Displaying 20 results from an estimated 4000 matches similar to: "Keyboard-interactive authentication from a PAM module"
2013 Nov 20
2
r Y MATLAB
No puedo adjuntarlo a la lista. Os lo pongo esta tarde en DropBox y os envío
el enlace...
Un saludo.
Isidro Hidalgo Arellano
Observatorio Regional de Empleo
Consejería de Empleo y Economía
ihidalgo en jccm.es
http://www.jccm.es
> -----Mensaje original-----
> De: r-help-es-bounces en r-project.org [mailto:r-help-es-bounces en r-
> project.org] En nombre de Rubén Gómez Antolí
>
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
Hi All.
This patch calls pam_chauthtok() to change an expired password via PAM
during keyboard-interactive authentication (SSHv2 only). It is tested on
Redhat 8 and Solaris 8.
In theory, it should have simply been a matter of calling pam_chauthtok
with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is
if it's expired, right? From the Solaris pam_chauthtok man page:
2003 Feb 11
1
Option to limiting sshd "banner" to interactive/password-auth/tty (or something along those lines) sessions
Hi.
It would be of utmost utility if there were a way to cause the sshd
"banner" configuration setting to only print the banner in certain
circumstances.
What I'm actually after is avoiding printing out the banner for
non-interactive sessions, so that if I run "ssh somehost ls" I don't get
the login banner, but if I just type "ssh somehost" I do (at
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2002 Mar 26
2
SSH / PAM / Kerberos / password aging
Ok, so, things are complicated.
The PAM standard insists on password aging being done after account
authorization, which comes after user authentication. Kerberos can't
authenticate users whose passwords are expired.
So PAM_KRB5 implementations tend to return PAM_SUCCESS from
pam_krb5:pam_sm_authenticate() and arrange for pam_krb5:pam_sm_acct_mgmt()
to return PAM_NEW_AUTHTOK_REQD, as
2008 Jan 09
2
[Bug 1428] New: Banner output can be a nuisance with non-interactive use
https://bugzilla.mindrot.org/show_bug.cgi?id=1428
Summary: Banner output can be a nuisance with non-interactive use
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.3p2
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo:
2005 Sep 21
23
[Bug 1087] SSH fails to show PAM password expiry message from LDAP on login
http://bugzilla.mindrot.org/show_bug.cgi?id=1087
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Group|Portable OpenSSH |
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2011 Jun 04
2
Completely disable local keyboard input in Syslinux / Extlinux?
Hello list,
I'm trying to reuse a fairly old PC based embedded system. It has no
video output at all, no VGA, nothing older, and no keyboard / mouse
connectors. The console is on a standard RS232 interface, including BIOS
output and the minimal BIOS loader. The BIOS emulates / redirects text
output to and keyboard input from the console RS232 interface, but
unfortunately, this emulation
2002 Dec 16
1
how to write pam modules for keyboard interactive method
Hi,
I want to write pam module for challenge response based authentication
with keyboard interactive authentication method on both sshd (server) and
ssh (client) side. How should I write the pam modules. What is the general
protocol between pam functions and the calling functions. What information
does the sshd gives to the pam module how can the pam module send the
information back to
2003 Oct 02
1
Permission denied (publickey,password,keyboard-interactive)
Hello,
I have recently downloaded and compiled openssh-3.7.1p2 on both HP-UX
10.20 and HP-UX 11.00. The compile went fine. Logging in on the system
used for the build works fine. However, logging in on a different
system (where the newly compiled openssh is installed) results in the
following error:
Permission denied (publickey,password,keyboard-interactive).
I have tried several things I
2000 Jul 07
1
keyboard-interactive authentication mehtod?
Hi all,
I noticed that support for the keyboard-interactive user authentication method
is mentioned on the "todo" list in the README.openssh2 file. Is anybody
actively working on this?
Thanks,
Mike
--
Michael Kiernan mkiernan at avantgo.com +1-650-638-7581
2003 Mar 27
0
[Bug 524] Keyboard-interactive PAM back end hides information
http://bugzilla.mindrot.org/show_bug.cgi?id=524
Summary: Keyboard-interactive PAM back end hides information
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2003 May 12
0
slightly OT: support for keyboard-interactive in other implementations
I'd like to know if anyone knows of any SSH clients with significant
user bases (winscp2, putty, mindterm etc.) which lack support for
keyboard-interactive authentication.
DES
--
Dag-Erling Smorgrav - des at ofug.org
2003 May 14
0
[Bug 524] Keyboard-interactive PAM back end hides information
http://bugzilla.mindrot.org/show_bug.cgi?id=524
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From djm at mindrot.org 2003-05-14 12:13
2003 Dec 18
1
PAM, chauthtok and keyboard-interactive
Hi All.
Today a patch was commited to OpenSSH that performs PAM password
changes via SSH2 keyboard-interactive authentication. I should work
fine with privsep, which some of the other solutions have problems with.
While the patch itself is relatively small, it's bigger than it should
have been due to differences in PAM implementations.
I encourage anyone with a interest in this to try
2004 Mar 06
0
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
bugzilla-daemon at mindrot.org wrote:
>Summary: segfault if not using pam/keyboard-interactive mech and
> password's expired
I'm sorry to report that there is a bug in the PAM code in OpenSSH
3.8p1, and sorrier to say that I put it there. This is a NULL pointer
dereference and is *not* considered to be a security vulnerability.
When sshd is configured --with-pam, run with
2007 Feb 27
1
What would cause keyboard-interactive packet connection close
Hi,
I've got a remote system that was down and came back up. I'm
trying to get into the system, but when I do I get timed out. I
forced it to a keyboard interactive to speed things up:
ssh -o PreferredAuthentications=keyboard-interactive -vvv tuc at 10.2.0.2
but I get :
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done:
2004 Apr 14
2
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
http://bugzilla.mindrot.org/show_bug.cgi?id=808
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |821
nThis| |
------- Additional Comments From dtucker at zip.com.au 2004-04-13 19:07 -------
2016 Mar 07
2
[Bug 2549] New: [PATCH] Allow PAM conversation for pam_setcred for keyboard-interactive authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2549
Bug ID: 2549
Summary: [PATCH] Allow PAM conversation for pam_setcred for
keyboard-interactive authentication
Product: Portable OpenSSH
Version: 7.1p2
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: enhancement
Priority: P5
2015 Jul 22
2
Keyboard Interactive Attack?
You need to disable ?ChallengeResponse? (aka keyboard-interactive) authentication, not password authentication, to protect against this attack.
On Jul 22, 2015, at 1:56 PM, Bostjan Skufca <bostjan at a2o.si> wrote:
>
> And to answer your question about what to do, you have three options:
> - disable access to ssh with a firewall
> - disable password authentication
> -