Displaying 20 results from an estimated 1000 matches similar to: "[Bug 3154] New: Issue with showing info and error messages from a blocking PAM module"
2003 Jun 20
1
Problems with conversation functions PAM + OpenSSH
Hello
sorry, for bothering you with this problem, but I ca't find solutions.
I write small PAM module, and I've got the problem with conversation
function with OpenSSH 3.5p1.
When the message style is PAM_PROMPT_ECHO_ON, or PAM_PROMPT_ECHO_OFF
everything is allright. But when I use PAM_TEXT_INFO, or PAM_ERROR_MSG,
ssh prints nothing on the client side. Does anyone know the reason of
2004 Jan 12
1
PAM_ERROR_MSG and PAM_TEXT_INFO from modules
Hi,
I have tested the current snapshot portable release (dated Jan 9
2004).
configuration has:
UsePAM yes
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePrivilegeSeparation yes
two problems:
first pam_motd does not work anymore.
second, I needed a quick way to disable normal user logins without
disabling admin accounts (members of group wheel). the best option i
could come
2018 Jun 12
16
[Bug 2876] New: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2876
Bug ID: 2876
Summary: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not
honoured during PAM authentication
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2002 Apr 26
0
PAM keyboard-interactive
The following patch (relative to -current) makes PAM a proper
kbd-interactive citizen. There are a few limitations (grep for todo), but
the code seems to work OK for protocols 1 & 2 with and without privsep.
Please have a play!
auth2-pam.c is based on code from FreeBSD.
Index: auth2-chall.c
===================================================================
RCS file:
2022 Oct 10
1
[Bug 3481] New: PAM_TEXT_INFO messages are shown twice if they are the last conversation
https://bugzilla.mindrot.org/show_bug.cgi?id=3481
Bug ID: 3481
Summary: PAM_TEXT_INFO messages are shown twice if they are the
last conversation
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component:
2005 Apr 30
1
PAM_AUTH_ERR messages
Hi,
There seems to be no way for PAM to inform a user why her ssh login
attempt is being denied. Niether PAM_TEXT_INFO or PAM_ERROR_MSG
conversation messages are passed on to the user by sshd unless the login
is successful. This is causing great frustration for us at several sites
where users can't figure out why their logins aren't working.
Would a patch be accepted to display such
2002 Jul 02
3
New PAM kbd-int diff
Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes
PAM kbd-int work with privilege separation.
Contrary to what I have previously stated - it *does* handle multiple
prompts. What it does not handle is multiple passes through the PAM
conversation function, which would be required for expired password
changing.
I would really appreciate some additional eyes over the
2007 Jun 05
2
pam_ldap-184 compile error
I tried to compile pam_ldap-184 but it gave lots of error msgs. BTW, I
have successfully compiled nss_ldap-255.
For pam_ldap, my configure looks like:
./configure --with-ldap-lib=openldap --with-ldap-dir=/usr/local
--with-ldap-conf-file=/usr/local/etc/openldap/ldap.conf
and the following is the configure output
--- start of configure output ---
creating cache ./config.cache
checking host system
2002 Feb 15
0
[Bug 118] New: Implement TIS (protocol 1) via PAM
http://bugzilla.mindrot.org/show_bug.cgi?id=118
Summary: Implement TIS (protocol 1) via PAM
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: fcusack at
2003 Jan 10
0
Samba-2.2.7a Compile error --with-pam
Guys, I'm having some problems trying to compile Samba-2.2.7a --with-pam.
The ./configure works fine but the compile fails. I have no problems
--without-pam.
Any help would be greately appreciated.
Linux SuSE SLES7 on S390, Kernel 2.4.19, Samba 2.2.7a, gcc-2.95.3-62,
pam-0.74-34, pam-devel-0.74-34
./configure \
--prefix=/usr \
--sysconfdir=/etc/samba \
--localstatedir=/var/log/samba \
2002 Jun 25
4
PAM kbd-int with privsep
The following is a patch (based on FreeBSD code) which gets kbd-int
working with privsep. It moves the kbd-int PAM conversation to a child
process and communicates with it over a socket.
