Displaying 9 results from an estimated 9 matches similar to: "GSSAPI monitor hardening"
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2006 Feb 12
1
sshd double-logging
Hi all.
As Corinna pointed out, there are some cases where sshd will log some
authentications twice when privsep=yes.
This can happen on any platform although it seems most obvious on the
ones that don't do post-auth privsep. It also occurs when sshd logs
to stderr (eg running under daemontools) or when you have a /dev/log in
the privsep chroot.
The patch below attempts to solve this for
2006 Jan 08
3
Allow --without-privsep build.
I've been trying to cut down the size of openssh so I can run it on my
Nokia 770. One thing which helps a fair amount (and will help even more
when I get '-ffunction-sections -fdata-sections --gc-sections' working)
is to have the option of compiling out privilege separation...
Is it worth me tidying this up and trying to make it apply properly to
the OpenBSD version? Does the openbsd
2002 Jul 02
3
New PAM kbd-int diff
Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes
PAM kbd-int work with privilege separation.
Contrary to what I have previously stated - it *does* handle multiple
prompts. What it does not handle is multiple passes through the PAM
conversation function, which would be required for expired password
changing.
I would really appreciate some additional eyes over the
2002 Jun 25
4
PAM kbd-int with privsep
The following is a patch (based on FreeBSD code) which gets kbd-int
working with privsep. It moves the kbd-int PAM conversation to a child
process and communicates with it over a socket.
The patch has a limitation: it does not handle multiple prompts - I have
no idea how common these are in real-life. Furthermore it is not well
tested at all (despite my many requests on openssh-unix-dev@).
-d
2002 Jun 28
0
Newer OSF patch.
It still is not right, but thanks to Steve we have gotten this far..
The issue seems to be here:
debug3: entering: type 26
debug3: entering
debug1: session_new: init
debug1: session_new: session 0
debug3: entering: type 26
: sendmsg(12): Invalid argument
debug1: Calling cleanup 0x1200365c0(0x14000d9d8)
debug1: session_pty_cleanup: session 0 release /dev/ttyp4
debug1: Calling cleanup
2006 Sep 12
1
openssh (OpenBSD) , bsdauth and tis authsrv
nuqneH,
I've tried using TIS authsrv authentication via bsd auth and found
it quite limited. The most important restriction it does not log
ip and fqdn of the remote peer, nor the application name, to
the authentication server. It does not matter much for TIS authsrv,
but since other applications do provide such information, our
authsrv version uses it for extra authentication restrictions.
2008 Jun 11
1
Some kind of weird setup ...
Hello,
I've some questions for you and hope you can help me with some issues. I'll
start with the (hopefully) easier one. I'm working with Samba 3.0.28a an Ubuntu
8.04.
1. There's a share on an ext3 fs with user quota set. If I mount that share to
another Ubuntu, how am I able to see the "free space" I have on that device? df
only reports the free space of the