similar to: [Bug 3657] New: AuthenticationMethods any apparently not possible after previous non-any assignment

A few months ago I discovered *. Recently have taken more interest in it, since I have to install phones into my wife's small office. Hope that my questions weren't discussed recently and are not to dumb. The current requirements for * consist of a single incoming ISDN BRI line (currently have 5 MSN allocated), 3 internal extensions and a single analog fax. 1. I plan to buy some el

https://bugzilla.mindrot.org/show_bug.cgi?id=2663 Bug ID: 2663 Summary: [man] sshd_config(5) AuthenticationMethods segment clarification, proposal and questions Product: Portable OpenSSH Version: 7.2p2 Hardware: Other OS: Linux Status: NEW Keywords: low-hanging-fruit

https://bugzilla.mindrot.org/show_bug.cgi?id=2398 Bug ID: 2398 Summary: AuthenticationMethods doesn't have default value (inconsistency) and it accept empty value Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, I just came across a contradiction between the man page of AuthenticationMethods and the accepted methods list. According to the sshd_config manual page: """ AuthenticationMethods Specifies the authentication methods that must be successfully completed for a user to be granted access. This option must be followed by one

https://bugzilla.mindrot.org/show_bug.cgi?id=2502 Bug ID: 2502 Summary: using AuthenticationMethods to require s/key and pam doesn't work Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2270 Bug ID: 2270 Summary: AuthenticationMethods - partial success is considered as failure Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2453 Bug ID: 2453 Summary: Document authentication method "none" for AuthenticationMethods Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=3651 Bug ID: 3651 Summary: tracking bug for openssh-9.7 Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

Hi. I can see that SSH partial success functionality was implemented very recently in the OpenSSH server. That's great news. I just tried it and I don't seem to be able to make it work with both public key authentication and password authentication through PAM. I wonder if this is a bug or something that won't be implemented for now or if this is still WIP and I should be more

https://bugzilla.mindrot.org/show_bug.cgi?id=2397 Bug ID: 2397 Summary: Match block doesn't match negated addresses Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|pgsery at swcp.com |djm at mindrot.org --- Comment #58 from Damien Miller

Hey, Judging from the (private) responses I?ve got, there is quite a bit of interest in the U2F feature I proposed a while ago. Therefore, I?ve taken some time to resolve the remaining issues, and I think the resulting patch (attached to this email) is in quite a good state now. I also posted the new version of the patch to https://bugzilla.mindrot.org/show_bug.cgi?id=2319 (which I?ve opened

I'm writing a PAM module to do authentication through Signal (as in Open Whisper Systems) [1]. I would like to be able to offer (Public key AND Signal) or (Password AND Signal) for authentication. This suggests setting AuthenticationMethods to publickey,keyboard-interactive:pam password,keyboard-interactive:pam However, when PAM is enabled "password" means "show password

Hello Damien, Brian and all, thanks for the suggestions. I actually had not considered host-based authentication and looked it up. As I understand from my first quick reading, I would need to specify the clients which are allowed to use host-based auth on the server with a DNS name or an IP, which would not work for a client behind a CG NAT or in a cellular network. Or did I get this wrong?

On Thu, Dec 18, 2014 at 2:01 AM, Damien Miller <...> wrote: > On Wed, 17 Dec 2014, Dmt Ops wrote: > >> vi /etc/ssh/sshd_config >> ... >> - ChallengeResponseAuthentication no >> + ChallengeResponseAuthentication yes >> + KbdInteractiveAuthentication yes >>

Greetings All, I have a ssh server which allows sftp connections from the Internet while ssh connections from within the local net, here is the config: Code: Port 11111 Port 11113 Protocol 2 LogLevel DEBUG

I don't see a way to do this currently (unless I am missing something) but I would like to be able to specify, that in order for a user to login, they need to use at least 1 public key from 2 separate key sources.? Specifically this would be when using "AuthenticationMethods publickey,publickey".? Right now requiring 2 public keys for authentication will allow 2 public keys from

Hi, first of: my familiarity with OpenSSH/Pam code-base is very limited.. Please excuse me if some of this does not make any sense or seems stupid! I'm investigating if it is possible for a PAM module to find out which public key was accepted (when 'AuthenticationMethods publickey,keyboard-interactive' is used). From my digging in the source, it seems it is currently not. Would

OpenSSH 7.3 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

https://bugzilla.mindrot.org/show_bug.cgi?id=2323 Bug ID: 2323 Summary: Two factor authentication with two different SSH keys Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs