Displaying 20 results from an estimated 6000 matches similar to: "auth-pam.c, USE_POSIX_THREADS"
2004 May 04
3
Error with USE_POSIX_THREADS and OpenSSH-3.8p1
Hello,
I am using OpenSSH-3.8p1 on HP-UX machine with USE_POSIX_THREADS option.
This is for making the kerberos credentials file to be created in the system
with PAM. In OpenSSH versions 3.5 when authentication is done with pam
kerberos, a /tmp/krb5cc_X_Y file is created on the server side. But the
KRB5CCNAME variable is not set by default. So, after we manually set this
environment variable, the
2002 Jun 26
2
MAP_ANON replacement?
Here I would like to suggest a replacement for MAP_ANON on systems which
do not have it, such as Solaris < 8. In "man mmap" of Solaris 8:
When MAP_ANON is set in flags, and fd is set to -1, mmap()
provides a direct path to return anonymous pages to the
caller. This operation is equivalent to passing mmap() an
open file descriptor on /dev/zero with
2004 May 18
2
pam_setcred fails for "USE_POSIX_THREADS + non-root users + PrivSep yes"
Hello,
We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a
non-root user with PAM [pam-kerberos] then I get the following error.
debug3: PAM: opening session
debug1: PAM: reinitializing credentials
PAM: pam_setcred(): Failure setting user credentials
This is particularly for non-root users with PrivSep YES. When I connect to
a root user with PrivSep YES or to a non-root
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes
PAM authentication take place in a separate process or thread
(launched from sshpam_init_ctx() in auth-pam.c). By default (if you
don't define USE_POSIX_THREADS) the code "fork"s a separate process.
Or if you define USE_POSIX_THREADS it will create a new thread (a
second one, in addition to the primary thread).
The
2001 Sep 28
2
openssh-2.9p2, auth2.c
Even with option "HostbasedUsesNameFromPacketOnly yes", the trailing
dot in chost should be stripped before auth_rhosts2() is called from
hostbased_key_allowed().
Hans Werner Strube strube at physik3.gwdg.de
Drittes Physikalisches Institut, Univ. Goettingen
Buergerstr. 42-44, D-37073 Goettingen, Germany
Suggested change:
*** auth2.c.ORI Wed Apr 25 14:44:15 2001
---
2001 Oct 24
3
Inconsistent server/client configuration
It appears somewhat inconsistent to me that parameter HostKey is configurable
on the server side but fixed on the client side.
On the client, always _PATH_HOST_KEY_FILE, _PATH_HOST_DSA_KEY_FILE,
_PATH_HOST_RSA_KEY_FILE are used (in this order), whereas on the server,
the paths can be specified by up to three HostKey options as arbitrary names
in arbitrary sequence.
Similarly, option
2004 Nov 01
1
SSHD with PAM question
Let me refine my previous question:
> Can anyone provide some insight into why the auth-pam module uses a fork in
> pthread_create (auth-pam.c)? This completely breaks the ability of one PAM
function
> to pass data to others via the pam_set_data/pam_get_data functions.
Can anyone tell me how to #define USE_POSIX_THREADS when building --with-pam
defined? The autoconfig stuff
2004 May 27
1
Solaris/PAM/AFS: can't make it work
Greetings,
I know this has been discussed (pretty much since 3.7.1) and I have
been going through the archives trying to make sense of it but I am
still having problems getting 3.8.1p1 to work with PAM and AFS on
Solaris 8.
The problem (for those who may have missed it):
When I try and log in as an AFS user to a Solaris 8 box running
3.8.1p1, I can authenticate to the machine but do not
2018 Jun 08
4
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
On 8 June 2018 at 11:21, PGNet Dev <pgnet.dev at gmail.com> wrote:
> fyi
>
> add'l -- and looks unrelated -- issue
> /usr/include/pthread.h:251:12: note: previous declaration of ?pthread_join? was here
> extern int pthread_join (pthread_t __th, void **__thread_return);
What included pthread.h? That's explicitly not supported by sshd:
$ grep THREAD
2003 May 10
4
New PAM code landing (at last)
Hello all,
The long-mooted PAM merge from FreeBSD is starting _now_. This replaces
the PAM password auth kludge that we have used until now with a discrete
challenge-response module. This module is invoked via
keyboard-interactive for protocol 2 or TIS auth for protocol 1.
