similar to: Open SSH Specifications

When comparing SSH 1.2.27 with OpenSSH 2.5.1 I see that the SecurID code/patch is not in OpenSSH 2.5.1. I'm not sure how or why that happened. Upon looking through the OpenSSH 2.5.1 source, I think I could fairly easily provide a 'SecurID Authentication Method' patch (which would rely on -DHAVE_SECURID, -I/blah/securid/include, and -L/blah/securid/lib... /blah/securid being a

I read the thread on securid back in march. openssh doesn't support it because it's propriatary, right? I understand that, however I've still got a problem. Work use securid *exclusively* using ssh2. It uses an authentication protocol of securid-1 at ssh.com. The client side does *not* need the securid propriatary stuff, no need for the include files or the library. So, given

Hello all, I looked long and hard for SecurID support for OpenSSH and I have not found it. So, I spent a few hours today and added SecurID authentication support into OpenSSH. Specifically the 2.2.0p1 portability release. I have beat on it for several hours and it seems to work just fine. I don't know if anyone would find these patches useful or not... I also don't know if the

Hi, I would like to do some development on the securid patch to get it to display the passcode prompt when users log in with securid on ssh. Can anyone tell me which scripts currently handle the logon/password prompt in openssh please? Thanks, JS. _________________________________________________________________ Join the world?s largest e-mail service with MSN Hotmail.

> Hello > I complied openssh like this "./configure --with-pam" and I did configure > /etc/pam.conf as follows > # PAM configuration > # > # Authentication management > # > sshd auth required /lib/security/pam_securid.so reserve > sftp auth required /lib/security/pam_securid.so reserve > # > login auth required

Hello all, new version of SecurID patch is available on http://sweb.cz/v_t_m/ The new version of the patch is extended with "shared logins" possibility. It means that SecurID token can be used to login to an account shared by several persons. This cannot be solved using ACE server standard means. This patch depends on the AuthSelection patch (http://sweb.cz/v_t_m). After applying

I've been through the archive, and not found anything conclusive, except for a problem report of sorts from Theo E. Schlossnag (who has a set of patches for SecurID integration). I'm about to replace some ssh 1.2.26 (I know!) installations with OpenSSH 2.5.1p2, on Solaris 2.6 sparc boxes, and we use SecurID tokens for these boxes. I've compiled up OpenSSH 2.5.1p2 with --with-pam,

If I were going to do this, I would probably try moving to a Windows 200x AD domain controller, and implementing RSA SecurID on that machine. I have not worked with other OTP solutions. As far as I understand, if Samba is configured as a domain controller, it expects to be able to handle the authentication itself. OTP is , in my opinion, most valuable when you are exposing resources to the

What are the chances of getting the SecurID patch integrated into OpenSSH? I think I asked before and was told that it could be done with PAM, but I (and others) are not satisfied with the PAM support. This "tight" integration seems to work much better. If not, I'll just sit on my rogue patches :-( -- Theo Schlossnagle 1024D/A8EBCF8F/13BD 8C08 6BE2 629A 527E 2DC2 72C2 AD05 A8EB

http://bugzilla.mindrot.org/show_bug.cgi?id=966 Summary: Will OpenSSH integrates SecurId ? Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hello Theo, > > > Could you let me know where this test patch would be available. > > > > Try: > > http://www.omniti.com/~jesus/SecurID/ > > > > -- Regarding your patch, did you continue the integration (mainly: Handle PIN creation and changing ...)? Do you foreseen to transport it in new release 2.3.0p1? Kind regards, Joel

Hello I am compiled openssh3.6.1p2 with PAM and using RSA Security (ACE) token. the command I used to compile ssh as follow: 1. ./configure --with-pam 2. make 3. make install After starting the sshd daemon, I authenticate using the command "ssh xxx.yyy.nih.gov" On the SecurID server I was watching the log monitor and I saw the following errors : "ACCESS DENIED, syntax

currently we don't support secure id. On Mon, Oct 01, 2001 at 03:13:10PM +0000, Quick, Edward T wrote: > Hi, > > I'm not sure if this is just the ftp site I downloaded from or not, but the SecurID.diff file (that goes under the contrib directory) on the new openssh2.9.9p2 distribution seems to be missing. > > Regards, > > Edward.

Folks, I'm trying to add a network interface card to my SUSE 9.3 box, and I'm not having much luck with a US Robotics version. What manufacturer do any of you use in your machines--either 10/100MB or GigE NIC? Thanks Eric Hines There is no nonsense so errant that it cannot be made the creed of the vast majority by adequate governmental action. --Bertrand Russell

Hello, I have to find a solution logon through OpenSSH to OpenBSD machines from anywhere in the world (unsave computers). So I think I must use a challenge-response system with an hardware token that isn't connected to the computer. I do not want to use a RSA ACE/SERVER, so i can't use SecurID ? I can't use challenge response mode with cryptocard, because I want to protect it against

Hi This is a feature request. 1) Make sshd to ignore garbage that may appear before ssh identification string is received. Such "garbage" may be for example telnet negotiation codes. This should be pretty easy task. 2) Make ssh to work in cleartext mode (and have minimum telnet negotiation handling) before it receives ssh identification string. This requires somewhat

I have a few questions: 1) Is OpenSSH 2.9p2 (or any other version of OpenSSH) vulnerable to the same problem as SSH3.0.0? (described here: http://www.kb.cert.org/vuls/id/737451 ) 2) There is a "SECURID" patch in the contrib section since 2.5.2p2. I am using it, but applying this patch to each new version is growing more difficult as time goes on. Would you consider merging this

Hello all, SecurID authentication for OpenSSH 3.6.1p1 is now available at http://sweb.cz/v_t_m/ Vaclav ______________________________________________________________________ Reklama: P?iprav se na nejp???ern?j?? z??itek v ?ivot? na http://ad2.seznam.cz/redir.cgi?instance=46466%26url=http://www.priserky.cz

Hello All, The attached patch allows openssh to specify which pam service name to authenticate users against by specifying the PAMServiceName attribute in the sshd_config file. Because the parameter can be included in the Match directive sections, it allows different authentication based on the Match directive. In our case, we use it to allow different levels of authentication based on the

On Fri, May 11, 2001 at 04:26:57PM -0400, Ault, James R (CRD) wrote: > I was reading the changelog from version 2.9 that was recently released, and I coudln't help noticing > this item: > > from openssh changelog: > > - markus at cvs.openbsd.org 2001/04/17 12:55:04 > [channels.c ssh.c] > undo socks5 and https support since they are not really used and >