Displaying 20 results from an estimated 300 matches similar to: "PAM_ERROR_MSG and PAM_TEXT_INFO from modules"
2005 Apr 24
0
[Bug 1002] sshd does not report failed PAM session modules to the client side
http://bugzilla.mindrot.org/show_bug.cgi?id=1002
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From dtucker at zip.com.au 2005-04-24
2018 Jun 12
16
[Bug 2876] New: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2876
Bug ID: 2876
Summary: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not
honoured during PAM authentication
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2003 Sep 23
5
PAM sessions and conversation functions
In OpenSSH 3.6.1p2, pam_open_session() ran with a conversation function,
do_pam_conversation(), that fed text to the client. In OpenSSH 3.7.1p2,
this is no longer the case: session modules run with a conversation
function that just returns PAM_CONV_ERR. This means that simple session
modules whose job involves printing text on the user's terminal no
longer work: pam_lastlog, pam_mail, and
2003 Apr 10
1
sshd and pam , conversation
I have setup openssh with hostbased
authentication on linux (redhat).
I want to allow/deny users based on a
listfile, so i have a PAM module that
does that, and it runs in the "account"
section (oposed to pam_listfile.so,
that uses the "auth" section - it wouldt
work because with hostbased authentication
openssh ignores the "auth" section).
It's working
2022 Oct 10
1
[Bug 3481] New: PAM_TEXT_INFO messages are shown twice if they are the last conversation
https://bugzilla.mindrot.org/show_bug.cgi?id=3481
Bug ID: 3481
Summary: PAM_TEXT_INFO messages are shown twice if they are the
last conversation
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component:
2006 Oct 31
0
6388050 The message for successful password update is a PAM_ERROR_MSG
Author: gww
Repository: /hg/zfs-crypto/gate
Revision: e1da9875c35e62b7c88968d29eb9c649f1c885b2
Log message:
6388050 The message for successful password update is a PAM_ERROR_MSG
Files:
update: usr/src/lib/pam_modules/authtok_store/authtok_store.c
2010 Oct 20
1
Samba 3.5.6 pam problems
Hi,
I've setup Samba 3.5.6 as a member server in a 2003R2 domain with a
single dc, idmapping is by rfc2307 with a tdb backend for builtin
accounts etc, I can list users and groups using wbinfo and I can
create shares and access them from the windows server, files and
folders owned by ad users show the correct user and group names so
mapping appears to be working, I can su to ad accounts but I
2003 May 08
3
wbinfo -u is returning 0xc0000022
Hi all,
I have a samba 2.2.8a install runing on a debian woody. The samba is working fine and I am able to map shared drives. I want to use a Primary Domain Controller to authenticate users. I have included the necessary options in smb.conf,
# separate domain and username with '+', like DOMAIN+username
winbind separator = +
# use uids from 10000 to 20000 for domain users
winbind uid
2024 Nov 27
1
pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication
On 11/27/24 11:10, Rowland Penny via samba wrote:
> I am not having a good day, I now seem to have replied to the wrong
> thread :-(
>
> Lets try again:
>
> If I remember correctly, this is on Gentoo, Debian sets up PAM for you,
> so can we see your PAM config files. Putting winbindd (or is it winbind
> ?) offline is supposed to be the same as pulling the ethernet cable or
2003 Nov 21
1
Winbindd and SSH (just disconnects after login)
It looks like I've gotten the majority of things working in regards to
Winbind. Users are being authenticated by the NT4 PDC when connecting to
shares, but I can't seem to get things set up correctly to allow logging in
via SSH(OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f). It
appears as though I'm successfully authenticated by the PDC, but then the
connection is
2004 Feb 03
3
How do I get pam_mkhomedir to work
Message follows this disclaimer
--------------------------------------------------------------------------------------------------
This email and any files transmitted with it is confidential and intended solely
for the person or organisation to whom it is addressed. If you are not the
intended recipient, you must not read, copy or disseminate the information
or take any action in reliance on it
2003 Nov 18
5
Testing of recent commits
There have been a few recent commits to portable OpenSSH that require
testing. It would be appreciated if you could grab the 20031118 (or
later) snapshot and give it a try on your platforms of choice.
Ideally, "giving it a try" means running the regress tests, in addition
to casual (non-production) use and reporting your experiences back to
the list. The more platforms and compile-time
2005 Apr 30
1
PAM_AUTH_ERR messages
Hi,
There seems to be no way for PAM to inform a user why her ssh login
attempt is being denied. Niether PAM_TEXT_INFO or PAM_ERROR_MSG
conversation messages are passed on to the user by sshd unless the login
is successful. This is causing great frustration for us at several sites
where users can't figure out why their logins aren't working.
Would a patch be accepted to display such
2003 Jun 20
1
Problems with conversation functions PAM + OpenSSH
Hello
sorry, for bothering you with this problem, but I ca't find solutions.
I write small PAM module, and I've got the problem with conversation
function with OpenSSH 3.5p1.
When the message style is PAM_PROMPT_ECHO_ON, or PAM_PROMPT_ECHO_OFF
everything is allright. But when I use PAM_TEXT_INFO, or PAM_ERROR_MSG,
ssh prints nothing on the client side. Does anyone know the reason of
2005 May 21
1
ssh + pam_winbind error 'incorrect password or invaid membership'
Configuration:
Samba 3.0.14a-1 (on debian 3.1) + winbind 3.0.14a-1 + krb5-user 1.3.6-2
I need help debugging pam_winbind.so in /etc/pam.d/ssh on debian.
Samba is a member of an AD domain, authenticating access to shares via
winbind+nsswitch.conf. Authentication to shares works great. Now I
want winbind to authenticate ssh users as a pam module and it's failing.
Below I show the output of
2018 Apr 26
0
account locks not working ssh/winbind?
Hai Rowland,
Thanks for the reply. Ok so we suspect and buggie pam module
The pam.d/ssh is the default
@include common-auth
account required pam_nologin.so
@include common-account
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
@include
2018 Aug 07
2
id <username> - doesnt list all groups
Thank for your answer:
But i dont know understand why is following not working:
I want to restrict the ssh access for a special domain member:
In my "sshd_config" i added:
AllowGroups restrictaccess root
With user2 im able to login via ssh!
log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE
With user1 im not!
log: User user1 from 192.168.0.100 not allowed
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
Hello,
appended is a patch that makes it possible to use PAM both for
password authentication and TIS (i.e. s/key or opie or any other
interactive challenge/response scheme). I have developed this starting
from the patch at http://www.debian.org/Bugs/db/61/61906.html on
Debian with openssh-2.1.1p4-3. After configuring ssh with
--with-pam-tis, there are two PAM services, "sshd" and
2024 Nov 27
1
pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication
On Wed, 27 Nov 2024 10:19:48 -0500
"John R. Graham via samba" <samba at lists.samba.org> wrote:
> When I put winbindd in offline mode,
>
> ??? terra ~ # smbcontrol winbindd offline
> ??? terra ~ # smbcontrol winbindd onlinestatus
> ??? PID 20664: global:Offline BUILTIN:Online TERRA:Online
> HOME:Offline
>
> I can successfully log in (with the test
2018 Apr 26
4
account locks not working ssh/winbind?
Hai.
Config.
Debian Stretch, samba 4.7.7. member server AD backend.
Network setup like in the howtos here. : https://github.com/thctlo/samba4/tree/master/howtos
Today i discovered that somehow a disabled user was able to login after a few retries.
I run a SSH/SFTP server for data exchange with the customer of the company here.
The SSH/SFTP server is restricted by groups, this