Displaying 20 results from an estimated 2000 matches similar to: "Patch for default Kerbers realm in AIX"
2009 Apr 02
17
[Bug 1583] New: User principal name in AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1583
Summary: User principal name in AIX
Product: Portable OpenSSH
Version: 5.2p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2009 Apr 01
2
bzero() before free()
Hi guys
I've been browsing the code and at many places I found the following odd sequence:
char * string=malloc(somesize);
?
bzero(string,strlen(string));
free(string);
I really don't see why you would zero a string and free the memory immediately afterwards?
Any idea why this is done?
Thanks!
Met vriendelijke groet
Best regards
Bien ? vous
Miguel SANDERS
ArcelorMittal Gent
UNIX
2010 May 27
1
Idle Time-out
Hi
Does OpenSSH have a feature in which a client gets kicked out after X minutes of inactivity (no keystrokes)?
I have seen this on other SSH implementations but I don't see it in OpenSSH.
Thnx!
Met vriendelijke groet
Best regards
Bien ? vous
Miguel SANDERS
ArcelorMittal Gent
UNIX Systems & Storage
IT Supply Western Europe | John Kennedylaan 51
B-9042 Gent
T +32 9 347 3538 | F +32 9
2009 Mar 31
2
Memory leak in do_ssh2_kex()
Hi guys
Apparently, there is small memory leak in the do_ssh2_kex() routine in sshd.c.
Line 2195 in sshd.c states:
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
Where list_hostkey_types() returns a pointer allocated by the xstrdup call (line 735). This pointer should be freed in the calling routine do_ssh2_key().
Should I make a patch for this?
Also, since my previous patch
2009 May 23
2
Memory leak caused by forwarded GSSAPI credential store
Hi guys
While debugging a GSSAPI memory allocation problem not related to OpenSSH, I found a memory leak in OpenSSH when storing forwarded GSSAPI credentials resulting in a growing process segment for each connection that uses GSSAPI credentials forwarding. What happens is the following:
In the privileged parent, we are calling ssh_gssapi_storecreds() which itself calls
2009 Apr 21
0
GSSAPIKeyExchange and GSSAPIStrictAcceptorCheck
Hi folks
Is there any particular reason why these two great features (thanks Simon!) are not part of the OpenSSH mainstream?
Met vriendelijke groet
Best regards
Bien ? vous
Miguel SANDERS
ArcelorMittal Gent
UNIX Systems & Storage
IT Supply Western Europe | John Kennedylaan 51
B-9042 Gent
T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023
E miguel.sanders at arcelormittal.com
2009 May 03
0
Server option PrintLastLog does not work on AIX
Hi
Apparently, the server option "PrintLastLog" does not work on AIX.
The last login time is always displayed, disregarding the option.
When browsing the code, I found out there are several functions in loginrec.c which solely handle the processing of the last login info (login_get_lastlog, getlast_entry).
Since AIX does not provide such a function natively, the configure script sets
2018 Aug 06
2
Winbind issue after upgrading from 4.7.5 to 4.8.3
Hi guys
We recently upgraded our Samba clusters from 4.7.5 to 4.8.3 and noticed
a difference in behavior for winbind.
The situation is as follows
Assume we have a local Linux user XYZ (UID 519) as well as a AD user
object XYZ (UID 30001).
idmap config * : backend = tdb2
idmap config * : range = 30000-50000
In our share definitions we regularly use the "force user"
2004 Dec 23
0
Is there a fix available for CAN-2003-0190(with test program)
> Sergio Gelato wrote;
>> I see that the rest of that function has an "if (problem) goto out;"
>> after
>> every krb5 library call. Doesn't that also introduce measurable time
>> differences? Interesting.
>
I wrote a test case with expect to measure the time difference for valid
and invalid user with the same workaround as said before. It seems to
2009 May 03
10
[Bug 1595] New: Server option PrintLastLog does not work on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1595
Summary: Server option PrintLastLog does not work on AIX
Product: Portable OpenSSH
Version: 5.2p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2018 Aug 07
1
Winbind issue after upgrading from 4.7.5 to 4.8.3
Hi
This is the global section of smb.conf.
[global]
workgroup = DOMAIN
realm = DOMAIN.COM
netbios name = SAMBA
security = ads
clustering = yes
idmap config * : backend = tdb2
idmap config * : range = 30000-50000
passdb backend = tdbsam
ctdbd socket = /usr/samba/var/run/ctdb/ctdbd.socket
winbind separator =
2009 May 23
7
[Bug 1601] New: Memory leak caused by forwarded GSSAPI credential store
https://bugzilla.mindrot.org/show_bug.cgi?id=1601
Summary: Memory leak caused by forwarded GSSAPI credential
store
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2009 Mar 03
0
GSSAPI cross-realm still broken
I've been trying to track down some problems with Dovecot in a Kerberos
5 cross-realm environment, and there seem to be a few issues.
LOGIN/PLAIN work fine using pam_krb5, but GSSAPI is a bit harder to
handle.
On line 436 of src/auth/mech-gssapi.c, the authn_name and the
authz_name are compared using gss_compare_name. This dates back to the
message at:
2008 Nov 12
1
Two problems with Samba in AD realm
Hello list.
I recently moved to an AD environment. I'm still keeping a samba servers
to make my cups-managed printers available to windows users, rather than
duplicating configuration with a Windows print service. But I'm facing
two problems, probably due to the way we manage AD.
First, all my host belong to a Unix-managed DNS domain
(msr-inria.inria.fr), not to the windows-managed
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2006 Feb 15
0
winbind and pam and ssh that's pam enabled
Okay,
winbind works and I can su - DOMAIN+user now. When I try to log in
with ssh (pam enabled), however, I see in the log it accepts my
password, but then the session closes. My pam.conf has;
su auth sufficient
/usr/lib/security/pam_winbind.so
login auth sufficient
/usr/lib/security/pam_winbind.so debug
sshd auth sufficient
2011 May 02
1
s3 winbind loosing kerbers ticket
I have 2 CentOS 5.6 x86_64 servers configured with with samba 3.5.4,
CTDB, GFS and DRDB in an avtive,active cluster. After some time winbind
looses the ticket. After this I have to do a net ads join on the server
to get things going. The main DC is a windows 2003 server with SP2. I do
have 2 more samba 4 DC's that I use for backup authentication only that
run on debian 6 that are a VM. Not
2008 Dec 02
2
Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"
Hi Samba Bods,
Sorry for re-posting this one but I got no response to my last post except
for a level 10 logs request which I uploaded last week.
I have been looking at numerous howtos and newsgroup postings and I cannot
spot what the issue is. I am sure its a simple config issue, but I am lost
..
I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using
"security =
2009 Apr 01
3
[Bug 1582] New: memory leak in do_ssh2_kex() routine (sshd.c)
https://bugzilla.mindrot.org/show_bug.cgi?id=1582
Summary: memory leak in do_ssh2_kex() routine (sshd.c)
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2008 Nov 26
3
AIX 53TL8 Samba 3.2.4 Active Directory Win2k3 - "session setup failed: Call returned zero bytes (EOF)"
Hi All,
I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using
"security = SERVER" in the smb.conf works fine, however I am having
some issues when using "security = ADS" ..
I have followed numerous HOWTOs and newsgroup listings and seem to be
going round in circles ..
I think I can authenticate ok against the domain win2k3 server, but
then Samba bombs out with