Displaying 20 results from an estimated 50000 matches similar to: "[Bug 442] New: sshd allows login via public-key when account locked"
2002 Nov 24
1
[Bug 442] sshd allows login via public-key when account locked
http://bugzilla.mindrot.org/show_bug.cgi?id=442
------- Additional Comments From dtucker at zip.com.au 2002-11-24 14:25 -------
Created an attachment (id=181)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=181&action=view)
Test for locked account in allowed_user()
Tested on Redhat 8 and Solaris 8.
------- You are receiving this mail because: -------
You are the assignee for
2003 Feb 23
3
[Bug 442] sshd allows login via public-key when account locked
http://bugzilla.mindrot.org/show_bug.cgi?id=442
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #183 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2003-02-23 22:53 -------
2003 May 11
0
[Bug 442] sshd allows login via public-key when account locked
http://bugzilla.mindrot.org/show_bug.cgi?id=442
------- Additional Comments From dtucker at zip.com.au 2003-05-11 12:07 -------
Further info: it appears that in later patch sets, Solaris 8 and 9 now check the
password string against *LK* in PAM and deny access even for non-password
authentications (eg rhosts).
2003 Jan 07
1
[Bug 442] sshd allows login via public-key when account locked
http://bugzilla.mindrot.org/show_bug.cgi?id=442
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From djm at mindrot.org 2003-01-07 12:19
2003 Jan 07
2
Test for locked account in auth.c (bug #442).
Hi Damien,
I noticed you merged a couple of ifdefs in the fix for bug #442. The
cvs comment says "Fix Bug #442 for PAM case". The code is now roughly:
#if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \
!defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
spw = getspnam(pw->pw_name);
passwd = spw->sp_pwdp;
#else
passwd =
2002 Jun 14
0
[Bug 278] ssh allows auto login even if account is locked
http://bugzilla.mindrot.org/show_bug.cgi?id=278
Darren.Moffat at Sun.COM changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From Darren.Moffat at Sun.COM
2002 Nov 12
1
Locked account and logging in with public key
Hi!
I'm using Openssh v3.5p1 with Solaris 8 compiled with pam support enabled.
It seems that if I use public key authentication I can log in to an
account that is locked (/etc/shadow has *LK* as password).
Login is also allowed even if the user does not have a valid shell.
Is this a bug or am I missing something?
--
Osmo Paananen
2003 Aug 26
1
Locked account checks and PAM
Hi All.
I (actually the tinderbox[1]) found a problem with the fix for bug #422:
when PAM is enabled on a platform that uses /etc/shadow, the variable
"passwd" in auth.c is used uninitialized.
There's a simple patch attached to fix this.
The question is: should the locked account test be done when PAM is
enabled or should we rely on PAM to do the right thing? In theory they
2002 Jun 14
0
[Bug 278] New: ssh allows auto login even if account is locked
http://bugzilla.mindrot.org/show_bug.cgi?id=278
Summary: ssh allows auto login even if account is locked
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2003 Sep 25
2
unexpected change in "locked account" behaviour
I just ran into what I'd describe as an unexpected side-effect. I don't
think it's necessarily a bug, and I don't need any assistance in working
around it, but this information might be useful to others for
troubleshooting.
This was using OpenSSH built under Solaris 2.5.1, and running under
2.5.1 or 8.
The symptom was that after upgrading from 3.7.1p1 to 3.7.1p2, some
accounts
2015 Apr 28
0
[Bug 1696] output an error message when an account is locked
https://bugzilla.mindrot.org/show_bug.cgi?id=1696
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|NEW |RESOLVED
CC|
2003 Oct 07
1
[Bug 731] sshd terminates a session after a successful login
http://bugzilla.mindrot.org/show_bug.cgi?id=731
Summary: sshd terminates a session after a successful login
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2005 Sep 09
8
[Bug 1083] Disable login for locked account
http://bugzilla.mindrot.org/show_bug.cgi?id=1083
Summary: Disable login for locked account
Product: Portable OpenSSH
Version: 4.2p1
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: senthilkumar_sen at
2011 Oct 08
2
Detect PID of sshd processes used by one public key; detect -R allocated port on the server
I have a situation where a number of potentially hostile clients ssh to
a host I control, each ssh'ing in as the same user, and each forwarding
a remote port back to them.
So, the authorized_keys file looks like:
no-agent-forwarding,command="/bin/true",no-pty,no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7"
ssh-rsa AAAAB....vnRWxcgaK9xXoU= client1234 at example.com
2001 Apr 30
0
Insufficient sshd debug output
Apologies if this issue has already been addressed.
But it isn't plain, even using sshd -d -d -d, why function allowed_user
would return 0.
In my case, an old version of login was ignoring the expiry-date field
of /etc/shadow, but sshd was refusing access.
There are several reasons why access might be refused, and it shouldn't
be necessary to modify auth.c to print out the info - it
2002 Mar 25
0
[Bug 184] New: 3.1p1 openssh fails to build a working sshd on Trusted HP-UX 10.26
http://bugzilla.mindrot.org/show_bug.cgi?id=184
Summary: 3.1p1 openssh fails to build a working sshd on Trusted
HP-UX 10.26
Product: Portable OpenSSH
Version: -current
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo:
2008 Mar 12
2
[Bug 1083] Disable login for locked account
https://bugzilla.mindrot.org/show_bug.cgi?id=1083
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #13 from Darren Tucker <dtucker at
2008 Sep 05
2
[Bug 1523] New: Log public key identifier on pubkey login
https://bugzilla.mindrot.org/show_bug.cgi?id=1523
Summary: Log public key identifier on pubkey login
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2003 Sep 26
2
[Bug 720] "UseDNS no" breaks public key login
http://bugzilla.mindrot.org/show_bug.cgi?id=720
Summary: "UseDNS no" breaks public key login
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy:
2006 Jun 23
2
[Bug 1083] Disable login for locked account
http://bugzilla.mindrot.org/show_bug.cgi?id=1083
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1148| |ok?
Flag| |
------- Comment #10 from dtucker at zip.com.au 2006-06-23 21:15 -------