Displaying 20 results from an estimated 4000 matches similar to: "Suggestion: Disable PrivilegeSepartion by default"
2002 Apr 24
1
hostbased authentication and the root account
We have a problem using hostbased authentication in combination with the
root account. We use hostbased authentication to hop from a 'management
server' where we use strong authentication to several systems in a cluster.
The management server is defined in shosts.equiv and the public key of this
server is defined in ssh_known_hosts. This setup works for all users except
for the root user
2002 Jul 14
3
[Bug 125] with BSM auditing, cron editing thru ssh session causes cron jobs to fail
http://bugzilla.mindrot.org/show_bug.cgi?id=125
------- Additional Comments From jrj at purdue.edu 2002-07-14 13:31 -------
Created an attachment (id=131)
Update of bug #2 patch to 3.4p1
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Dec 10
2
OpenSSH 3.5p1 and BSM for Solaris
Can someone help me get BSM working with Solaris 8 and OpenSSH 3.5p1?
I saw the patch here for OpenSSH 3.4p1, but do not know how to apply it to OpenSSH 3.4p1 nor do I feel comfortable modifying to work with OpenSSH 3.5p1:
openssh-unix-dev at mindrot.org
Is this patch needed to fix the BSM crontab issue only, or is it required for BSM auditing in general?
Jeff
2005 Aug 29
4
Conflict between LDAP and Privilege Separation?
Hi all.
OpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005 on Solaris 8 using host-based
authentication.
With "PrivilegeSeparation yes" and "UsePAM no" everything works as
desired. If I enable PAM, I am able to connect, but just before it
gives me a shell, it disconnects. If I leave PAM enabled and disable
PrivilegeSeparation, it works.
Is this a current limitation, or is there
2002 Apr 11
3
[Bug 2] sshd should have BSM auditing on Solaris
http://bugzilla.mindrot.org/show_bug.cgi?id=2
Michael.Gerdts at alcatel.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |Michael.Gerdts at alcatel.com
------- You are receiving this mail because: -------
You are the assignee for the bug, or are
2004 Sep 01
2
openssh-3.9p1: no pam_close_session() invocation
Hello,
I would like to point to this problem again as I have not seen a reply to
my original posting:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106458208520320&w=2
and the problem still exists in version 3.9p1.
After closing a ssh-session the pam_close_session() function is not
invoked. Enabling PrivilegeSeparation (UsePrivilegeSeparation yes) does not
help.
Could someone
2002 Dec 19
1
OpenUsePrivilegeSeparation on Compaq V5.1A with C2/SIA Security
I'm using OpenSSH_3.5p1 (server protocol 2.0 ) on a Compaq device V5.1A with
C2 Security (SIA)
configured.
I must set UsePrivilegeSeparation to no to get this working.
Does anyone have PrivilegeSeparation working on a Compaq device with C2
Security configured?
Source device:
ssh user at destination ( produces these errors)
sshd: /var/tcb/files/__db_lock.share: Permission denied
sshd:
2006 Mar 10
1
PrivSep and PAM environment variable setting
I think I've seen this come up before, but I couldn't find an answer in
the archives.
I'm trying to use the PAM "pam_mail.so" module on Linux to set the MAIL
environment variable (so I don't have to try to do it in various shell
init scripts), but the MAIL setting doesn't get passed through unless I
disable PrivilegeSeparation.
Is there a way to have PAM set
2002 Jul 03
2
--{enable/disable}-suid-ssh removed, rhosts auth gone when UID != 0
Hi,
According to ChangeLog someone "(bal)" removed -{enable/disable}-suid-ssh
from configure (dating from 2002/06/07). Don't know the reason, probably
this has something to do with PrivilegeSeparation.