Warning: this is a large change and will probably break things. It has
only been tested with basic password auth modules and
2006 Dec 06
1
Pre-rev1 compatibility
What about adding some compatibility for pre-rev1 IMAP4 clients which
are still around (e.g., CDE dtmail, even in Solaris 10)? Especially,
the understanding of command
FETCH message (... RFC822.HEADER.LINES (parameters))
instead of
FETCH message (... BODY.PEEK[HEADER.FIELDS (parameters)])
(with correspondingly changed replies) would be desirable and shouldn't
be too difficult to implement.
2001 Sep 28
3
openssh-2.9p2, short hostnames
For systems where the local hostname is obtained as a short name without
domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x
from ssh.com.
For the server, there might be a corresponding option in order to strip
the domain name from the remote client name (if it matches the server's
DefaultDomain) for use in auth_rhost2, since netgroups usually contain
short
2001 Nov 09
2
openssh-3.0p1, auth2.c
openssh-3.0p1 still contains the bug which I already reported on Sept. 28 2001
for 2.9p2, namely, the trailing dot in chost should be stripped before calling
auth_rhosts2() even with option "HostbasedUsesNameFromPacketOnly yes".
Otherwise, the host names in /etc/hosts.equiv and .rhosts would have to be
dot-terminated. Fix: Move lines 776-779 of auth2.c upwards to after line 767.
(These
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
Hi All.
Attached is another patch that attempts to do pam_chauthtok() via SSH2
keyboard-interactive authentication. It now passes the results from the
authentication thread back to the monitor (based on a suggestion from
djm).
Because of this, it doesn't call do_pam_account twice and consequently
now works on AIX 5.2, which the previous version didn't. I haven't tested
it on any
2001 Apr 14
2
Problems With Starcraft
Well heres the story.. I decided to install the newest version of wine (20010326
I believe) I am running wine on a linux partition, and have configured
everything according to the various HOWTOS and FAQ's and other pieces of
Documentation I have read. Starcraft & Starcraft Broodwar installed with no
incident whatsoever. There is one problem however, when I try and install the
patch to
2017 Jan 10
3
Winbind PAM RHEL
HI,
on debian i use pam winbind by adding
the file /usr/share/pam-configs/winbind and enable this.
Is there another way on RHEL? i have configure RHEL that wbinfo -u gives me the users and getent passwd also.
id <username> is not possible. It tells me user unknown.
With authconfig i have enable winbind for authentication.
Im Using RHEL6 and Samba 4.4.9
Best wishes
OLIVER WERNER
2004 Feb 27
1
Minor Thread Bug In OpenSSH 3.8p1
There is a minor problem with the PAM support in OpenSSH 3.8p1. If you use
POSIX threads (as specified by defining USE_POSIX_THREADS) in auth-pam.c,
PAM authentication will fail in routine import_environments(). The purpose
of this routine is to import variables returned by do_pam_account() in
sshpam_thread(). However, those variable are only exported if USE_POSIX_THREADS
is NOT set.
2017 Jan 10
1
Winbind PAM RHEL
jep thats also configured.
OLIVER WERNER
System-Administrator
> Am 10.01.2017 um 13:41 schrieb Vinicius Bones Silva via samba <samba at lists.samba.org>:
>
> check your /etc/nsswitch.conf and confirm that passwd and group lines have the winbind keyword
>
> passwd: files winbind
> group: files winbind
>
>
>
> Em 10/01/2017 10:29, Oliver Werner via samba
2003 Aug 24
12
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |627
nThis| |
Status|NEW |ASSIGNED
------- Additional
2003 Nov 18
4
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwor ds
It works for the "yes" case but not for the "without-password" case.
The function that checks (auth_root_allowed(auth_method) is special
cased for "password". The Pam case sends "keyboard-interactive/pam"
which like all other authentication methods except password succeeds.
Here is a patch to make it work for me. Please feel free to criticize
as