Displaying 20 results from an estimated 500 matches similar to: "Solaris password requirements not enforced"
2004 Dec 28
2
LinuxPAM and sshd: changing conversation function doesn't work but claims to.
Hi.
I'm one of the OpenSSH developers, and I've done some of the work on
sshd's PAM interface recently.
I've discovered some behaviour peculiar to LinuxPAM that I can't
explain: changing the conversation function does not appear to work,
even though the pam_set_item() call claims to succeed. The previous
conversation function is still called.
Background: the PAM API
2018 Jun 12
16
[Bug 2876] New: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2876
Bug ID: 2876
Summary: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not
honoured during PAM authentication
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2008 Oct 16
2
5.1p on RHEL 3 and password expiration
[ Sorry for the length of this; I felt it better to provide potentially
too much info, rather than not enough. I've probably missed something
that's important, though! ]
I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and
"UsePrivilegeSeparation no" is set. The code detects that the user
password is aged (according to shadow) but then fails to let me
2005 Dec 06
4
[Bug 1065] password expiration and SSH keys don't go well together
http://bugzilla.mindrot.org/show_bug.cgi?id=1065
------- Comment #11 from joss at debian.org 2005-12-06 22:31 -------
Created an attachment (id=1036)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1036&action=view)
Debugging output of the issue
Finally, here is the output of sshd -ddd. First, in normal operation. Second,
when the problem occurs. Third, with an expired password,
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
Hi All.
This patch calls pam_chauthtok() to change an expired password via PAM
during keyboard-interactive authentication (SSHv2 only). It is tested on
Redhat 8 and Solaris 8.
In theory, it should have simply been a matter of calling pam_chauthtok
with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is
if it's expired, right? From the Solaris pam_chauthtok man page:
2004 Aug 17
3
sftp with a user defined shell
Hi,
I have a different behavior using sftp compared to ftp for a user with a
user defined shell on a solaris machine.
ftp rejects any user having a user defined shell.
sftp is allowing the user with user defined shell, unfortunately as the
sftp client bails out saying the following message:
"Received message too long 537548147"
Is it because the user shell, outputting lot of text?
2008 Oct 15
5
REXML vs libxml
Hi all,
I''ve been looking at the performance of my fb app and one glaring issue
seems to be with the parsing speed of rexml in processing the results. Has
anyone looked into porting the facebooker parser from rexml to libxml? If
not, any reason I shouldn''t try?
Thanks!
Yu-Shan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2002 Nov 01
3
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
------- Additional Comments From michael_steffens at hp.com 2002-11-02 02:40 -------
Created an attachment (id=162)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=162&action=view)
Patch: Workaround for pw change in privsep mode (3.5.p1)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are
2015 Dec 04
3
Running sshd with Privilege Seperation drops connection on password change
Hi folks,
I came across this issue on both stock CentOS(v6.4) and Ubuntu(14.04 LTS) and was wondering if any of you have seen it.
As far as I can tell this seems like a day-1 bug to me.
PROBLEM:
If I expire a linux user's password (passwd -e <user>) and then log in via ssh, it will prompt you for a password change.
On changing the password successfully, sshd will drop the connection
2002 Dec 21
6
[PATCH] PAM chauthtok + Privsep
Hello All.
Attached is an update to my previous patch to make do_pam_chauthtok and
privsep play nicely together.
First, a question: does anybody care about these or the password
expiration patches?
Anyway, the "PRIVSEP(do_pam_hauthtok())" has been moved to just after
the pty has been allocated but before it's made the controlling tty.
This allows the child running chauthtok to
2004 Mar 02
3
error() and C++ destructors
Hi,
I am writing C++ functions that are to be called via .Call() interface.
I'd been using error() (from R.h) to return to R if there is an error,
but then I realized that this might be not safe as supposedly error()
doesn't throw an exception and therefore some destructors do not get
called and some memory may leak. Here is a simple example
extern "C" void foo() {
string
2006 Feb 28
5
[Bug 1165] 'groups' command fails on AIX when logged in as root user via SSH.
http://bugzilla.mindrot.org/show_bug.cgi?id=1165
Summary: 'groups' command fails on AIX when logged in as root
user via SSH.
Product: Portable OpenSSH
Version: 4.2p1
Platform: Other
OS/Version: AIX
Status: NEW
Severity: major
Priority: P2
Component: Miscellaneous
2008 Oct 17
4
Error when posting facebook.feed.publishActionOfUser
posting ''facebook.feed.publishActionOfUser'' with {:title=>"<fb:fbml>
<fb:name ifcantsee=\"A Hidden User\" linked=\"true\" uid=\"579947937\"
/> wrote a <a href=\"http://apps.facebook.com/dailycaption/captions/1273\">caption</a></fb:fbml>",
2005 Nov 05
1
How to cancel an effect
Hi all,
I have a situation where I want to display an error message, and have
it fade away after a 2 second delay. My problem is an impatient user
could click buttons so fast that multiple Fade effects will be in
play. I believe script.aculo.us can supports canceling existing
effects before starting a new one, but couldn''t find any examples.
I tried something like this but it
2001 Oct 25
3
PAM conversation stuff
Okay, I'm confused again. They way you guys are talking about the
conversation routine, it would seem that you think it is a way to fetch
something from the user - like a new password. Is this possible? Does
calling pam_chauthtok() cause the underlying pam_sm_chauthtok()
eventually print something on stdout and read a new password from stdin
(the socket to the client) using the conversation
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2004 May 18
2
pam_setcred fails for "USE_POSIX_THREADS + non-root users + PrivSep yes"
Hello,
We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a
non-root user with PAM [pam-kerberos] then I get the following error.
debug3: PAM: opening session
debug1: PAM: reinitializing credentials
PAM: pam_setcred(): Failure setting user credentials
This is particularly for non-root users with PrivSep YES. When I connect to
a root user with PrivSep YES or to a non-root
2006 May 10
4
validates_uniqueness_of and create atomicity
Hi folks,
I have a question regarding validates_uniqueness_of, and similar
before-filter-like events attempting to guarantee some DB state prior
to modification.
>From my reading of ActiveRecord, validate_uniqueness_of appears to
cause a SELECT on the underlying table attempting to ensure that a
record with ID(s) specified in the validates_uniqueness_of statement
is not already present, prior
2016 Mar 04
8
[Bug 2548] New: Make pam_set_data/pam_get_data work with OpenSSH
https://bugzilla.mindrot.org/show_bug.cgi?id=2548
Bug ID: 2548
Summary: Make pam_set_data/pam_get_data work with OpenSSH
Product: Portable OpenSSH
Version: 7.2p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: major
Priority: P5
Component: PAM support
Assignee:
2002 Mar 27
4
[Bug 188] pam_chauthtok() is called too late
http://bugzilla.mindrot.org/show_bug.cgi?id=188
------- Additional Comments From Nicolas.Williams at ubsw.com 2002-03-28 02:43 -------
Created an attachment (id=55)
Patch to do pw aging in kbd-interactive
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.