similar to: Working with PAM stages

Displaying 20 results from an estimated 500 matches similar to: "Working with PAM stages"

2014 Feb 05
1
Make SSH_ORIGINAL_COMMAND available in AuthorizedKeysCommand context
Hi Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to know if it might be possible to access it in the AuthorizedKeysCommand context (via env ?). Is this possible ? can anybody give me advice on going into this ? If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics information to the AuthorizedKeysCommand script. Currently, the only alternative
2010 Apr 09
4
OpenSSH 5.5p1 about to be released
Hi, I'm likely going to release 5.5p1 in the next couple of days, mainly for the AuthorizedKeys bug. If you would like to test on your platform or submit any patches (portability only) then this is your last chance :) -d
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2681 Bug ID: 2681 Summary: postauth processes to log via monitor Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at
2014 Aug 22
7
[Bug 2263] New: sshd privsep monitor process doesn't handle SIGXFSZ signal
https://bugzilla.mindrot.org/show_bug.cgi?id=2263 Bug ID: 2263 Summary: sshd privsep monitor process doesn't handle SIGXFSZ signal Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd
2015 Nov 17
2
Add host
Hi, I have two host machines both installed with libvirt and virt-manager, which provides me with GUI. I have virtual machines running in one of the host. Now I want to migrate some of the virtual machines to the other machines. I am trying to migrate using the Virtual Machine Manager. When I select migrate, it pops up a window to choose the new host. The dropdown menu to choose the new host for
2024 Jul 14
1
Splitting of sshd binaries in 9.8?
I realize that the splitting of the sshd binaries is a work in progress. Nonetheless I am trying to make a diagram of the situation as of 9.8. How close have I gotten? Is it correct that currently for a basic session, binaries are run four ways? 1. A privileged binary to listen for incoming connections (66717 below) 2. A privileged session monitor to track the session, for the duration of the
2020 Jun 03
7
Auth via Multiple Publickeys, Using Multiple Sources, One Key per Source
I don't see a way to do this currently (unless I am missing something) but I would like to be able to specify, that in order for a user to login, they need to use at least 1 public key from 2 separate key sources.? Specifically this would be when using "AuthenticationMethods publickey,publickey".? Right now requiring 2 public keys for authentication will allow 2 public keys from
2023 Jun 09
1
Question About Dynamic Remote Forwarding
Hi all, When a client requests dynamic remote forwarding with -R it delays forking into the background. In ssh.c we see if (options.fork_after_authentication) { if (options.exit_on_forward_failure && options.num_remote_forwards > 0) { debug("deferring postauth fork until remote forward " "confirmation received");
2016 Nov 16
2
problem connecting to shares from Win7 clients - invalid NTLMSSP_MIC
Domain users using Windows 7 systems lose the ability to connect to Samba shares. Some users can connect one day but then lose the ability the next. When the problem starts to occur the log.smbd displays: =============================================== check_ntlm_password: authentication for user [user1] -> [user1] -> [MYDOMAIN\user1] succeeded ntlmssp_server_postauth: invalid
2023 Jun 10
1
Question About Dynamic Remote Forwarding
On Fri, 9 Jun 2023, Chris Rapier wrote: > Hi all, > > When a client requests dynamic remote forwarding with -R it delays forking > into the background. In ssh.c we see > > if (options.fork_after_authentication) { > if (options.exit_on_forward_failure && > options.num_remote_forwards > 0) { > debug("deferring postauth fork until
2010 Jun 15
3
[Bug 1782] New: Match support for HostbasedUsesNameFromPacketOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=1782 Summary: Match support for HostbasedUsesNameFromPacketOnly Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org
2011 Apr 12
1
Vpopmail and lastauth
Hello, I'm migrating many accounts to a new server with vpopmail 5.4.33 and dovecot 2.0.11. I've already vpopmail 5.4.32 and dovecot 1.2.16 on others servers running without problems. With dovecot 2.0.11 my lastauth file is not updated. This file usually is update on any access (smtp, pop3, imap) with the client's IP, for every mailbox. Now it's updated only when a client
2019 Jun 27
2
Does ssh need sendfd in pledge() call?
Hi, I posted this question to the OpenBSD bugs list last week, however I have had no reply and it was suggested on IRC that I post here instead. So I must apologise if this is not appropriate. For a reference here is my previous post: https://marc.info/?l=openbsd-bugs&m=156080681530337&w=2 I am running OpenBSD 6.5-stable (also tested on -current). When I ssh somewhere I get a sig abort
2006 Sep 14
6
sshd audit not happy with ssh1 and scp
I think I've found a bug with sshd handling audit events for commands (like scp) over ssh1 connections. Specifically, after updating to a recent FreeBSD 6.x with audit support, I'm getting log messages like these when using scp over ssh1: Sep 12 14:13:16 <auth.info> bm55 sshd[12335]: Accepted rsa for xxx from A.B.C.D port 2981 Sep 12 14:13:16 <auth.crit> bm55 sshd[12335]:
2011 May 13
5
ssh_authorized_key loops when options is defined
Hi all, I have no problem with creating ssh keys for users, but as soon as I specify ''options'', puppet keeps repeating and replacing the key with an identical key. I have written the various options in various formats, like one big strings, as an array, with double quotes or single quotes, etc, etc (see examples below), but the issue stays as a string ... @authorizedkey {
2007 Dec 10
1
One more HEAD foible against our config
One more error/warning from the latest Puppet from git: In the provider I have KEYS = Facter.value(:roothome) + "/.ssh/authorized_keys" Puppet::Type.type(:authorizedkey).provide(:parsed, ... I get an error on the Puppetmaster: Could not autoload "/usr/lib/ruby/site_ruby/1.8/puppet/provider/authorizedkey/parsed.rb": undefined method `+'' for nil:NilClass Could not
2011 Apr 13
1
yum update - missing dependencies
Hi everyone, I just upgraded to 5.6 and keep on getting the following error message: [root at rwjafs1 ~]# yum update Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * base: centos.mirror.nac.net * extras: mirror.batblue.com * updates: mirror.atlanticmetro.net Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package
2004 Dec 19
2
MFC/R2 errors
Hi all I have MFCR2 successfully installed but seems to get warnings a s seen below when I start asterisk. Am running on Redhat 9. Asterisk Ready. *CLI> Dec 20 08:40:38 WARNING[1175077440]: chan_unicall.c:634 unicall_error: UniCall: mfcr2 far_unblocking_expired Dec 20 08:40:38 WARNING[1175077440]: chan_unicall.c:634 unicall_error: UniCall: mfcr2 local_unblocking_expired Dec 20 08:40:38
2012 Nov 20
4
Connection info with AuthorizedKeysCommand
I see that support for AuthorizedKeysCommand has been added. The arguments supplied to the command is just the authenticating user. Can we add the SSH connection details (ie. source and destination IPs and ports) as well? This command seems to be the idea way of requiring one set of credentials from inside an organisation (say the user's own authorized_keys file) and another set from outside
2011 Nov 29
1
opensuse 12.1 - unable to start libvirtd
I''ve just installed xen on opensuse 12.1 (4.1 as provided by yast) as will as libvirt + tools however I''m unable to start the libvirt daemon. Here are the log messages: 22:42:02.951: 2548: info : libvirt version: 0.9.6 22:42:02.951: 2548: error : virSysinfoRead:465 : internal error Failed to find path for dmidecode binary 22:42:02.956: 2548: error : virGetUserID:2122 : Failed