similar to: OpenSSH with PermitPAMUserChange feature?

Hello, I am developing a PAM module that is called from OpenSSH server when a ssh-client wants to login in the machine. I want my module PAM to send a message to the ssh-client as soon as the PAM module is called by using the pam_info function, but I have checked that the message is not instantly shown in the client unless I send a prompt. I would like to find a way to send the message instantly

Hello. I've tried to install openssh to my Linux Slackware boxes, but it works only for connecting to other hosts. The bug is in the auth-passwd.c of pppd. Slackware has it's own (or just an another) version of shadow package (if I've understood the problem correctly) with it's own password encryption manner. I do not use stuff like Kerberos, PAM etc. As a result, the line

http://bugzilla.mindrot.org/show_bug.cgi?id=1215 Jesse Zbikowski <embeddedlinuxguy at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |embeddedlinuxguy at gmail.com --- Comment #7 from Jesse Zbikowski <embeddedlinuxguy at

Hello, when configuring the OpenSSH to authenticate through pam_radius, I encountered the following problem: The radius server is configured to accept username and generic password, it then generates some textual string as a challenge-request and waits again for username and this time for challenge-response. Pam_radius use pam->conv function, retrieved with pam_get_item(PAM_COM), with

On 07/03/23, Darren Tucker (dtucker at dtucker.net) wrote: > On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: > [...] > > ssh_config contains a Match ... exec [command to refresh the certificate]. > > This sort of works, except that it runs the command far too frequently. > > For example, ssh -O exit [name] refreshes the certificate, and it

On Tue, Mar 7, 2023, at 3:25 AM, Rory Campbell-Lange wrote: > On 07/03/23, Darren Tucker (dtucker at dtucker.net) wrote: >> On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: >> [...] >> > ssh_config contains a Match ... exec [command to refresh the certificate]. >> > This sort of works, except that it runs the command far too

http://bugzilla.mindrot.org/show_bug.cgi?id=1215 ------- Comment #3 from vadud3 at gmail.com 2006-10-02 04:00 ------- (In reply to comment #2) > Created an attachment (id=1171) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1171&action=view) [edit] > make sshd handle when getpwnam doesn't know about the user but PAM does > > Updated patch (against 4.3p2). Leaks

http://bugzilla.mindrot.org/show_bug.cgi?id=1215 Summary: sshd requires entry from getpwnam for PAM accounts Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1215 --- Comment #12 from Aaron Smith <soccergeek76 at gmail.com> 2008-10-15 16:19:59 --- Created an attachment (id=1574) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1574) Debug output of accounting failure I am trying to use patches 1171, 1298, and 1300 in conjunction with the pam_radius library. Authentication works fine, but

> Interesting quote: > > "Due to complexity, inconsistencies in the specification and differences > between vendors' PAM implementations we recommend that PAM be left disabled > in sshd_config unless there is a need for its use. Sites only using public > key or simple password authentication usually have little need to enable PAM > support." > > Slander?

http://bugzilla.mindrot.org/show_bug.cgi?id=117 Summary: OpenSSH second-guesses PAM Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: abartlet at

I have seen in the archives that several people have tried to use this module with OpenSSH. Now that the LTSP project has moved to LDM with SSH tunnels in Edubuntu I wondered if the issue with ssh requiring a local account to already exist could be revisited? Even though I know that the opinion has been that the module is 'broken' because some people believe that PAM should be used purely

ok, here the log +root at alex ~/ssh+ ls -al total 1604 drwxr-xr-x 2 root wheel 512 Oct 4 17:03 . drwxr-xr-x 16 root wheel 1024 Oct 4 17:02 .. -rw------- 1 root wheel 791161 Sep 22 15:06 openssh-3.7.1p1.tar.gz -rw------- 1 root wheel 792280 Sep 25 15:00 openssh-3.7.1p2.tar.gz +root at alex ~/ssh+ tar xzf openssh-3.7.1p2.tar.gz +root at alex ~/ssh+ cd openssh-3.7.1p2 +root at

Hi. Has anyone been able to get Openssh-2.9p2 or p1 or Openssh-2.5.2p2 to work with the Kerberos 5 PAM on Solaris 8 ? More specifically, I am trying to get the system to work with Kerberos 5 only (no pam_unix). My attempts to get things running result in the following messages from ssh (client side): > user at ssh-gateway's password: > client: Requesting pty. > client: Requesting

Hello, I'm currently running OpenSSH 3.6.1p2 successfully on older Slackware Linux. Glibc in use is 2.2.2 and Linux-PAM 0.77. I have been compiling OpenSSH for couple years until now with options --sysconfdir=/etc/ssh --with-ipv4-default --with-pam \ --without-shadow --disable-suid-ssh Unfortunately, upgrading to =>3.7p1 makes PAM-authentication fail. Authentication simply

while trying to sort out the PAM incompatabilities between openssh 3.0.2p1 and solaris 8 and sun's pam_krb5 i got some things to work. i'm really not sure where the appropriate place to submit patches is so for now i'm sending them here. this patch will allow PAM interoperability when using sun's pam_krb5 without using the system login routine (this way X forwarding will

Hi, I would like to report a bug in OpenSSH-1.2.2 (release) under Linux. Under certain conditions the sshd client process segfaults while doing the password authentification. I have observed the behaviour with glibc 2.0.7 (non-PAM), glibc 2.1.1 (PAM) and glibc 2.1.2 (PAM), when 'RhostsRSAAuthentication yes' is chosen in sshd_config. It appears to happen regardless whether PAM is used or

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 openssh-1.2.1pre21 has just been uploaded. This incorporates yet more fixes from Andre Lucas and Ben Taylor, Solaris and HPUX should be working properly now. This version also fixes up the PAM support a little more, though there is still a spurious authentication failure message at each log-in. Read the UPGRADING file for the gory details. The PAM

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 openssh-1.2.1pre21 has just been uploaded. This incorporates yet more fixes from Andre Lucas and Ben Taylor, Solaris and HPUX should be working properly now. This version also fixes up the PAM support a little more, though there is still a spurious authentication failure message at each log-in. Read the UPGRADING file for the gory details. The PAM

Hi folks, I meant to send this in to the devel list a while ago (1 Jul, actually) but school has until recently had a strangehold on me. The issue is this: the sshd.pam.generic in the openssh-2.1.1p4/contrib directory can be modified to suit standard SuSE 6.4 configurations as thus: {crimsun@[dhcp1520]:~} diff -c /etc/pam.d/sshd openssh-2.1.1p4/contrib/sshd.pam.generic *** /etc/pam.d/sshd