similar to: [Bug 331] New: ssh w/o privilege separation does not work for non-root users

http://bugzilla.mindrot.org/show_bug.cgi?id=331 ------- Additional Comments From norbert.bladt at t-systems.ch 2002-07-03 17:34 ------- Forgot to mention the kernel version: 2.2.14-5.0, sorry. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=331 ------- Additional Comments From djm at mindrot.org 2003-01-07 18:23 ------- 3 months, no followup == no bug ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=331 ------- Additional Comments From djm at mindrot.org 2002-09-10 22:11 ------- Are there any messages left in the log on the server end? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

> jeff at ntcor.com [SMTP:jeff at ntcor.com] wrote: > > I have a ssh enabled server and client machine (we'll call them "server" > and "client" respectively...) OK :-) > They both have proper RSA and DSA keys,using protocol version 2 works > fine between them. (so ssh itself and the network is working fine) OK. > However, I want to get something that

Hi, for some days now I am/was fighting with an annoying problem. I have to support an environment where RhostRSAAuthecntication via /etc/ssh/sshd_known_hosts is used for password-less login. This works fine with RH7.3 (and RH8) and openssh versions openssh-3.1p1-3 (and openssh-3.4p1-2). Our customer has now requested an upgrade to RH9. That comes with openssh-3.5p-11 and the password-less

Hi ! I promised to report the result to the list. Here it is: Damien Miller [SMTP:djm at mindrot.org] wrote yesterday on his keyboard: > On Mon, 8 Jan 2001, Bladt Norbert wrote: [...] >> During the last week I did some investigations why the X11 forwarding >> on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box >> with OpenSSH-2.3.0p1. >> >> The

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=382 Summary: Privilege Separation breaks HostbasedAuthentication Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at

Hi ! I upgraded one of our Reliant UNIX systems from 2.1.1 to 2.3.0p1. Now, I suddenly can't login any more. The error message is: Attempting authentication for illegal user ... The reason is: Password expiration Although I don't use my password to login, at all. I login via RSAAuthentication and this did work with version 2.1.1. Version 2.3.0p1, obviously, checks the password

Hello, it's me again ! I tried to compile / install OpenSSH on our Reliant UNIX system, OS version 5.45 (and 5.44). The following problems did appear: 1. OpenSSL-0.9.5a will not compile out of the box. The problem on RU 5.45 is, that the compiler does support "long long" but NOT "unsigned long long". The latter just provokes the error message "superfluous

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

Hi ! To all: A Happy New Year ! During the last week I did some investigations why the X11 forwarding on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box with OpenSSH-2.3.0p1. The result fo my investigation is: 1. The OpenSSH sshd opens a TCP/IP-port 6000 + display number and listens to it. This is fine and works with Solaris 7, DEC-OSF 4.0D, Linux and FreeBSD-4.2 but not

Is this a known problem? Niels. ----- Forwarded message from Judah Levine <jlevine at utcnist.colorado.edu> ----- Date: Fri, 5 Jul 2002 08:58:46 -0600 (MDT) From: Judah Levine <jlevine at utcnist.colorado.edu> To: provos at citi.umich.edu Subject: Privilege separation Hello, I have just installed openssh-3.4p1 on a COMPAQ/DEC/HP Alpha running True64 UNIX v4.0F. The privilege

http://bugzilla.mindrot.org/show_bug.cgi?id=319 Summary: Privilege Separation failing on OSF1 v5.1 Product: Portable OpenSSH Version: -current Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only does not work if UsePrivilegeSeparation is enabled; but it does work if privsep is disabled. Here are excerpts of debug from the server. -----------UsePrivilegeSeparation DISABLED------- ... Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M debug1: restore_uid^M debug1: ssh_dss_verify:

Hello in the new Openssh 3.5p1 is the sam Bug as in the 3.4p1 :-( When a User try to login with a expired Passwort, SSH denys the Acces to the System fbeckman at zvadmxz:/home/fbeckman # ssh -v fbeckman at xy OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090605f debug1: Reading configuration data /etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted.

Damien Miller [SMTP:djm at mindrot.org] wrote: > On Mon, 8 Jan 2001, Bladt Norbert wrote: [...] >> The result fo my investigation is: >> 3. All standard X-applications try to determine whether >> they are running locally, i.e. if the DISPLAY on >> computer HOSTX is HOSTX:10.0 the X-applications detect >> that this is the local computer and try to open the

> Andre Lucas [SMTP:andre.lucas at dial.pipex.com] wrote: > > No! The error message is because I used 'error()' instead of 'debug()'. > That's changed in the 2.1.0p1 release, I believe. (I don't have access > to it right now.) This was discussed last week for 2.1.0 - just change > error() to debug() for those two messages. Sorry, you are completely right.

Hi! There is a situation when sshd will crash, but it might be rather hard to reproduce. I'll try to explain the setup :) S/KEY is compiled and installed (taken from http://www.sparc.spb.su/solaris/skey/ ) on Linux box (kernel 2.4.0). Then, OpenSSH 2.3.0p1 is compiled with skey support. It all works fine (patch has been applied too, which fixes skey issue found in November). Now, for the

Hi ! Karsten Thygesen wrote: >>>>> "carl" == carl <carl at bl.echidna.id.au> writes: > carl> Marc, I'm seeing the same problem if I use the inbuilt entropy > carl> generator, but if I use SUNWski's /dev/random, it's fine. > carl> ssh also coredumps if I use the built in entropy generator if I > carl> run it in verbose mode.

http://bugzilla.mindrot.org/show_bug.cgi?id=297 Summary: sshd version 3.3 incompatible with pre-3.3 clients in ssh1 mode Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: