pam_acct_mgmt fails
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
2005 Sep 21
23
[Bug 1087] SSH fails to show PAM password expiry message from LDAP on login
http://bugzilla.mindrot.org/show_bug.cgi?id=1087
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Group|Portable OpenSSH |
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2007 May 19
5
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215
Jesse Zbikowski <embeddedlinuxguy at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |embeddedlinuxguy at gmail.com
--- Comment #7 from Jesse Zbikowski <embeddedlinuxguy at
2004 Sep 14
1
PATCH: Public key authentication defeats passwd age warning.
All,
I tried to sign up for this list a few weeks ago, but I don't think
it worked. After I confirmed my intention to be on the list, I only
got one single message from someone on the list, and that was it.
So, either this is a particularly quiet list, or my subscription
was dropped somehow just after it was made. So, if you could kindly
CC me directly on any responses to this, I sure would
2001 Nov 13
1
Kerberos / PAM bug in OpenSSH CVS
In do_authloop() in auth1.c(), the Kerberos 4 and 5 code both allocate, then
xfree() the client_user string. The call to do_pam_account() later in the
function then tries to use this string, resulting in a corrupt remote user.
Finally, before exiting, the function frees client_user again, resulting in a
double free and much mess.
Patch attached.
Cheers,
Simon.
--
Simon Wilkinson
2003 Sep 23
5
PAM sessions and conversation functions
In OpenSSH 3.6.1p2, pam_open_session() ran with a conversation function,
do_pam_conversation(), that fed text to the client. In OpenSSH 3.7.1p2,
this is no longer the case: session modules run with a conversation
function that just returns PAM_CONV_ERR. This means that simple session
modules whose job involves printing text on the user's terminal no
longer work: pam_lastlog, pam_mail, and
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
Hi All.
Attached is another patch that attempts to do pam_chauthtok() via SSH2
keyboard-interactive authentication. It now passes the results from the
authentication thread back to the monitor (based on a suggestion from
djm).
Because of this, it doesn't call do_pam_account twice and consequently
now works on AIX 5.2, which the previous version didn't. I haven't tested
it on any
2008 Oct 16
2
5.1p on RHEL 3 and password expiration
[ Sorry for the length of this; I felt it better to provide potentially
too much info, rather than not enough. I've probably missed something
that's important, though! ]
I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and
"UsePrivilegeSeparation no" is set. The code detects that the user
password is aged (according to shadow) but then fails to let me
2003 Jan 09
7
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
------- Additional Comments From dtucker at zip.com.au 2003-01-09 23:17 -------
Created an attachment (id=199)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=199&action=view)
Implement password change via /bin/passwd in session.
openssh-passexpire10.patch:
* Implementes shadow and AIX password expiry.
* Adds general expire_message
2004 Feb 07
14
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |793
nThis| |
------- You are receiving this mail because: -------
You are on the CC list for
2018 Sep 28
2
Support for RFC4252 in sshd with PAM
Hi
I'm trying to integration a Java application using SSHJ
<https://github.com/hierynomus/sshj> client-side - into OpenSSH 7.4. This
is fine, except where I get to a password expiry situation.
Looking at RFC4252 <https://www.ietf.org/rfc/rfc4252.txt> (which is
supported by SSHJ) I don't see any SSH_MSG_USERAUTH_PASSWD_CHANGEREQ [60]
messages getting passed from
2020 Sep 08
23
[Bug 3210] New: Confusing errors when pam_acct_mgmt() fails
https://bugzilla.mindrot.org/show_bug.cgi?id=3210
Bug ID: 3210
Summary: Confusing errors when pam_acct_mgmt() fails
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: PAM support
Assignee:
2003 Jun 28
1
[Bug 14] Can't change expired /etc/shadow password without PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=14
Bug 14 depends on bug 463, which changed state.
Bug 463 Summary: PrintLastLog doesn't work in privsep mode
http://bugzilla.mindrot.org/show_bug.cgi?id=463
What |Old Value |New Value
----------------------------------------------------------------------------
Status|ASSIGNED
2002 Jul 18
0
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
stevesk at pobox.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |smueller at atsec.com
------- Additional Comments From stevesk at pobox.com 2002-07-18 15:46 -------
*** Bug 256 has been marked as a
2010 Jul 26
0
WG: WG: samba4 phyton-dns error
For all running in the same error:
This solved my problem. In smb.conf --> interfaces = eth0
And all is up and running perfect!!
Daniel
-----------------------------------------------
EDV Daniel M?ller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 T?bingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de