The patch has a limitation: it does not handle multiple prompts - I have
no idea how common these are in real-life. Furthermore it is not well
tested at all (despite my many requests on openssh-unix-dev@).
-d
2000 Aug 24
0
patch for a few things
This isn't related to the snapshot, but mention of it reminded me to submit
these changes.
I added a few things, and made a couple small changes; here's a list of
what the patch includes:
- adds a "-1" argument to ssh and ssh.1 to force protocol1, similar to
the existing "-2" argument.
- adds "-1" and "-2" to scp and scp.1 as well.
- adds
2002 Jun 28
2
Error when configuring pam on samba (MANDRAKE 8.2 and before)
Hi, i use mandrake 8.2 and i have this error when i run the following
command (for pam use).
I also have the same error on older mandrake's.
Is this related to mandrake or what ?
Someone has a solution plz ?
make nsswitch/pam_winbind.so
Compiling nsswitch/pam_winbind.c with -fPIC
nsswitch/pam_winbind.c:65: parse error before `*'
nsswitch/pam_winbind.c: In function `converse':
2003 Jan 28
1
[nsswitch/pam_winbind.po] Error 1 With Compiling 3.0
Greetings,
***Warning: New to compiling and use RPMs whenever I can :-)***
When trying to compile I get the above error. It is preceded by:
=======
.
.
.
Compiling nsswitch/pam_winbind.c with -fPIC
nsswitch/pam_winbind.c:60: parse error before `*'
nsswitch/pam_winbind.c: In function `converse':
nsswitch/pam_winbind.c:67: `pamh' undeclared (first use in this
function)
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
Hello,
appended is a patch that makes it possible to use PAM both for
password authentication and TIS (i.e. s/key or opie or any other
interactive challenge/response scheme). I have developed this starting
from the patch at http://www.debian.org/Bugs/db/61/61906.html on
Debian with openssh-2.1.1p4-3. After configuring ssh with
--with-pam-tis, there are two PAM services, "sshd" and
2005 Jun 21
1
problem with pam_converse with openssh protocol version 1
Hi,
My company decided to implement security restrictions lately and I was
to write more strict authorization modules for pam. One of it works
asking for some kind of additional security string (for example pin from
some kind of token). It is done by pam module, which asks calling
application to do conversation for him:
prompt_msg.msg_style = PAM_PROMPT_ECHO_OFF;
2009 Dec 01
1
Password Change from Windows machines ("You do not have permission to change your password")
Hello,
I just wasted several hours trying to figure out why I could not
change Samba passwords from Windows XP computers. I'm posting here so
that there is some form of documentation about this on the web.
My setup is basically this:
- Samba 3.3.2 (running under Ubuntu 9.04)
- OpenLDAP user database
- Full O.S. support for OpenLDAP auth, using nsswitch and PAM.
(My client
1998 Oct 29
0
Digest.
Hi,
There have been a bunch of useful submissions for the compare /contrast
thread.
To reduce the load on your mailbox, they are gathered here in one go...
Roger.
Date: Wed, 28 Oct 1998 15:11:37 +0000
From: "David L. Sifry" <dsifry@linuxcare.com>
To: "Matthew S. Crocker" <matthew@crocker.com>
CC: Rob Bringman <rob@trion.com>,
2001 Oct 26
5
New password echoes on Sol8
I tried replacing readpassphrase() for v2.9.9p2 on Sol8 with a different
version that just calls getpassphrase(). It appears to solve the echo
problem when the user tries to login in interactive mode and needs to
change their password.
Can anyone else try this with v2.9.9p2 on Solaris? Be sure to add:
#define HAVE_GETPASSPHRASE
... to config.h when compiling (since it's not a configurable