similar to: Ignorant question on pam_shield

Yesterday I installed pam_shield and followed the testing suggested and thought all was well. today I find that I cannot get to my email account, I can login via ssh okay (uses keys) but su and sudo give segmentation faults. I am guessing due to the pam module causing a problem. As I cannot do remote login as root and sudo and su use pam I appear to have locked myself out. Any words of wisdom

Jochen Bern <Jochen.Bern at binect.de> writes: > (And since you mention "port knocking", I'd like to repeat how fond I > am of upgrading that original concept to a single-packet > crypto-armored implementation like fwknop.) I am reluctantly considering to use some kind of port knocking mechanism on some machines, however I really don't want to carry around shared

It seems there was some kind of attack against dovecot on my server (CentOS-5.5) with a hundred or so logwatch entries like: ========================================= **Unmatched Entries** dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user admin dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user webmaster

On 10.06.23 11:19, Carsten Andrich wrote: > For the time being, I've deployed a quasi-knocking KISS solution that > sends an unencrypted secret via a single UDP packet. Server side is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > realized entirely with nftables ... frankly, for that reason, I like fwknop (in my case, straight from OS repos) better ... I'd still have to see fwknopd exit

For what it's worth to those who want to play with SPA, here is a demo i whipped up. It is very easy to set up, and i almost guarantee anyone can get this running. What we will demonstrate: Bascially: An SPA demo. Requirements: Very little - a minimal setup of centos. This setup will demonstrate a client who initially cannot connect to a an ssh port on the server (the server is DROPing

My LAN is behind a Netgear router, which does NAT. On the CentOS server I have fail2ban running. This morning my router reported 3 different IPs attempting to send UDP packets to port 38950, Since each address is only seen 4-5 times, I presume that fail2ban took over after that. GRC reports that ports are stealthed (port 143 was open, but is now closed), but then: Unsolicited Packets:

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

https://bugzilla.mindrot.org/show_bug.cgi?id=3539 Bug ID: 3539 Summary: sshbuf memory leak in recv_rexec_state() Product: Portable OpenSSH Version: 9.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=505 ------- Additional Comments From mbr@cipherdyne.org 2007-03-24 06:01 MET ------- I've tested the proposed patch against the iptables-1.3.7 source, and find that it works in the reported broken case: # iptables -A INPUT -m string --algo kmp --string 111\"222 -j LOG # ./iptables-save > ipt.out # ./iptables-restore

https://bugzilla.mindrot.org/show_bug.cgi?id=3540 Bug ID: 3540 Summary: fix minor memory leak for kex_names_cat() returned string Product: Portable OpenSSH Version: 9.1p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh

On 04.07.24 01:41, Manon Goo wrote: > - some users private keys are lost Then you go and remove the corresponding pubkeys from wherever they're configured. Seriously, even if you do not scan which pubkey is configured where *now* (as is part of our usual monitoring), it'll be your "number <3" task *then* to go hunt it down. > And you want to lock down the sshd

Just installed psad and am testing it. This morning I awoke to an email saying: [-] You may just need to add a default logging rule to the /sbin/ip6tables ''filter'' ''INPUT'' chain on hydra. For more information, see the file "FW_HELP" in the psad sources directory or visit: http://www.cipherdyne.org/psad/docs/fwconfig.html Well I have

I'm almost completely ignorant about samba on Windows machines, In particular I know nothing about Windows permissions, if that is relevant here. I am running BackupPC on a CentOS-5.3 machine. It works perfectly for backing up Linux folders, but I have great difficulty extending it to Windows clients. To be precise, I have a share called "EA Games D" on a machine running Windows XP

Hello, I'm currently running winbind (from Samba 2.2.3a) so that our Windows users can ssh into our Linux box. I've set up Samba, PAM and winbind, and it's working well. Users can see their files, and they can log in using their windows usernames. No problem. When users access their Samba share, they don't need to reauthenticate, because they've already done so with the

And if you're really security conscious consider using port knocking (knock server - amazingly easy to set up. Or use fwknop, a little more difficult to set up but not much. Finally, for the hard core who really like pain - write the iptables rules yourself). ----- Original Message ----- From: "Pete Biggs" <pete at biggs.org.uk> To: "centos" <centos at

There are a couple of jerks that are tying to dictionary attack my email server, and one of the vectors is pop3/imap logins. Something I would like to do in dovecot, but can't seem to find, is the ability to disconnect after a certain number of errors. The vast majority of my users (i.e. me) don't hand-type POP3 or IMAP transactions, but when we do, we know how to spell things

as subject

Simon Josefsson wrote in <87jzi1fg24.fsf at kaka.sjd.se>: |Jochen Bern <Jochen.Bern at binect.de> writes: |> (And since you mention "port knocking", I'd like to repeat how fond I |> am of upgrading that original concept to a single-packet |> crypto-armored implementation like fwknop.) | |I am reluctantly considering to use some kind of port knocking

I haven't been keeping up with the internals, I'm afraid. Does OpenSSH have support for Port Knocking? I might be interested in looking into that, as a way of reacquainting myself with the current code base. --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

Dear Christian, >How is this different to configuring /etc/securetty and tunnelling >Telnet over SSH Port Forwarding which I don't recommend BTW? In case your SSH is remotely attackable for instance - because your LDAP is configured wrongly, - your run into some problem like CVE-2008-0166 - some users private keys are lost And you want to lock down the sshd and investigate and