Consequence is: Users with UID != 0 are no longer able to allocate
privileged ports, sshd answers "Rhosts Authentication disabled,
originating port will not be
2005 May 03
5
[Bug 1029] SIGTERM and cleanup of wtmp files
http://bugzilla.mindrot.org/show_bug.cgi?id=1029
Summary: SIGTERM and cleanup of wtmp files
Product: Portable OpenSSH
Version: 4.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: senthilkumar_sen
2005 Jan 24
15
[Bug 125] add BSM audit support
http://bugzilla.mindrot.org/show_bug.cgi?id=125
alex.bell at bt.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |alex.bell at bt.com
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2003 Dec 02
1
Sun Kerberos Password Expiration Problems with OpenSSH 3.7.1p2
I am running Solaris 8 with the Basic Security Module (BSM) loaded and
Sun's Enterprise Authentication Mechanism (SEAM) installed. Our servers
are using Sun One Directory Services (LDAP) for authorization and Sun's
Kerberos 5 implementation for authentication. We have been using OpenSSH
3.4p1 with OpenSSL 0.9.6f and everything has been working fine.
We are updating our OpenSSH and OpenSSL
2014 Dec 04
3
Adding Solaris Audit to sshd (and sftp-server)
Hi Damien,
I'm working with the Solaris team that is integrating openssh
into upcoming Solaris releases. I'm looking for advice from the
upstream community. You were suggested for that advice. If
there are other mailing lists you'd like me to ask, I'm happy
to do so, or if you'd like to forward, please feel free to do so.
The --with-audit=bsm (audit-bsm.c) configuration
2003 Jan 03
1
OpenSSH, Solaris 8, and BSM works with BSM patch, but must disable privilege separation
To get BSM working on Solaris 8 with OpenSSH, I did this:
Download John R. Jackson's OpenSSH 3.5p1 BSM patch here, and save as "patch.tar.gz":
http://bugzilla.mindrot.org/show_bug.cgi?id=125
(NOTE TO OpenSSH DEVELOPERS, can you incorporate this patch into the next version of OpenSSH?)
Installing the OpenSSH 3.5p1 BSM patch:
?--------------------------------------
Turning on Sun BSM
2011 Mar 08
3
This is supposed to predict a time series?!
Hello,
I just ran the predict.StructTS function using the AirPassengers data
and got a ridiculous result. Here's what I ended up with:
http://24.210.155.111/PredictWhat!.pdf
Who wrote this? Am I seriously supposed to think this function would
accurately predict a time series?
-AnalogKid
2004 Dec 20
6
[Bug 125] add BSM audit support
http://bugzilla.mindrot.org/show_bug.cgi?id=125
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #647 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2004-12-20 16:24 -------
2005 Jan 26
1
OpenSSH and BSM
All,
I've recently received a requirement to implement OpenSSH on a Solaris
server with BSM enabled. Checking through the list archive suggests that
the patch Darren's patch is almost ready but requires testing & perhaps
fine-tuning.
Can someone please let me know what the status is and if any assistance
is required with testing I'm happy to offer an extra pair of hands.
Thanks
2006 Sep 30
1
audit-bsm.c lacks <errno.h>
#include <errno.h> was removed from includes.h in July:
----------------------------
revision 1.113
date: 2006/07/12 12:22:46; author: dtucker; state: Exp; lines: +1 -2
- stevesk at cvs.openbsd.org 2006/07/11 20:07:25
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
includes.h
2009 Dec 13
4
any use of flash causing "stack level too deep"
Is there any way to clear what''s in there?
This happens any time flash[] is in my code. It can be setting or
reading a value.
I''ve tried commenting out all uses of flash in my code to get a few
different pages to load, thinking this would clear the values, but no
luck.
If I get into the debugger, a p flash or pp flash will give a ''Stack
level too deep'' error
2007 Jun 02
1
Problem with the command "StrucTS" that fits a basic structural model for time series
Hi everybody,
I'am very interested with the basic structural model of time series. So I used the command "StructTS" but I failed to obtain a desirable output, in fact when I write in R Console the following lines:
> x=(1,2,3,4,5,2,25,14,12,13,11,6,9,24,12,13,14,12,12,14,11,12,14,15,20,21,22,23,21,25,28)
>(fit <- StructTS(x,type = "BSM"))
I obtained the following