similar to: Need Help Using NIS netgroup - Does It Still Work?

Hello; Sorry for the crosspost/repost, but I am getting desparate here. I am having difficulties setting up ssh (ossh4.3p2 - NIS -Solaris8/Sparc) to authenticate and allow ossh access based on NIS netgroup. So, users and/or host should be from a valid netgroup triple, contained within the ossh servers .rhosts, .shosts, hosts.equiv and/or shosts.equiv. I am having alot of trouble getting NIS

Hello, I have attached a small patch that enables OpenSSH 4.7p1 to use netgroups for users and hosts entries in the AllowUsers and DenyUsers configuration options in sshd_config. This has the following advantages: * hostnames or ip addresses don't have to be maintained in sshd_config, but you can use meaningful names for groups of users and groups of hosts. * large scale installations can

I am using CentOS 5.7. I have an /etc/security/access.conf file which has the following: + : root : LOCAL + : @mynetgroup : ALL - : ALL : ALL I thought this is supposed to restrict access to the system to only root and the accounts in the mynetgroup netgroup; however, anyone NIS account is still able to login. It appears that the access.conf is being ignored completely, so I'm thinking

hello, i use Sun Solaris 2.7 and Samba 2.04b. Iwant to use netgroups for host and user to restict access . I user in me samba.conf file host allow = @servergroup the host server has no access. but when i use the hstname of server host allow = server1 it works. I compile the sources of samba be using the autoconfig script. It is a bug or must i use a speziel Compiler Define ? thanks

Dear all, We're using LDAP for user, group and netgroup information. Obviously, samba does not care about /etc/nsswitch.conf when it comes to netgroups and heads for NIS directly, which is what the manpage of smb.conf correctly states. Is there a way to make samba retrieve the netgroup information from LDAP instead of NIS? In case that way is to implement it, may I post this as a feature

We have a problem using hostbased authentication in combination with the root account. We use hostbased authentication to hop from a 'management server' where we use strong authentication to several systems in a cluster. The management server is defined in shosts.equiv and the public key of this server is defined in ssh_known_hosts. This setup works for all users except for the root user

OpenSSH 8.3 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

Hi, We want to use Hostbased Authentication in OpenSSH 3.4p1 completely based on rhosts or shosts. Don't want to have any keys exchange between server and client. Created /etc/ssh/sshd_config on OpenSSH server with: RhostsAuthentication yes IgnoreRhosts no HostbasedAuthentication yes Created /etc/ssh/ssh_config on client with: Host * HostbasedAuthentication yes Created /etc/rhosts.equiv,

This is about 90% of the core work. I omited a few files from the patch set since they are basicly small blocks of #ifndef HAVE_NEXT/#endif to get it to compile. Daimen, feel free to let me know what you applied and what your rejecting and why.. so I can work on cleaning things up. Andre, Only thing of note you may want to look into is NeXT does not use "ut_user" in it's lastlog.

Hi, could anybody with check in privileges apply the following patch to the contrib cygwin directory? It only updates ssh-host-config to create the *_config files matching the latest versions in the top level dir and it updates a version number in README. Thanks in advance, Corinna Index: contrib/cygwin/README =================================================================== RCS file:

Hello all! I'm looking for a solution to the following problem - I need to be able to use OpenSSH from root on one system to perform work on several dozen other systems using some automation. The restrictions that have to be met to keep the business happy are that no cleartext passwords or unencrypted private keys can be stored on disk. Since this is within an automated environment, there

Remote vulnerability in SSH daemon crc32 compensation attack detector ----------------------------------------------------------------------- Issue date: 8 February 2001 Author: Michal Zalewski <lcamtuf at razor.bindview.com> Contact: Scott Blake <blake at razor.bindview.com> CVE: CAN-2001-0144 Topic: Remotely exploitable vulnerability condition exists in most ssh daemon

Hi, the following patch to contrib/cygwin/ssh-host-config creates /etc/ssh_config and /etc/sshd_config according to the current default config files. Could somebody please check it in? Corinna Index: contrib/cygwin/ssh-host-config =================================================================== RCS file: /cvs/openssh_cvs/contrib/cygwin/ssh-host-config,v retrieving revision 1.3 diff -u -p

Finally all the pieces are in place to allow strong user and host authentication with SSH2 and the latest OpenSSH code (plus my partial auth patch). Herein I describe one problem case, and a possible solution thereof. Target: Allow user logins from host charles to host steve using passwords Previously, you would have had to trust the IP headers to authenticate charles. If charles had a

Hello, I've troubles getting the hostbased method to work. I've given up on system-to-system for now (different versions), and I'm just trying to debug localhost. As far as I can see, the key is accepted, but then a sudden "Failed hostbased" is returned: [...] debug3: mm_answer_keyallowed: key 0x8099bc0 is disallowed debug3: mm_append_debug: Appending debug messages for

All, We have recently updated our password aging to include setting inactivity days. We are running ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. Accounts that have been inactive still prompt to change passwords - if you telnet the same servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive accounts are

> jeff at ntcor.com [SMTP:jeff at ntcor.com] wrote: > > I have a ssh enabled server and client machine (we'll call them "server" > and "client" respectively...) OK :-) > They both have proper RSA and DSA keys,using protocol version 2 works > fine between them. (so ssh itself and the network is working fine) OK. > However, I want to get something that

Hello *, sorry if i missed an article which already solves my problem. I need a working configuration of OpenSSH for Solaris 7 (SunOS 5.7) with AFS support. PAM support to use the AFS PAm module `pam_afs.so' and TCP-Wrapper support would be nice. It would be nice to have similar configurations for Solaris 6 (SunOS 5.6), Solaris 8 (SunOS 5.8) and Solaris 2.5.1. I have tested a few

https://bugzilla.mindrot.org/show_bug.cgi?id=2391 Bug ID: 2391 Summary: Enhance AllowGroups documentation in man page Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee:

Hi, the attached patch file contains two patches in one: - contrib/cygwin/ssh-host-config: Create sshd_config according to latest changes. - openbsd-compat/bsd-cygwin_util.c: Rewrite a bit to allow easier retrieval of Cygwin capabilities from version number (uname). For Cygwin versions beginning with API minor version 56 assume ntsec being on by default. Thanks in advance for applying