Displaying 20 results from an estimated 500 matches similar to: "Working with PAM stages"
2014 Feb 05
1
Make SSH_ORIGINAL_COMMAND available in AuthorizedKeysCommand context
Hi
Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to
know if it might be possible to access it in the AuthorizedKeysCommand
context (via env ?). Is this possible ? can anybody give me advice on
going into this ?
If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics
information to the AuthorizedKeysCommand script. Currently, the only
alternative
2010 Apr 09
4
OpenSSH 5.5p1 about to be released
Hi,
I'm likely going to release 5.5p1 in the next couple of days, mainly for
the AuthorizedKeys bug. If you would like to test on your platform or
submit any patches (portability only) then this is your last chance :)
-d
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2681
Bug ID: 2681
Summary: postauth processes to log via monitor
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2014 Aug 22
7
[Bug 2263] New: sshd privsep monitor process doesn't handle SIGXFSZ signal
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
Bug ID: 2263
Summary: sshd privsep monitor process doesn't handle SIGXFSZ
signal
Product: Portable OpenSSH
Version: 6.6p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2015 Nov 17
2
Add host
Hi,
I have two host machines both installed with libvirt and virt-manager,
which provides me with GUI. I have virtual machines running in one of the
host.
Now I want to migrate some of the virtual machines to the other machines. I
am trying to migrate using the Virtual Machine Manager. When I select
migrate, it pops up a window to choose the new host. The dropdown menu to
choose the new host for
2024 Jul 14
1
Splitting of sshd binaries in 9.8?
I realize that the splitting of the sshd binaries is a work in progress.
Nonetheless I am trying to make a diagram of the situation as of 9.8.
How close have I gotten?
Is it correct that currently for a basic session, binaries are run four
ways?
1. A privileged binary to listen for incoming connections (66717 below)
2. A privileged session monitor to track the session, for the duration
of the
2020 Jun 03
7
Auth via Multiple Publickeys, Using Multiple Sources, One Key per Source
I don't see a way to do this currently (unless I am missing something)
but I would like to be able to specify, that in order for a user to
login, they need to use at least 1 public key from 2 separate key
sources.? Specifically this would be when using "AuthenticationMethods
publickey,publickey".? Right now requiring 2 public keys for
authentication will allow 2 public keys from
2023 Jun 09
1
Question About Dynamic Remote Forwarding
Hi all,
When a client requests dynamic remote forwarding with -R it delays
forking into the background. In ssh.c we see
if (options.fork_after_authentication) {
if (options.exit_on_forward_failure &&
options.num_remote_forwards > 0) {
debug("deferring postauth fork until remote forward "
"confirmation received");
2016 Nov 16
2
problem connecting to shares from Win7 clients - invalid NTLMSSP_MIC
Domain users using Windows 7 systems lose the ability to connect to
Samba shares. Some users can connect one day but then lose the ability
the next.
When the problem starts to occur the log.smbd displays:
===============================================
check_ntlm_password: authentication for user [user1] -> [user1] ->
[MYDOMAIN\user1] succeeded
ntlmssp_server_postauth: invalid
2023 Jun 10
1
Question About Dynamic Remote Forwarding
On Fri, 9 Jun 2023, Chris Rapier wrote:
> Hi all,
>
> When a client requests dynamic remote forwarding with -R it delays forking
> into the background. In ssh.c we see
>
> if (options.fork_after_authentication) {
> if (options.exit_on_forward_failure &&
> options.num_remote_forwards > 0) {
> debug("deferring postauth fork until
2010 Jun 15
3
[Bug 1782] New: Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782
Summary: Match support for HostbasedUsesNameFromPacketOnly
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2011 Apr 12
1
Vpopmail and lastauth
Hello, I'm migrating many accounts to a new server with vpopmail 5.4.33
and dovecot 2.0.11.
I've already vpopmail 5.4.32 and dovecot 1.2.16 on others servers
running without problems.
With dovecot 2.0.11 my lastauth file is not updated. This file usually
is update on any access (smtp, pop3, imap) with the client's IP, for
every mailbox. Now it's updated only when a client
2019 Jun 27
2
Does ssh need sendfd in pledge() call?
Hi,
I posted this question to the OpenBSD bugs list last week, however
I have had no reply and it was suggested on IRC that I post here
instead. So I must apologise if this is not appropriate.
For a reference here is my previous post:
https://marc.info/?l=openbsd-bugs&m=156080681530337&w=2
I am running OpenBSD 6.5-stable (also tested on -current). When I
ssh somewhere I get a sig abort
2006 Sep 14
6
sshd audit not happy with ssh1 and scp
I think I've found a bug with sshd handling audit events for commands (like
scp) over ssh1 connections. Specifically, after updating to a recent FreeBSD
6.x with audit support, I'm getting log messages like these when using scp
over ssh1:
Sep 12 14:13:16 <auth.info> bm55 sshd[12335]: Accepted rsa for xxx from
A.B.C.D port 2981
Sep 12 14:13:16 <auth.crit> bm55 sshd[12335]:
2011 May 13
5
ssh_authorized_key loops when options is defined
Hi all,
I have no problem with creating ssh keys for users, but as soon as I
specify ''options'', puppet keeps repeating and replacing the key with
an identical key.
I have written the various options in various formats, like one big
strings, as an array, with double quotes or single quotes, etc, etc
(see examples below), but the issue stays
as a string ...
@authorizedkey {
2007 Dec 10
1
One more HEAD foible against our config
One more error/warning from the latest Puppet from git:
In the provider I have
KEYS = Facter.value(:roothome) + "/.ssh/authorized_keys"
Puppet::Type.type(:authorizedkey).provide(:parsed,
...
I get an error on the Puppetmaster:
Could not autoload
"/usr/lib/ruby/site_ruby/1.8/puppet/provider/authorizedkey/parsed.rb":
undefined method `+'' for nil:NilClass
Could not
2011 Apr 13
1
yum update - missing dependencies
Hi everyone,
I just upgraded to 5.6 and keep on getting the following error message:
[root at rwjafs1 ~]# yum update
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
* base: centos.mirror.nac.net
* extras: mirror.batblue.com
* updates: mirror.atlanticmetro.net
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package
2004 Dec 19
2
MFC/R2 errors
Hi all
I have MFCR2 successfully installed but seems to get warnings a s seen below when I start asterisk. Am running on Redhat 9.
Asterisk Ready.
*CLI> Dec 20 08:40:38 WARNING[1175077440]: chan_unicall.c:634 unicall_error: UniCall: mfcr2 far_unblocking_expired
Dec 20 08:40:38 WARNING[1175077440]: chan_unicall.c:634 unicall_error: UniCall: mfcr2 local_unblocking_expired
Dec 20 08:40:38
2012 Nov 20
4
Connection info with AuthorizedKeysCommand
I see that support for AuthorizedKeysCommand has been added. The
arguments supplied to the command is just the authenticating user. Can
we add the SSH connection details (ie. source and destination IPs and
ports) as well?
This command seems to be the idea way of requiring one set of
credentials from inside an organisation (say the user's own
authorized_keys file) and another set from outside
2011 Nov 29
1
opensuse 12.1 - unable to start libvirtd
I''ve just installed xen on opensuse 12.1 (4.1 as provided by yast) as will as libvirt + tools however I''m unable to start the libvirt daemon. Here are the log messages:
22:42:02.951: 2548: info : libvirt version: 0.9.6
22:42:02.951: 2548: error : virSysinfoRead:465 : internal error Failed to find path for dmidecode binary
22:42:02.956: 2548: error : virGetUserID:2122 : Failed