similar to: [Bug 2548] New: Make pam_set_data/pam_get_data work with OpenSSH

https://bugzilla.mindrot.org/show_bug.cgi?id=2549 Bug ID: 2549 Summary: [PATCH] Allow PAM conversation for pam_setcred for keyboard-interactive authentication Product: Portable OpenSSH Version: 7.1p2 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5

>> >Could we please have a clarification on the semantics of >> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS? >> >> My interpretation is: >> >> You call PAM_ESTABLISH_CRED to create them >> You call PAM_REINITIALIZE_CRED to update creds that can expire over time, >> for example a kerberos ticket. Oops. I meant

>Using OpenSSH 3.1p1 on a Sun Solaris 7 box, I disabled an account using the >'passwd -l ...' command to lock the users password. However, the user can >still access the system via ssh. Whilst I could do other things such as >moving their .ssh directory, removing their account home directory, etc, >etc, is there some 'nicer' way to inform ssh that the account is now

https://bugzilla.mindrot.org/show_bug.cgi?id=2636 Bug ID: 2636 Summary: Fix X11 forwarding, when ::1 is not configured Product: Portable OpenSSH Version: 7.3p1 Hardware: Sparc OS: Solaris Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2376 Bug ID: 2376 Summary: Add compile time option to disable Curve25519 Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5 Component: Build system Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2299 Bug ID: 2299 Summary: Disable uid=0 resetting test on Solaris Product: Portable OpenSSH Version: 6.7p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2719 Bug ID: 2719 Summary: Notify user, when ssh transport process dies. Product: Portable OpenSSH Version: 7.5p1 Hardware: Sparc OS: Solaris Status: NEW Severity: minor Priority: P5 Component: sftp Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2718 Bug ID: 2718 Summary: SFTP idle timeout Product: Portable OpenSSH Version: 7.5p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5 Component: sftp-server Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2101 Bug ID: 2101 Summary: Unaligned memory access on sparc in UMAC implemetation Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2378 Bug ID: 2378 Summary: Allow login to a role using Hostbased auth on platforms supporting PAM_AUSER Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=688 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |822 nThis| | Status|NEW |ASSIGNED

https://bugzilla.mindrot.org/show_bug.cgi?id=2565 Bug ID: 2565 Summary: High baud rate gets sent, solaris closes pty Product: Portable OpenSSH Version: 7.1p2 Hardware: Sparc OS: Solaris Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2637 Bug ID: 2637 Summary: GSSAPIStrictAcceptorCheck should default to 'yes' Product: Portable OpenSSH Version: 7.3p1 Hardware: Sparc OS: Solaris Status: NEW Severity: minor Priority: P5 Component: Kerberos support Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2469 Bug ID: 2469 Summary: ssh connection hangs indefinitely on EPIPE Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: Solaris Status: NEW Severity: major Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2402 Bug ID: 2402 Summary: Missing include in kex.h results in compilation error due to unknown type Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=2278 Bug ID: 2278 Summary: 'configure --disable-lastlog' should mark PrintLastLog as unsupported in servconf.c Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: Solaris Status: NEW Severity: minor Priority: P5

>Neither the Sun PAM documentation nor the Linux-PAM documentation >describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail. I would agree it is vague, but then that is also a problem with the XSSO document (http://www.opengroup.org/onlinepubs/008329799/) >Could we please have a clarification on the semantics of >PAM_CRED_ESTABLISH vs. the semantics of

Should pam_setcred() be called if pam_authenticate() wasn't called? I would say not; both of these functions are in the authenticate part of pam. It seems the the 'auth' part of pam config controls which modules get called, so if you didn't to _authenticate() you shouldn't do _setcred(). thx /fc

On 05/29/17 04:13 AM, Damien Miller wrote: > On Fri, 26 May 2017, Tomas Kuthan wrote: > >> Hi team, >> >> Any chance my patch introducing new sftp-server option '-t idle_timout' [1,2] >> could be accepted into openssh/openssh-portable? > > I think the best place to implement a idle timeout is in sshd. Then it > could be made per-channel and be able to

https://bugzilla.mindrot.org/show_bug.cgi?id=2507 Bug ID: 2507 Summary: missing or misleading error messages Product: Portable OpenSSH Version: 7.1p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org