similar to: OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + PasswordAuthentication no + PermitEmptyPasswords yes

Greetings, complete debug below > -----Original Message----- > From: Ben Lindstrom [mailto:mouring at etoh.eviladmin.org] > Sent: 10 July 2003 03:32 > To: Vikash Badal - PCS > Cc: 'openssh-unix-dev at mindrot.org' > Subject: Re: OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + > PasswordAuthentication no + PermitEmptyPasswords yes (followup) > > > > Would be

Greetings, When PasswordAuthentication no + PermitEmptyPasswords yes SSH2 allows access to a passwordless account without a valid key. This is my patch: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ wormhole# diff -u auth2-none.c.old auth2-none.c --- auth2-none.c.old Thu Jul 17 06:23:24 2003 +++ auth2-none.c Thu Jul 17 06:44:42 2003 @@ -100,7 +100,9 @@ if (check_nt_auth(1,

Greetings, Problem : Openssh3.6.1p2 on UnixWare 7.1.1 allows access to passwordless account without a valid key when sshd_config has PasswordAuthentication no + PermitEmptyPasswords yes Attempts: Installed maintence pack3 and recompiled both OpenSSH and OpenSSL (0.9.7b) with native c compiler. Recompiled both OpenSSH and OpenSSL (0.9.7b) with gcc (2.95.2). Still the same problem. Looking at

Greetings, > -----Original Message----- > From: Vikash Badal - PCS > Sent: 10 July 2003 07:36 > To: 'Tim Rice' > Subject: RE: OpenSSH 3.6.1p2 +UnixWare 7.1.1 +SSH2 + > PasswordAuthentication no + PermitEmptyPasswords yes > > > Greetings, > > Using gcc (2.95.2) + maintenance pack 2 > > Will try maintenance pack 3 and recompile > > Thanks.

Hello, I tried to build the latest samba source package with errors, it seems there is a problem with the compatibility from the awk script mkbuildoptions.awk. With older version 2.2.8a there was no problem compiling the sources. With 3.0.0 i got the following error: ########################################### ... ... configure: creating ./config.status config.status: creating include/stamp-h

Greetings, I have compiled OpenSSH-3.6.1p2 on SCO 3.2v4.2 and the following problem occurs: I am unable to login as root using when strictmode is set to yes. output of debug: Failed none for root from 192.168.1.1 port 1199 ssh2 debug1: userauth-request for user root service ssh-connection method publickey debug1: attempt 1 failures 1 debug2: input_userauth_request: try method publickey debug1:

Hi, after installing 3.6.1p2 I noticed spurious PAM login failures even with PermitEmptyPasswords set to "no": sshd(pam_unix)[1740]: authentication failure; logname=XXX uid=0 euid=0 tty=NODEVssh ruser= rhost=localhost user=XXX After looking at the code I noticed the following in the portability p2 patch: +++ openssh-3.6.1p2/auth-passwd.c 2003-04-29 19:12:08.000000000 +1000

https://bugzilla.mindrot.org/show_bug.cgi?id=2475 Bug ID: 2475 Summary: Login failure when PasswordAuthentication, ChallengeResponseAuthentication, and PermitEmptyPasswords are all enabled Product: Portable OpenSSH Version: 7.1p1 Hardware: ix86 OS: Linux Status: NEW

Greetings. Attached is a patch that provides more logging information for example: Mar 19 08:34:54 secosr5 sshd[7667]: Accepted publickey of? vix at wormhole for root from 192.168.1.1 port 1256 ssh2 Mar 19 08:34:54 secosr5 sshd[7667]: executing command 'who' for? vix at wormhole as user root Mar 19 10:37:16 secosr5 sshd[7725]: Accepted publickey of? vix at wormhole for root from

http://bugzilla.mindrot.org/show_bug.cgi?id=652 Summary: PermitEmptyPasswords option silently ignored Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hi, Does Samba supports SCO Unix (Unixware)? From the FTP sites looks like it doesn't. Regards, Mahesh -------------- next part -------------- HTML attachment scrubbed and removed

If I have PasswordAuthentication yes PermitEmptyPasswords no I'm not able to log in using authorized key authentication if my password is blank. This changed when upgrading from portable 3.7.1p1 to 3.7.1p2. My thoughts were PermitEmptyPasswords would only be used if authenticating with a password. ./configure --with-pam --prefix=/usr --sysconfdir=/etc/ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=235 Summary: While PermitEmptyPasswords no, user can connect, entering ANY other password Product: Portable OpenSSH Version: 3.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=755 Summary: PermitEmptyPasswords ignored Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=615 Summary: OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes Product: Portable OpenSSH Version: 3.6.1p2 Platform: ix86 OS/Version: other Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

I noticed while investigating Debian Bug #93200 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=93200&repeatmerged=yes) that sshd refuses a login if /etc/pam.d/ssh doesn't specify "nullok" after the pam_unix.so module -- is there any way to resolve this problem? It seems that OpenSSH should override PAM in this case, someone posted a patch on 6/19 that appears to address this

http://bugzilla.mindrot.org/show_bug.cgi?id=235 ------- Additional Comments From mouring at eviladmin.org 2002-05-06 06:09 ------- Created an attachment (id=92) Try the following patch to auth-passwd.c ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=235 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From stevesk at pobox.com 2002-07-18 15:17

Anyone can locate what was wrong with the below problem on UnixWare 7.1.1 ? The file rand.h was finally found in one of the tests but configure still failed with ... checking for getpagesize... yes checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install Thanh configure:2302: gcc -o conftest -g -O2 -Wall -I/usr/local/include

http://bugzilla.mindrot.org/show_bug.cgi?id=615 vikashb at comparexafrica.co.za changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|OpenSSH 3.6.1p2 ON SCO |OpenSSH 3.6.1p2 ON SCO |3.2v4.2 + STRICTMODES -->yes|3.2v4.2 + STRICTMODES -->yes |