Displaying 20 results from an estimated 60000 matches similar to: "[Bug 331] ssh w/o privilege separation does not work for non-root users"
2002 Jul 03
0
[Bug 331] New: ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
Summary: ssh w/o privilege separation does not work for non-root
users
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P3
Component: ssh
AssignedTo:
2003 Jan 07
1
[Bug 331] ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
------- Additional Comments From djm at mindrot.org 2003-01-07 18:23 -------
3 months, no followup == no bug
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Sep 10
0
[Bug 331] ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
------- Additional Comments From djm at mindrot.org 2002-09-10 22:11 -------
Are there any messages left in the log on the server end?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2001 Jan 08
0
AW: X11-Forwarding for Reliant UNIX (formerly SINIX)
Damien Miller [SMTP:djm at mindrot.org] wrote:
> On Mon, 8 Jan 2001, Bladt Norbert wrote:
[...]
>> The result fo my investigation is:
>> 3. All standard X-applications try to determine whether
>> they are running locally, i.e. if the DISPLAY on
>> computer HOSTX is HOSTX:10.0 the X-applications detect
>> that this is the local computer and try to open the
2001 Jan 09
0
Result: X11-Forwarding for Reliant UNIX (formerly SINIX)
Hi !
I promised to report the result to the list.
Here it is:
Damien Miller [SMTP:djm at mindrot.org] wrote yesterday on his keyboard:
> On Mon, 8 Jan 2001, Bladt Norbert wrote:
[...]
>> During the last week I did some investigations why the X11 forwarding
>> on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box
>> with OpenSSH-2.3.0p1.
>>
>> The
2001 Jan 09
3
OpenSSH on Reliant UNIX
Hello, it's me again !
I tried to compile / install OpenSSH on our Reliant UNIX
system, OS version 5.45 (and 5.44).
The following problems did appear:
1. OpenSSL-0.9.5a will not compile out of the box.
The problem on RU 5.45 is, that the compiler does
support "long long" but NOT "unsigned long long".
The latter just provokes the error message
"superfluous
2000 May 19
0
AW: Solved: on Solaris, "couldn't wait for child '...' completion : Nochild processes"
> Andre Lucas [SMTP:andre.lucas at dial.pipex.com] wrote:
>
> No! The error message is because I used 'error()' instead of 'debug()'.
> That's changed in the 2.1.0p1 release, I believe. (I don't have access
> to it right now.) This was discussed last week for 2.1.0 - just change
> error() to debug() for those two messages.
Sorry, you are completely right.
2001 Mar 20
3
Rhosts-RSA authentication broken
Hello !
I think a problem was introduced in openssh-2.3.0p1 which is
still there in the latest openssh-2.5.2p1. I just noticed it
before my vacation and could not send this mail earlier than
today.
The problem is:
You can't use the Rhosts-RSA authentication based on the hosts.equiv
file and the host keys.
The only possible way to do rhosts-RSA authentication is to allow
the usage of the
2000 Jul 04
0
AW: rhostsauthentication fails. (Or why I hate poorly documented software.)
> jeff at ntcor.com [SMTP:jeff at ntcor.com] wrote:
>
> I have a ssh enabled server and client machine (we'll call them "server"
> and "client" respectively...)
OK :-)
> They both have proper RSA and DSA keys,using protocol version 2 works
> fine between them. (so ssh itself and the network is working fine)
OK.
> However, I want to get something that
2000 May 12
1
Patch: OpenSSH 2.1.0 under Solaris 8, Solaris 7 and other systems , too
Hi !
Karsten Thygesen wrote:
>>>>> "carl" == carl <carl at bl.echidna.id.au> writes:
> carl> Marc, I'm seeing the same problem if I use the inbuilt entropy
> carl> generator, but if I use SUNWski's /dev/random, it's fine.
> carl> ssh also coredumps if I use the built in entropy generator if I
> carl> run it in verbose mode.
2001 Jan 08
1
X11-Forwarding for Reliant UNIX (formerly SINIX)
Hi !
To all: A Happy New Year !
During the last week I did some investigations why the X11 forwarding
on Reliant UNIX Versions 5.44 and 5.45 does not work out of the box
with OpenSSH-2.3.0p1.
