similar to: [Bug 395] ident-protocol gives "root" as connection owner

http://bugzilla.mindrot.org/show_bug.cgi?id=395 Summary: ident-protocol gives "root" as connection owner Product: Portable OpenSSH Version: older versions Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Hello, We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a non-root user with PAM [pam-kerberos] then I get the following error. debug3: PAM: opening session debug1: PAM: reinitializing credentials PAM: pam_setcred(): Failure setting user credentials This is particularly for non-root users with PrivSep YES. When I connect to a root user with PrivSep YES or to a non-root

http://bugzilla.mindrot.org/show_bug.cgi?id=270 Summary: PrivSep breaks sshd on AIX for non-root users Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

I have Asterisk configured to record calls. Both in and out record ok but SoxMix fails to join the two files. The error from the CLI is as follows: Execute of ( nice -n 19 soxmix /var/spool/asterisk/monitor/Support-in.wav /var/spool/asterisk/monitor/Support-out.wav /var/spool/asterisk/monitor/Support.wav && rm -f /var/spool/asterisk/monitor/Support-* ) & failed. If I run exactly the

Does anybody know of these samba packages? http://ftp.cvut.cz/samba/samba-latest.tar.gz AFAICS they are faked and contain some kind of rootkit (you can see this in the history below. the server this history is from is taken offline for security reasons, and nobody is there till 7th Jan I can't give you more details) > 144 w > 145 cat /etc/issue > 146 uname -a > 147

Sorry to ask this question here since it's related to IRC and not Asterisk, but I am having trouble logging into the #asterisk IRC channel on freenode and was wondering if anyone else has had this problem and solved it. So here's the situation: Whenever I try to login to the #asterisk channel I get a message like "you must be identified to login to this channel." So after doing

https://bugzilla.mindrot.org/show_bug.cgi?id=440 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1429| |ok? Flag| | --- Comment #7 from Darren Tucker <dtucker at

Hi Few days ago I've problem with running identd in jail on 4.10-stable I've found that getcred() sysctl isn't permitted from within jail on 4.x. R.Watson suggest some "cheap hack" for this but I've solved this without patching the kernel. My patched ident gets result of getcred() sysctl from jauthd daemon via unix socket. Jauthd is simply getcred proxy, it gets two

I've just realised that when a user uses ssh to connect to a machine, then sets up a port forward and uses it, the resulting connection is reported by identd as belonging to root. While I realise ident is not any kind of secure authentication, it doesn't make much sense to make it even less so by letting any user create connections reported to be made by root. The sshd should drop all

hey folks, I keep seeing this on the internet "The user name lookup feature of TCP Wrappers uses identd to identify the username of the remote host. By default, this feature is disabled, as identd may appear hung when there are a large number of TCP connections." but I cant seem to find out how/where to enable said feature. Jason

http://bugzilla.mindrot.org/show_bug.cgi?id=270 ------- Additional Comments From dtucker at zip.com.au 2002-06-09 19:59 ------- Created an attachment (id=111) sshd output on AIX w/PrivSep ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On 02/02/2017 07:35 AM, Leonard den Ottolander wrote: >> If that's so, why are you supplying patches to pkcheck rather than >> fixing pkexec? > The patch has a fix for three memory leaks. One memory leak that allows > heap spraying in pkexec.c that according to the aforementioned article > is*directly* exploitable and has been fixed upstream. It took me a while to find

Hi all! It's great to start with "for dummies" question, but hey, we all have been human infants also =) Problem is, that I can not log on to this channel and I haven't found anything helpful during the past few days either. 1. The irc.freenode.net server gives me "Couldn't look up your hostname" and "No identd (auth) response" followed with

Hi! When a configured samba server i enter the following command, i don't see any of my domain user. MORGOTH:~# getent passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh ... nobody:x:65534:65534:nobody:/home:/bin/sh guillaume:x:1000:1000:Guillaume C.,,,:/home/guillaume:/bin/bash

Works on my netbsd tinkerbox. NetBSD 5.0.2 NetBSD 5.0.2 (GENERIC) It uses rlimit. Privsep sandbox style: rlimit I also get warnings during make. fmt_scaled.c: In function 'scan_scaled': fmt_scaled.c:84: warning: array subscript has type 'char' fmt_scaled.c:111: warning: array subscript has type 'char' fmt_scaled.c:155: warning: array subscript has type 'char'

Hi all, Has identd been removed from the upstream release? If so what replaces it? I see an oidentd rpm on DAG, but I'm curious about what I should be using? Many Thanks Daveh

On Mon, Aug 25, 2014 at 3:42 PM, Damien Miller <djm at mindrot.org> wrote: > On Mon, 25 Aug 2014, Kevin Brott wrote: > > > Slightly better results this time 'round ... still having non-ec.h build > > issues, what I think is a race condition on RHEL 3, and PIE issues (fixed > > with --without-pie config option) on RHEL 5 64-bit systems with a > just-built >

https://bugzilla.mindrot.org/show_bug.cgi?id=1981 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2136| |ok+ Flags| | --- Comment #4 from Damien Miller <djm at mindrot.org>

Hello! Please consider including the attached patch in the next release. It allows one to drop privilege separation code while building openssh by using '--disable-privsep' switch of configure script. If one doesn't use privilege separation at all, why don't simply allow him to drop privilege separation support completely? -- Sincerely Your, Dan. -------------- next part

http://bugzilla.mindrot.org/show_bug.cgi?id=463 Summary: PrintLastLog doesn't work in privsep mode Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: