similar to: User-specific sshd_config?

Hey. Perhaps someone can help me with the following (OpenSSH 6.7): I have a host reachable via miscellaneous interfaces (and network addresses) running SSH. Some specific users should be only reachable from the inside, so e.g. though something like this would do the job in sshd_config: #general config #... Match User foo LocalAddress 10.0.0.1,fe80:abba::0 PasswordAuthentication

[Not subscribed to this list, so please respond directly if you need to speak to me] In man5/sshd_config.5, a permissible keyword in a 'Match' block is missing. It currently lists only: AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin,

http://bugzilla.mindrot.org/show_bug.cgi?id=1180 Summary: Add finer-grained controls to sshd Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dtucker at

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of

Hi. Do anyone know of some place to put custom SELinux file context specifications? I would prefer not to append lines to /etc/selinux/targeted/contexts/files/file_contexts but rather put one or more similar files somewhere. A file_contexts.d firectory would be nice, but it isn't available. Just creating your own file_contexts.local file does not work, I already tried. I'm running

Hi. I'm trying to figure out where the SELinux policy modules shipped with the system live, and how they work. The modules listed by 'semodule -l' are the same as those available in /etc/selinux/targeted/modules/active/modules, but those are not part of any package, and are presumably added and removed to this location as they are added and removed to the kernel. I later found

>From either a Linux or Mac domain member, I have tried logging into the Samba4 AD server as a domain user: labmac:~ mark$ ssh mark at mail pwd mark at mail's password: Permission denied, please try again. where 'mail' is the AD/DC. It also fails if I am on the AD/DC an try the same ssh. I've tried setting either the GSSAPIAuthentication or KerberosAuthentication in

https://bugzilla.mindrot.org/show_bug.cgi?id=2618 Bug ID: 2618 Summary: net-misc/openssh-7.2_p2: Terribly slow Interactive Logon Product: Portable OpenSSH Version: 7.2p2 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd

Hi, I am not sure this is a bug in Openssh or not. I am running Openssh 4.1p1. with openssl 0.9.7g Scenario: Due to audit enabled on the system, I will need to set Uselogin to yes so that audit will track system call. But when try to login to system with a LDAP user. I get the following. eg: [n113839 at r3ent15pc ~]$ ssh tfstst1 -l ntesting1 ntesting1 at tfstst1's password: Login incorrect

http://bugzilla.mindrot.org/show_bug.cgi?id=1266 Summary: incompatibility between s/key and keys Autentification Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org

Hi there ! I have an issue with my OpenSSH + PAM configuration on a RedHat Advanced server 2..1 I want to authenticate users connecting to a server using ssh against a radius server. The radius client/server part works ok when I test it with some utilities. I think I have a problem with my ssh which does not pass the username/password to my pam sshd module. I have upgraded to openssh-4.2p1.

http://bugzilla.mindrot.org/show_bug.cgi?id=774 Summary: banner is displaying twice (/etc/issue) Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: Solaris Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

On Sat, Dec 1, 2018 at 4:17 PM Rowland Penny via samba <samba at lists.samba.org> wrote: > > On Sat, 01 Dec 2018 15:23:36 -0500 > Mark Foley <mfoley at ohprs.org> wrote: > > > On Sat, 1 Dec 2018 12:09:18 Rowland Penny wrote: > > > > > > On Sat, 01 Dec 2018 06:26:42 -0500 > > > Mark Foley via samba <samba at lists.samba.org> wrote: >

On 08/03/16 02:12, Darren Tucker wrote: > On Wed, Aug 3, 2016 at 7:42 AM, rl <rainer.laatsch at t-online.de> wrote: > [...] >> /Data/openssh-7.3p1/DESTDIR/usr/local/sbin/sshd -p 222 -f \n >> DESTDIR/usr/local/etc/sshd_config > > It looks like you have an embedded newline in the config file name > you're passing to sshd. If that's the case I'm

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

hi, this is not the same as http://bugs.centos.org/view.php?id=6298 I can login with ssh but not with freenx With 6.3 this worked, I just spinned some new servers and now I can no longer use freenx. in /var/log/messages: pr 3 22:05:11 testthuis nxserver[3435]: (nx) Failed login for user=admin from IP=192.168.0.160 Apr 3 22:06:01 testthuis nxserver[3619]: (nx) Failed login for user=admin

On Sun, 2 Dec 2018 08:52:19 Rowland Penny wrote: > > On Sat, 1 Dec 2018 20:38:58 -0500 > Nico Kadel-Garcia <nkadel at gmail.com> wrote: > > > On Sat, Dec 1, 2018 at 4:17 PM Rowland Penny via samba > > <samba at lists.samba.org> wrote: > > > > > > On Sat, 01 Dec 2018 15:23:36 -0500 > > > Mark Foley <mfoley at ohprs.org> wrote:

Maybe I am not testing the signin correctly. Here is what I am doing. I sign into the client/workstation (hereafter referred to as C/W) via ssh as the local "admin" from another C/W so I can open many terminals to tail log files. Then "sudo -i" into "root". All testing is run as "root". When I sign into "root", I see this: > admin at lws4:~$

Hello all, I have made SecurID authentication for OpenSSH 3.6.1p2. This patch was totaly rewritten, so please test it before use. Kbd-int authentication is now integrated into challenge response auth. Privsep is now fully suported. PS: What do you think of selective access to the individual authentications, similar to AllowGroups/DenyGroups or maybe AllowUsers/DenyUsers ? Vaclav Tomec

Uhum, i tested with ssh:  ssh XXX at FILESERVER  journalctl -f Jan 16 18:28:42 HOSTNAME  sshd[2250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP-SOURCE  user=XXXXX Jan 16 18:28:43 HOSTNAME  sshd[2250]: Failed password for XXXX from IP-SOURCE  port 39896 ssh2 Regards; On 16-01-2018 18:25, Rowland Penny via samba wrote: > On Tue, 16 Jan