similar to: [Bug 362] New: Loss of change password functionality

http://bugzilla.mindrot.org/show_bug.cgi?id=226 Summary: open ssh appears to stop password change prompts from Solaris Product: Portable OpenSSH Version: 3.1p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=363 Summary: No logging of SSH activities under Solaris BSM Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=362 ------- Additional Comments From thomas.kube at gmx.net 2002-08-30 01:22 ------- Hello, we have upgraded OpenSSH on HP-UX (11.00 and 11.11). The impact is the same as Dirk wrote: No chance to work with passwd -f. By the way: we want to work with LDAP in the near future. Will it work on HP-UX and the current OpenSSH? Thanks for answer, Thomas

http://bugzilla.mindrot.org/show_bug.cgi?id=188 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dirk.bockmann at customs.gov.au ------- Additional Comments From stevesk at pobox.com 2002-08-30 07:08 ------- *** Bug 362 has been

http://bugzilla.mindrot.org/show_bug.cgi?id=362 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |drruiz at hotmail.com ------- Additional Comments From mouring at eviladmin.org 2002-07-20 03:45 ------- *** Bug 359 has been

from MD4 to MD5 (http://rsync.samba.org/ftp/rsync/src/rsync-3.0.0-NEWS). My understanding is that MD5 is a more secure, slower version of MD4 but I am not convinced that the added security of MD5 would alone have merited the change from MD4 (particularly since MD4 is ~30% faster than MD5). I wonder if I am missing other reasons which made the change necessary/desirable? I am looking at ways

http://bugzilla.mindrot.org/show_bug.cgi?id=1062 Summary: error: parse error before "volatile" Product: Portable OpenSSH Version: 4.1p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: bitbucket at mindrot.org

These problem aren't bugs per se but rather major version differences. Sun has finally published a FAQ on their SSH two days ago http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=finfodoc%2F50465&zone_32 =sshd The problem is rooted in the fact that Sun developed their SSH based on OpenSSH 2.5.1p1 That version came out in February of 2001. There have been a number of changes since then and

Typical "[symbolic|hard] link bug" is a vunerability, which allows user X to overwrite files owned by Y (with useless portion of junk) when Y launchs buggy program. But this trivial (and often ignored) attack method can be easily turned into a cute, powerful weapon. Here''s an example how to perform advanced exploitation of gcc symlink bug (I choosen that one, because this

Hi, I'm not sure how interested anybody here is in this, but I've been working lately on getting rid of the horror that is SunSSH for some distros of Illumos (mostly SmartOS). One of the patches we're carrying around at the moment is one that simply drops fine-grained privileges in sshd, ssh-agent and sftp-server. Since the privilege dropping here is roughly equivalent to a more

Attached is a patch that allows for an interactive Kerberos password change via keyboard-interactive, and also reports any banners received from krb5_g_i_c_p() (e.g., password expiration notification if you have krb5-1.2.x patched appropriately). This could probably be refactored a bit and probably done better, but I'm sending this in in case anyone finds it useful. The major drawback is

hi all, we had quite a few requests recently so that SunSSH allowed to hush a banner on client side when in command-mode only. The argument usually is that the banner is mandatory due to legal reasons so first time login users should see it but that it causes problems when ssh is used from scripts after that. '-q' often seems not an option. RFC 4252 permits hushing banner in section

It's great to see this fixed. It's too bad that: a) I didn't have the sense of humor in 2004 to propose KnownUnknowns, and even UnknownUnknowns (a boolean, natch); b) you used a different parameter name than SunSSH (which uses IgnoreIfUnknown). It may not be too late to do something about either of those... I think the Oracle folks will have no problem adding IgnoreUnknown as an

http://bugzilla.mindrot.org/show_bug.cgi?id=813 ------- Additional Comments From alex at milivojevic.org 2005-04-07 04:50 ------- I was doing some testing, and the strange thing is that SunSSH server gives wrong exit status only when using newer versions of openssh on the client side. For example, Red Hat 7.3 as client (openssh 3.1) is OK Fedora Core / RHEL4 as client (openssh 3.9) gives

-=> To moderator: I don't know whether it's wise to release the FTP-location I would recommend everyone to just look over their daemons, and run something like nessus against theirselves... Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Thu, 25 Mar 1999 16:26:59 -0700 From: "Ben Cantrick (Macky Stingray)" <mackys@MACKY.RONIN.NET> To:

http://bugzilla.mindrot.org/show_bug.cgi?id=423 Summary: Workaround for pw change in privsep mode (3.5.p1) Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

Hi, the following patch patches the files in contrib/cygwin. The changes are necessary to allow a better support of privilege separation. On NT machines the script asks now if it should create a user called "sshd" and all that. Additionally it creates the /etc/ssh_config and /etc/sshd_config files follows the latest versions. Would you mind to apply this to the official OpenSSH

Hi, System: Netra 1405, 4x450Mhz, 4GB RAM and 2x146GB (root pool) and 2x146GB (space pool). snv_98. After a panic the system hangs on boot and manual attempts to mount (at least) one dataset in single user mode, hangs. The Panic: Dec 27 04:42:11 base ^Mpanic[cpu0]/thread=300021c1a20: Dec 27 04:42:11 base unix: [ID 521688 kern.notice] [AFT1] errID 0x00167f73.1c737868 UE Error(s) Dec 27

Hello! Please consider including the attached patch in the next release. It allows one to drop privilege separation code while building openssh by using '--disable-privsep' switch of configure script. If one doesn't use privilege separation at all, why don't simply allow him to drop privilege separation support completely? -- Sincerely Your, Dan. -------------- next part

http://bugzilla.mindrot.org/show_bug.cgi?id=14 Bug 14 depends on bug 463, which changed state. Bug 463 Summary: PrintLastLog doesn't work in privsep mode http://bugzilla.mindrot.org/show_bug.cgi?id=463 What |Old Value |New Value ---------------------------------------------------------------------------- Status|ASSIGNED