similar to: [PATCH] AIX password expiration

Displaying 20 results from an estimated 100 matches similar to: "[PATCH] AIX password expiration"

2000 May 15
1
AIX authenticate patches
Here are some patches to re-enable support for AIX's authenticate routines. With them, ssh will honor locked & unlocked accounts, record successful and unsuccessful logins, and deny accounts that are prohibited to log in via the network. Tested with AIX 4.3. It also includes a fix for handling SIGCHLD that may be needed for other platforms (HP-UX 10.20, for example). If I get the time
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required
2000 Oct 24
3
openssh-SNAP-20001016
Using openssh-SNAP-20001016 all of our problems with hanging connections have gone away (woohoo!), and it seems to be working flawlessly, but I am seeing messages like this in syslog: Oct 24 16:57:48 dhumb301 sshd[17752]: error: channel 0: internal error: we do not read, but chan_read_failed for istate 8 Oct 24 16:57:59 dhumb301 sshd[17771]: error: select: Bad file descriptor Oct 24 16:58:30
2003 Jul 30
1
[PATCH] Password expiry merge (AIX parts)
Hi All. Attached is a patch introduces password expiry handling for AIX (other platforms to follow). It is more or less the same as the previous patch but has been updated to reflect recent changes to auth-passwd.c I'm wondering if the AIX parts of auth.c should be moved to port-aix.c and if the generic password change functions (currently at the end of auth-passwd.c) belong in a separate
2001 Feb 12
2
OSF_SIA bug in 2.3.0p1
Is anyone maintaining the OSF_SIA support in openssh? This seems to be an obvious bug triggered if you try to connect as a non-existant user. >From auth1.c line 459 #elif defined(HAVE_OSF_SIA) (sia_validate_user(NULL, saved_argc, saved_argv, get_canonical_hostname(), pw->pw_name, NULL, 0, NULL, "") == SIASUCCESS)) { #else /*
2003 Jul 05
0
[PATCH] Replace AIX loginmsg with generic Buffer loginmsg
Hi All. I've decided to try to merge the -Portable parts of the password expiry patch (see bug #14) that do not depend on the OpenBSD change in bug #463. The attached patch is the first step in this process. It removes the AIX-specific "char *aixloginmsg" and replaces it with a platform-neutral "Buffer loginmsg". I think this is worth having in -Portable even if it
2001 Nov 05
2
Security - ssh allows unintended access on AIX
Under AIX there are three security settings: expires = a fixed date at which an account is no longer valid maxage= weeks before a password expires maxexpires=max weeks during which a password can be changed by a user after expiration AFTER WHICH ACCESS IS NOT ALLOWED Beauty of maxage with expires is, that no manual intervention is required to block inactive users. With maxage=5 and expires=1 an
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users noticed that it did not honor password expiration consistently with other Solaris login services. The patch below is against OpenSSH 2.2.0p1 and adds support for PAM password changes on expiration via pam_chauthtok(). A brief summary of changes: auth-pam.c: * change declaration of pamh to "static pam_handle_t *pamh",
2003 Jul 09
0
[PATCH] Add expired password handling for AIX.
