similar to: OpenSSH 3.7.1p2 AIX loginsuccess() issue

There are a couple of bugs in the openssh-3.7.1p2. The aix_setauthdb function does not work with other types of authentication such as AFS/DFS. The loginfailed test in configure is not correct. Also, AIX can use the wtmp logging which I added in configure. Attached is the patch. Thanks, Matt Richards -------------- next part -------------- *** openssh-3.7.1p2/openbsd-compat/port-aix.c Mon Jul 14

Here are some patches to re-enable support for AIX's authenticate routines. With them, ssh will honor locked & unlocked accounts, record successful and unsuccessful logins, and deny accounts that are prohibited to log in via the network. Tested with AIX 4.3. It also includes a fix for handling SIGCHLD that may be needed for other platforms (HP-UX 10.20, for example). If I get the time

Hi, I noticed that the AIX specific loginsuccess call uses char *aixloginmsg to retrieve login information. Later this message is printed in session.c (around line 753). Loginsuccess mallocs space for this message and according to the aix docs it's the responsibility of the calling program to free this message. I didn't notice any code in openssh that would free the aixloginmsg. Can

http://bugzilla.mindrot.org/show_bug.cgi?id=869 Summary: Password expiration does not work for LDAP users Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: critical Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=355 ------- Additional Comments From dtucker at zip.com.au 2002-08-25 18:10 ------- It looks like the call to loginsuccess() fails because it's done as a non-privileged user. This is bad because in addition to generating the message it also clears the failed login counter that leads to account lockout. The following patch fixes it for me

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=385 Summary: loginsuccess on AIX fails Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=1207 Summary: unsuccessful_login_count gets incremented by scp Product: Portable OpenSSH Version: 4.3p1 Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P1 Component: scp AssignedTo: bitbucket at mindrot.org ReportedBy:

Hi Apparently, the server option "PrintLastLog" does not work on AIX. The last login time is always displayed, disregarding the option. When browsing the code, I found out there are several functions in loginrec.c which solely handle the processing of the last login info (login_get_lastlog, getlast_entry). Since AIX does not provide such a function natively, the configure script sets

http://bugzilla.mindrot.org/show_bug.cgi?id=463 ------- Additional Comments From dtucker at zip.com.au 2003-05-10 12:59 ------- I've had a look at the OpenBSD source and I don't think OpenBSD *needs* a "Buffer loginmsg" right now. PrintLastLog can be easily fixed by updating s->last_login_time before the privsep split. So, is there another reason OpenBSD needs (or

https://bugzilla.mindrot.org/show_bug.cgi?id=1595 Summary: Server option PrintLastLog does not work on AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

I have a few patches for AIX. The patchfile is attached below. The patch has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25, with openssl-0.94, using RSAref. 1) authenticate support - this function allows the system to determine authentification. Whatever the system allows for login, authenticate will too. It doesn't matter whether it is AFS, DFS, SecureID, local.

For those of us who do require / use PAM, will the expired password patch be ported to 3.7.1p2? If so, any kind of estimate on when? Thanks

Hi All. With one eye on the do_pam_chauthtok() stuff I've merged contributions by Pablo Sor and Mark Pitt into a patch against -current. I'm interested in testers and suggestions for improvements. The patch extends the loginrestrictions test to include expired accounts (but unlike Mark's patch, doesn't log accounts with expired passwords unless they're locked) and adds

Hello All, We have been successfully using PAM_LDAP authentication with OpenSSH-3.6 on our HP-UX 11.11. When OpenSSH-3.7.1p2 is installed [with Darrens' password expiry patch 26], and when Shadow password bundle is installed on the system, our ssh authentication failed. Even, when the source is compiled without Darren's patch, the same bahaviour is seen and there is no success. When

http://bugzilla.mindrot.org/show_bug.cgi?id=712 Summary: ssh does not properly utilize OS specified authentication methods on AIX Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

http://bugzilla.mindrot.org/show_bug.cgi?id=543 Summary: sshd does not use AIX's setauthdb Product: Portable OpenSSH Version: 3.6p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: cawlfiel at

http://bugzilla.mindrot.org/show_bug.cgi?id=463 ------- Additional Comments From dtucker at zip.com.au 2003-01-07 23:43 ------- Generate the message earlier in the login process and store for display after session startup? Rather than another variable for this (eg aixloginmsg, maybe __pam_msg), what about using a single Buffer for storing all of the messages to be displayed after login?

*This message was transferred with a trial version of CommuniGate(tm) Pro* I'm trying to put togther a starting list of patches required to get 3.7.1p2 working in our enviroment. I'm pretty sure I need the following at minimum but would like guidance about a couple of them and direction on a couple unanswered questions. I've spent most of the morning trolling the archives, but I

http://bugzilla.mindrot.org/show_bug.cgi?id=723 Summary: Password expire not working properly Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org ReportedBy:

When compiling openssh-4.0p1 under AIX 5.3 ML01 using gcc 3.4.3 I get the following error: > (cd openbsd-compat && make) > make[1]: Entering directory > `/usr/local/src/openssh-4.0p1/openbsd-compat' > gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I.. -I. > -I./.. -I/usr/local/ssl/include -DHAVE_CONFIG_H -c bsd-arc4random.c > In file included from