similar to: [Bug 331] ssh w/o privilege separation does not work for non-root users

http://bugzilla.mindrot.org/show_bug.cgi?id=331 Summary: ssh w/o privilege separation does not work for non-root users Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P3 Component: ssh AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=331 ------- Additional Comments From djm at mindrot.org 2003-01-07 18:23 ------- 3 months, no followup == no bug ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=331 ------- Additional Comments From djm at mindrot.org 2002-09-10 22:11 ------- Are there any messages left in the log on the server end? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Damien Miller [SMTP:djm at mindrot.org] wrote: > On Mon, 8 Jan 2001, Bladt Norbert wrote: [...] >> The result fo my investigation is: >> 3. All standard X-applications try to determine whether >> they are running locally, i.e. if the DISPLAY on >> computer HOSTX is HOSTX:10.0 the X-applications detect >> that this is the local computer and try to open the

Hi ! I promised to report the result to the list. Here it is: Damien Miller [SMTP:djm at mindrot.org] wrote yesterday on his keyboard: > On Mon, 8 Jan 2001, Bladt Norbert wrote: [...] >> During the last week I did some investigations why the X11 forwarding >> on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box >> with OpenSSH-2.3.0p1. >> >> The

Hello, it's me again ! I tried to compile / install OpenSSH on our Reliant UNIX system, OS version 5.45 (and 5.44). The following problems did appear: 1. OpenSSL-0.9.5a will not compile out of the box. The problem on RU 5.45 is, that the compiler does support "long long" but NOT "unsigned long long". The latter just provokes the error message "superfluous

> Andre Lucas [SMTP:andre.lucas at dial.pipex.com] wrote: > > No! The error message is because I used 'error()' instead of 'debug()'. > That's changed in the 2.1.0p1 release, I believe. (I don't have access > to it right now.) This was discussed last week for 2.1.0 - just change > error() to debug() for those two messages. Sorry, you are completely right.

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

> jeff at ntcor.com [SMTP:jeff at ntcor.com] wrote: > > I have a ssh enabled server and client machine (we'll call them "server" > and "client" respectively...) OK :-) > They both have proper RSA and DSA keys,using protocol version 2 works > fine between them. (so ssh itself and the network is working fine) OK. > However, I want to get something that

Hi ! Karsten Thygesen wrote: >>>>> "carl" == carl <carl at bl.echidna.id.au> writes: > carl> Marc, I'm seeing the same problem if I use the inbuilt entropy > carl> generator, but if I use SUNWski's /dev/random, it's fine. > carl> ssh also coredumps if I use the built in entropy generator if I > carl> run it in verbose mode.

Hi ! To all: A Happy New Year ! During the last week I did some investigations why the X11 forwarding on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box with OpenSSH-2.3.0p1. The result fo my investigation is: 1. The OpenSSH sshd opens a TCP/IP-port 6000 + display number and listens to it. This is fine and works with Solaris 7, DEC-OSF 4.0D, Linux and FreeBSD-4.2 but not

Joe Warren-Meeks [SMTP:joe at hole-in-the.net] wrote: > open("/usr/local/etc/ssh_prng_cmds", O_RDONLY) = 3 open of the command file succeeded. > brk(0x000E6DB8) = 0 "malloc" in user land, i.e. sshd > brk(0x000E8DB8) = 0 "malloc" in user land, i.e. sshd > fstat64(3, 0xFFBEECD8)

Hi ! I upgraded one of our Reliant UNIX systems from 2.1.1 to 2.3.0p1. Now, I suddenly can't login any more. The error message is: Attempting authentication for illegal user ... The reason is: Password expiration Although I don't use my password to login, at all. I login via RSAAuthentication and this did work with version 2.1.1. Version 2.3.0p1, obviously, checks the password

> John Horne [SMTP:J.Horne at plymouth.ac.uk] wrote: > > Emanuel Borsboom <emanuel at heatdeath.org> wrote: >> Trying to install the portable OpenSSH on Solaris 2.6. Compiling from >> openssh-2.1.0.tar.gz using gcc. Compiles and installs fine. sshd >> starts fine. First connection from another system works. Child sshd is >> forked, but the parent dies

http://bugzilla.mindrot.org/show_bug.cgi?id=1343 Summary: Privilege separation does not work on QNX Product: Portable OpenSSH Version: 4.6p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: kraai at

> -----Urspr?ngliche Nachricht----- > Von: Andre Lucas [SMTP:andre.lucas at dial.pipex.com] > Gesendet am: Freitag, 12. Mai 2000 16:37 > An: Bladt Norbert > Cc: 'Karsten Thygesen'; 'openssh-unix-dev at mindrot.org'; > 'carl at bl.echidna.id.au' > Betreff: Re: Patch: OpenSSH 2.1.0 under Solaris 8, Solaris 7 and > other systems, too > > Well

http://bugzilla.mindrot.org/show_bug.cgi?id=839 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #600 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2004-05-21 13:08 -------

At 08:15 04/07/00 +0200, Bladt Norbert wrote: >> Darren Evans [SMTP:darren at horseplay.demon.co.uk] wrote: >> >> gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\" >-DSSH_PROGRAM=\"/usr/local/bin/ssh\" - >> DSSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh/ssh-askpass\" >-DHAVE_CONFIG_H -c loginrec.c >> loginrec.c:

Is this a known problem? Niels. ----- Forwarded message from Judah Levine <jlevine at utcnist.colorado.edu> ----- Date: Fri, 5 Jul 2002 08:58:46 -0600 (MDT) From: Judah Levine <jlevine at utcnist.colorado.edu> To: provos at citi.umich.edu Subject: Privilege separation Hello, I have just installed openssh-3.4p1 on a COMPAQ/DEC/HP Alpha running True64 UNIX v4.0F. The privilege

Hello all, I have a question about the design of the privilege separation aspect of openSSH. From what I understand, the interface between the privileged process and the unprivileged one is implemented as a set of well-defined operations with only a small subset of these operations enabled at any given time. These operations are enabled and disabled depending on the task at hand. What I am