Hi All. Attached is a patch which adds AIX native password expiry support to sshd. It will only apply to -current and is a subset of the patch I have been working on in the last few months (see bug #14 [1]). It contains code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported by many others (see [2] for a full list). It adds a do_tty_change_password function that execs
2003 May 12
1
Building Openssh-3.6.1p2 with Darren Tucker's AIX Password Expiry patch
Hello, as you read by the subject I am trying to compile openssh-3.6.1p2 with AIX password expiry patch. Operating system is AIX 4.3 using gcc 2.9-aix43-010414 I am using prngd as my entropy. My configuration flags are as follows: --with-prngd-socket=/dev/egd-pool --prefix=/usr/local/openssh I run into the following errors when I run make: ld: 0711-317 ERROR: Undefined symbol:
2004 Jun 04
1
Password aging problem
Compile openssh-3.8p1 with gcc and the following flags --prefix=/tmp/build/sshd --with-ssl-dir=/tmp/build/lib --with-utmpx, no PAM. Everything complies correctly, and I changed sshd_config to use "UseLogin yes" When my client connects (using the newer ssh client too), I do not get the message that my password will expire in xx days, but sshd shows that it is picking up that info (next
2003 Jun 25
2
openssh-3.6.1p2-passexpire20.patch prevents /etc/nologin display on AIX
Hi there, I have just compiled up 3.6.1p2 both with and without Darren Tuckers passexpire patch. However, with the patch applied /etc/nologin isn't displayed to users (on AIX 5.1 / PSSP) The patched vesion seems to fail with "illegal user" - some parts of a debug 3 log... debug1: userauth-request for user ade45 service ssh-connection method none debug1: attempt 0 failures 0
2002 Apr 10
1
openssh-3.1p1 on GNU/Hurd
Hi, I've gone and ported the latest version of openssh, 3.1p1, to GNU/Hurd. I've tried to learn from the other threads on this topic, but I still had to get rid of MAXHOSTNAMELEN where I could. James A. Morrison diff -urN openssh-3.1p1.old/Makefile.in openssh-3.1p1/Makefile.in --- openssh-3.1p1.old/Makefile.in Tue Feb 26 14:24:22 2002 +++ openssh-3.1p1/Makefile.in Tue Apr 9 16:16:49
2001 Jan 03
0
AIX loginsuccess and aixloginmsg ?
Hi, I noticed that the AIX specific loginsuccess call uses char *aixloginmsg to retrieve login information. Later this message is printed in session.c (around line 753). Loginsuccess mallocs space for this message and according to the aix docs it's the responsibility of the calling program to free this message. I didn't notice any code in openssh that would free the aixloginmsg. Can
2002 Sep 23
19
Call for testing for 3.5 OpenSSH
OpenBSD tree is heading into a lock and this includes OpenSSH. So we are winding up for a 3.5 release. If we can get people to test the current snapshots and report any problems that would improve the odds that your platform won't be broke for 3.5. Issues I know off of right now. 1. I can't test NeXT. So I TRULY need someone in that community to test for me. Last I heard there was
2003 Apr 27
3
[PATCH re-send]: Clean up logging of failed logins
sorry, Darren. Long over due comments. [..] >+/* Record a failed login attempt. */ >+void >+record_failed_login(const char *user, const char *host, const char *ttyname) >+{ >+#ifdef WITH_AIXAUTHENTICATE >+ loginfailed(user, host, ttyname); >+#endif >+#ifdef _UNICOS >+ cray_login_failure((char *)user, IA_UDBERR); >+#endif /* _UNICOS */ >+} I like the
2001 Feb 04
1
minor aix patch to auth1.c
--- auth1.c.orig Sat Feb 3 18:17:53 2001 Bringa AIX modes in line with latest changes to auth1.c +++ auth1.c Sat Feb 3 18:19:15 2001 @@ -347,7 +347,7 @@ if (authctxt->failures++ > AUTH_FAIL_MAX) { #ifdef WITH_AIXAUTHENTICATE - loginfailed(user,get_canonical_hostname(),"ssh"); +
2001 Sep 04
0
AIX Warning for expired password
Hi, I have made a patch for AIX to report the number of days till a password expire and to prompt for a new one. This patch was made for openssh-SNAP-20010904.tar.gz (2.9p2) of the CVS repository. If you have any suggestion or question to submit, please cc to me, I'm not in the list. Bye -- Pablo Sor Departamento de Seguridad Informatica - AFIP psor at afip.gov.ar, psor at ccc.uba.ar
2002 Aug 22
7
[Bug 383] PublicKeyAuthentication failure when rlogin set to false
http://bugzilla.mindrot.org/show_bug.cgi?id=383 ------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 ------- what does "rlogin set to false" mean? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2002 Aug 12
2
AIX authenticate()
Hi, I just got a comment from one of my IBM support engineeres that there is a problem with auth-passwd.c only calling authenticate() once. He claims it should potentially be called several times, in case several authetication methods are defined in /etc/security/user. F.ex.: SYSTEM = "NIS and DCE" Suggested (untested) patch should look like: ----------------- cut