The result fo my investigation is:
1. The OpenSSH sshd opens a TCP/IP-port 6000 + display number
and listens to it. This is fine and works with Solaris 7,
DEC-OSF 4.0D, Linux and FreeBSD-4.2 but not
2001 Jan 09
0
AW: fatal: PRNG initialisation failed
Joe Warren-Meeks [SMTP:joe at hole-in-the.net] wrote:
> open("/usr/local/etc/ssh_prng_cmds", O_RDONLY) = 3
open of the command file succeeded.
> brk(0x000E6DB8) = 0
"malloc" in user land, i.e. sshd
> brk(0x000E8DB8) = 0
"malloc" in user land, i.e. sshd
> fstat64(3, 0xFFBEECD8)
2001 Jan 09
0
Difference 2.1.1 and 2.3.0p1 on Reliant UNIX
Hi !
I upgraded one of our Reliant UNIX systems from 2.1.1 to 2.3.0p1.
Now, I suddenly can't login any more.
The error message is:
Attempting authentication for illegal user ...
The reason is:
Password expiration
Although I don't use my password to login, at all.
I login via RSAAuthentication and this did work with version 2.1.1.
Version 2.3.0p1, obviously, checks the password
2000 May 19
2
Solved: on Solaris, "couldn't wait for child '...' completion: No child processes"
> John Horne [SMTP:J.Horne at plymouth.ac.uk] wrote:
>
> Emanuel Borsboom <emanuel at heatdeath.org> wrote:
>> Trying to install the portable OpenSSH on Solaris 2.6. Compiling from
>> openssh-2.1.0.tar.gz using gcc. Compiles and installs fine. sshd
>> starts fine. First connection from another system works. Child sshd is
>> forked, but the parent dies
2007 Jul 21
10
[Bug 1343] New: Privilege separation does not work on QNX
http://bugzilla.mindrot.org/show_bug.cgi?id=1343
Summary: Privilege separation does not work on QNX
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: kraai at
2000 May 12
1
Patch: OpenSSH 2.1.0 under Solaris 8, Solaris 7 and other sys tems, too
> -----Urspr?ngliche Nachricht-----
> Von: Andre Lucas [SMTP:andre.lucas at dial.pipex.com]
> Gesendet am: Freitag, 12. Mai 2000 16:37
> An: Bladt Norbert
> Cc: 'Karsten Thygesen'; 'openssh-unix-dev at mindrot.org';
> 'carl at bl.echidna.id.au'
> Betreff: Re: Patch: OpenSSH 2.1.0 under Solaris 8, Solaris 7 and
> other systems, too
>
> Well
2004 May 21
4
[Bug 839] Privilege Separation + PAM locks users out
http://bugzilla.mindrot.org/show_bug.cgi?id=839
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #600 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2004-05-21 13:08 -------
2000 Jul 04
0
AW: FreeBSD 3.5-STABLE
At 08:15 04/07/00 +0200, Bladt Norbert wrote:
>> Darren Evans [SMTP:darren at horseplay.demon.co.uk] wrote:
>>
>> gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\"
>-DSSH_PROGRAM=\"/usr/local/bin/ssh\" -
>> DSSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh/ssh-askpass\"
>-DHAVE_CONFIG_H -c loginrec.c
>> loginrec.c:
2002 Jul 05
1
[jlevine@utcnist.colorado.edu: Privilege separation]
Is this a known problem?
Niels.
----- Forwarded message from Judah Levine <jlevine at utcnist.colorado.edu> -----
Date: Fri, 5 Jul 2002 08:58:46 -0600 (MDT)
From: Judah Levine <jlevine at utcnist.colorado.edu>
To: provos at citi.umich.edu
Subject: Privilege separation
Hello,
I have just installed openssh-3.4p1 on a COMPAQ/DEC/HP Alpha running
True64 UNIX v4.0F. The privilege
2011 Jun 16
1
Privilege Separation Design Question
Hello all,
I have a question about the design of the privilege separation aspect of
openSSH. From what I understand, the interface between the privileged
process and the unprivileged one is implemented as a set of well-defined
operations with only a small subset of these operations enabled at any
given time. These operations are enabled and disabled depending on the
task at hand.
What I am