similar to: OpenPAM/SSHD privacy hole (FreeBSD 9.2+ affected)

Okay, I guess I?ll be the first to take Colin Percival up in that the following statement applies to me: ?If you find a security problem -- or even if you find something which might possibly be a security problem but you're not certain if it is or not -- then please let us know.? I recently installed pam_radius according to the instructions located at the following address:

Hi, I want to integrate openpam with openssh in our server (which uses QNX632 operating system). I am facing some problems in the "make install" part of openssh. Following are the steps I followed to build zlib, openssl, openpam and openssh. *NOTE*: Since I want the sshd and ssh binaries in my server(using QNX), I had to cross compile the packages for QNX (environment was set to x86)

I'm running samba 2.5 on a FreeBSD box using winbind to do authentication with my PDC/BDC. I'm able to configure shares that everyone on the NT network can access but when I configure private shares (only 1 or 2 users have access to) the users get prompted for a username and password and are not allowed access. What am I doing wrong? Below I have included a copy of my smb.conf and pam.conf

I'm setting up a freebsd server which will authenticate against an Active Directory I mean: the server will NOT have any local users (except mandatory and minimum required for management and configuration) and will authenticate requests for login and access FOR EVERY SERVICE against an Active Directory Server I have configured the samba service and currently I can login to local terminal,

I've built a domain member. It works pretty good with the exception that I want on-the-fly home directories being built. I'm not sure this is doable with a domain member as everything I've tried isn't even called - as far as I can tell. Using log level 3. If anyone can shed light on how to dynamically create home directories, that'd be great. anyway, here's my

> What is in the pam.d/dovecot file? (Remember to strip passwords if > included) # cat /etc/pam.d/dovecot passdb { driver = pam # args = failure_show_msg=yes # args = max_requests=12 args = %s } and /etc/pam.d/{imap,pop3} were untouched; both as follows # # $FreeBSD: releng/10.3/etc/pam.d/pop3 170771 2007-06-15 11:33:13Z yar $ # # PAM configuration for the "pop3" service

>> auth: in openpam_parse_chain(): /etc/pam.d/dovecot(1): missing or invalid facility > > I do not think that it has something to do with the dovecot settings > itself but perhaps with the pam facility settings instead? i can believe that. any clues to debug? randy

Hi, I'm trying to setup Dovecot with MS AD and am using this as my guide: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm I can definitely access information on the AD server using wbinfo -g and wbinfo -u..... Currently my dovecot.conf file looks like this: # v1.1: #auth_ntlm_use_winbind = yes # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth

Hi, I'm trying to setup one-time passwords on freebsd5.2.1 >From what I've read so far, if the user is present in opiekeys, the opieaccess file determines if the user (coming from a specific host or network) is allowed to use his unix password from this specific network. As my opieaccess file is empty and the default rule (as mentionned in the man file) is deny, I should not be

My company, which is a mac-heavy shop in the printing industry, needed to migrate to a faster file server. As our directory trees are very large, both Samba, and Netatalk were bogging down badly on our Linux server (Samba, due to heavy CPU usage during directory listings - the case-sensitive file system issue, and netatalk because the cnid db was getting too big). Our solution was to switch to a

https://bugzilla.samba.org/show_bug.cgi?id=11561 Bug ID: 11561 Summary: [PATCH] Show progress information when SIGINFO is caught on platforms that have it Product: rsync Version: 3.1.2 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core

Hi everyone, I have a repeatable core dump when running dovecot on FreeBSD in the specific scenario described below. Dovecot is linked against MIT kerberos in /usr/local/lib/, whilst PAM is linked against Heimdal in /usr/lib/. My expectation was that dovecot authentication using GSSAPI would use MIT kerberos in /usr/local/lib, whereas PAM authentication is independent from dovecot and would

Hello there. The FreeBSD-SA-04:05.openssl Security Advisory announced a "null-pointer assignment during SSL handshake" DoS vulnerability. However, the OpenSSH Security Advisory of 17 March 2004 announced the same vulnerability with one more vulnerability. Look at http://www.openssl.org/news/secadv_20040317.txt Isn't FreeBSD vulnerable to the second "Out-of-bounds read affects

I've been trying to sync two directories under interix between two machines on the local network and I keep getting the flowing errors:- The first error is "failed: Bad address (14)" which always occurs rsync: readlink "/dev/fs/D/Media/Audio/The Hoosiers/desktop.ini" failed: Bad address (14) The second is randomly occuring, restarting will make it continue for a bit then

hi I have the script http://pastebin.com/d4b062d28 and the roots cron entry are as below 30 2 * * * su sms /usr/local/bin/testrsync_mysql.sh I am getting the below error building file list ... rsync: opendir "/var/lib/mysql/wordpress" failed: Permission denied (13) done mysql/ib_logfile0 mysql/ib_logfile1 Killed by signal 2. rsync error: unexplained error (code 255) at rsync.c(276)

after rebooting I get very often: ... mfi0: COMMAND 0xffffff800132d990 TIMEOUT AFTER 659 SECONDS mfi0: COMMAND 0xffffff800132d990 TIMEOUT AFTER 689 SECONDS mfi0: COMMAND 0xffffff800132d990 TIMEOUT AFTER 719 SECONDS ... another reboot usualy fixes this. danny

I got a Dell T110-II server on 2013-July-19. It has two 1Tbyte drives that the PERC H200 controls, RAID 1. I tried to install FreeBSD-9.1-RELEASE from a DVD from FreebsdMall. The autopart segfaulted, evidently because it could not find any disks. I think there is a PR about the segfaulting (bad bug, no messages). I worked around the problem by going to the loader prompt when the initial

9.2 PRERELEASE (today) / amd64 Hello, I'm seeing a panic while trying to build a poudriere repository. As far I can see it always happens when gam_server is started (ie xfce is running) and under disk load (poudriere bulk build) : (That is something new, the box was pretty stable) the complete crash dump (core.0.txt) is here: http://user.lamaiziere.net/patrick/panic_gam_server.txt Fatal

Same as its brothers/sisters, it's optimized for 4 KB blocks. /* * OCZ Vertex 4 SSDs * 4k optimized */ { T_DIRECT, SIP_MEDIA_FIXED, "ATA", "OCZ_VERTEX4*", "*"}, /*quirks/DA_Q_4K Borja.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Can anyone reproduce this on a Solaris 8 system with 4.2p1: openssh is configured to use PAM and sshd_config has "UsePam" set to "yes" pam.conf has something like this: other auth required pam_get_authtok other auth sufficient pam_krb5.so.1 use_first_pass other auth required pam_unix.so.1 use_first_pass Now, If I log in via