similar to: OpenSSH-3.6.1p2 PAM Problems

hi, i just noticed that my pam_tally config has stopped working. it used to work in 3.6.1p2, but since then hasn't. i configured openssh like so: ./configure --with-tcp-wrappers --with-pam --with-privsep-user=sshd --with-md5-passwords --with-ipaddr-display and i do have "UsePAM yes" set in sshd_config. i've tried and failed to get it to work with 3.7.1p2 and 3.8.1p1. i've

OpenSSH 3.6.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. This is a release of the Portable version only. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes

OpenSSH 3.6.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. This is a release of the Portable version only. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes

http://bugzilla.mindrot.org/show_bug.cgi?id=1237 Summary: Behaviour of openssh with pam_tally is very buggy Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org

Hi I am trying to lock users after 3 attempts and then set the timeout before they can log in again. I thought i could achieve this with auth required pam_tally.so deny=3 unlock_time=600 in /etc/pam.d/system-auth but it seems to not be the case - I cant find a working config for this anywhere and i wonder if anyone has one they can share? thanks

Hi, I'm currently using, CentOS release 4.8 (Final) and wanted to update the pam_tally module to support unlock_time. I understand this is only support on centos 5.x and up. What are my options for updating pam_tally to support unlock_time, can I simply download and update from a centos repo or should I compile pam. I would appreciate some suggestions. paul -------------- next part

Hello, I think to have find a small pb with openssh when a Radius server is unreachable. I use radius authentication with pam my system-auth is the following auth [success=done auth_err=die default=ignore] /lib/security/pam_radius_auth.so try_first_pass debug auth [success=ignore auth_err=ignore default=ignore] pam_nologin.so file=/etc/raddb/radiusfailure auth

Hi I have some odd problem with running dovecot. Program dies with message in maillog: Mar 31 21:04:02 test-box dovecot: Dovecot starting up Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: Login process died too early -

On Tue, January 27, 2015 1:58 pm, Peter Lawler wrote: > On 28/01/15 04:47, Always Learning wrote: >> >> Saw this on the Exim List:- >> > <SNIP> >> >> I use Exim on C5 and C6 - should I be worried about Exim on C6 ? >> > > upstream references: > https://rhn.redhat.com/errata/RHSA-2015-0092.html When I read this I read that it is fixed in

Saw this on the Exim List:- From: Tony Finch <dot--at-- at dotat.at> Subject: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim Date: Tue, 27 Jan 2015 17:33:45 +0000 "The Exim mail server is exploitable remotely if configured to perform extra security checks on the HELO and EHLO commands ("helo_verify_hosts" or "helo_try_verify_hosts"

Hello. Is it possible to run wine on openwall-patched linux kernel? Invoking /opt/wine/bin/wine.bin /home/ftp/pub/windows/telnet/putty.exe ... err:win32:do_relocations Standard load address for a Win32 program not available - patched kernel ? err:win32:do_relocations FATAL: Need to relocate Z:\home\ftp\pub\windows\telnet\putty.exe, but no relocation records present (stripped during link). Try to

I am looking at adding some tests based on John the Ripper to the test suite repository. http://www.openwall.com/john/ Does anyone have a problem with this? Are there specific algorithms people would like to see benchmarked? Thx Chris Matthews chris.matthews@.com (408) 783-6335 -------------- next part -------------- An HTML attachment was scrubbed... URL:

https://bugzilla.mindrot.org/show_bug.cgi?id=1469 Summary: Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576) Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

On 25/06/16 21:48, mj wrote: > > > On 06/25/2016 06:32 PM, Mark Foley wrote: >> I think I've read something on this before, but I can't seem to find it. > As far as we know, this is impossible. :-( > > It a feature we would also VERY much like to see, for exactly the same > reason. > > MJ > never actually tried this, but couldn't you use pam_tally

Package: xen Severity: grave Tags: security Please see http://www.openwall.com/lists/oss-security/2012/07/26/4 Cheers, Moritz

Good afternoon, I am trying to setup dovecot to authenticate using the userdata from wordpress. It's being a bit mor difficult than I thought. This is the relevant part of the dovecot-sql.conf default_pass_scheme = CRYPT password_query = SELECT user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as

https://bugzilla.mindrot.org/show_bug.cgi?id=1982 Bug #: 1982 Summary: different behavior compared to php (openwall version of bcrypt) Classification: Unclassified Product: jBCrypt Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

Hello all, At this moment I am running a samba-ldap-pdc. This works really good. But what worries me is the following thing: user accounts never get locked. This is a problem cause anyone can guess or use bruteforce to enter password. Is there a solution/workaround for this? I want the following situation : when a user tries to logon for 4 times I want the account to lock out the account.

Hello R users, I have a set of data frames for which I am tallying row numbers, as shown below. > nrow(mC_Explant) [1] 14480 > nrow(mC_Callus) [1] 23320 > nrow(mC_RegenPlant) [1] 8108 etc. I want to create a new data frame which has the variable names as column headings, and then a single row with the nrow tallies. My first step was this: dfIntron <- c(nrow(mC_Explant),

Hi, I've setup Samba 3.5.6 as a member server in a 2003R2 domain with a single dc, idmapping is by rfc2307 with a tdb backend for builtin accounts etc, I can list users and groups using wbinfo and I can create shares and access them from the windows server, files and folders owned by ad users show the correct user and group names so mapping appears to be working, I can su to ad accounts but I