similar to: Patch for default Kerbers realm in AIX

https://bugzilla.mindrot.org/show_bug.cgi?id=1583 Summary: User principal name in AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: Kerberos support AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

Hi guys I've been browsing the code and at many places I found the following odd sequence: char * string=malloc(somesize); ? bzero(string,strlen(string)); free(string); I really don't see why you would zero a string and free the memory immediately afterwards? Any idea why this is done? Thanks! Met vriendelijke groet Best regards Bien ? vous Miguel SANDERS ArcelorMittal Gent UNIX

Hi Does OpenSSH have a feature in which a client gets kicked out after X minutes of inactivity (no keystrokes)? I have seen this on other SSH implementations but I don't see it in OpenSSH. Thnx! Met vriendelijke groet Best regards Bien ? vous Miguel SANDERS ArcelorMittal Gent UNIX Systems & Storage IT Supply Western Europe | John Kennedylaan 51 B-9042 Gent T +32 9 347 3538 | F +32 9

Hi guys Apparently, there is small memory leak in the do_ssh2_kex() routine in sshd.c. Line 2195 in sshd.c states: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); Where list_hostkey_types() returns a pointer allocated by the xstrdup call (line 735). This pointer should be freed in the calling routine do_ssh2_key(). Should I make a patch for this? Also, since my previous patch

Hi guys While debugging a GSSAPI memory allocation problem not related to OpenSSH, I found a memory leak in OpenSSH when storing forwarded GSSAPI credentials resulting in a growing process segment for each connection that uses GSSAPI credentials forwarding. What happens is the following: In the privileged parent, we are calling ssh_gssapi_storecreds() which itself calls

Hi folks Is there any particular reason why these two great features (thanks Simon!) are not part of the OpenSSH mainstream? Met vriendelijke groet Best regards Bien ? vous Miguel SANDERS ArcelorMittal Gent UNIX Systems & Storage IT Supply Western Europe | John Kennedylaan 51 B-9042 Gent T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023 E miguel.sanders at arcelormittal.com

Hi Apparently, the server option "PrintLastLog" does not work on AIX. The last login time is always displayed, disregarding the option. When browsing the code, I found out there are several functions in loginrec.c which solely handle the processing of the last login info (login_get_lastlog, getlast_entry). Since AIX does not provide such a function natively, the configure script sets

Hi guys We recently upgraded our Samba clusters from 4.7.5 to 4.8.3 and noticed a difference in behavior for winbind. The situation is as follows Assume we have a local Linux user XYZ (UID 519) as well as a AD user object XYZ (UID 30001).     idmap config * : backend = tdb2     idmap config * : range = 30000-50000 In our share definitions we regularly use the "force user"

> Sergio Gelato wrote; >> I see that the rest of that function has an "if (problem) goto out;" >> after >> every krb5 library call. Doesn't that also introduce measurable time >> differences? Interesting. > I wrote a test case with expect to measure the time difference for valid and invalid user with the same workaround as said before. It seems to

https://bugzilla.mindrot.org/show_bug.cgi?id=1595 Summary: Server option PrintLastLog does not work on AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

Hi This is the global section of smb.conf. [global]         workgroup = DOMAIN         realm = DOMAIN.COM         netbios name = SAMBA         security = ads         clustering = yes         idmap config * : backend = tdb2         idmap config * : range = 30000-50000         passdb backend = tdbsam         ctdbd socket = /usr/samba/var/run/ctdb/ctdbd.socket         winbind separator =

https://bugzilla.mindrot.org/show_bug.cgi?id=1601 Summary: Memory leak caused by forwarded GSSAPI credential store Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at

I've been trying to track down some problems with Dovecot in a Kerberos 5 cross-realm environment, and there seem to be a few issues. LOGIN/PLAIN work fine using pam_krb5, but GSSAPI is a bit harder to handle. On line 436 of src/auth/mech-gssapi.c, the authn_name and the authz_name are compared using gss_compare_name. This dates back to the message at:

Hello list. I recently moved to an AD environment. I'm still keeping a samba servers to make my cups-managed printers available to windows users, rather than duplicating configuration with a Windows print service. But I'm facing two problems, probably due to the way we manage AD. First, all my host belong to a Unix-managed DNS domain (msr-inria.inria.fr), not to the windows-managed

this is the proposed gssapi diff against OpenSSH-current (non-portable). note: if this goes in, the old krb5 auth (ssh.com compatible) will be removed. please comment. jakob Index: auth.h =================================================================== RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -u -r1.1.1.2 -r1.3 --- auth.h

Okay, winbind works and I can su - DOMAIN+user now. When I try to log in with ssh (pam enabled), however, I see in the log it accepts my password, but then the session closes. My pam.conf has; su auth sufficient /usr/lib/security/pam_winbind.so login auth sufficient /usr/lib/security/pam_winbind.so debug sshd auth sufficient

I have 2 CentOS 5.6 x86_64 servers configured with with samba 3.5.4, CTDB, GFS and DRDB in an avtive,active cluster. After some time winbind looses the ticket. After this I have to do a net ads join on the server to get things going. The main DC is a windows 2003 server with SP2. I do have 2 more samba 4 DC's that I use for backup authentication only that run on debian 6 that are a VM. Not

Hi Samba Bods, Sorry for re-posting this one but I got no response to my last post except for a level 10 logs request which I uploaded last week. I have been looking at numerous howtos and newsgroup postings and I cannot spot what the issue is. I am sure its a simple config issue, but I am lost .. I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using "security =

https://bugzilla.mindrot.org/show_bug.cgi?id=1582 Summary: memory leak in do_ssh2_kex() routine (sshd.c) Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

Hi All, I am using Samba 3.2.4 compiled from source on AIX 5.3 TL8 and using "security = SERVER" in the smb.conf works fine, however I am having some issues when using "security = ADS" .. I have followed numerous HOWTOs and newsgroup listings and seem to be going round in circles .. I think I can authenticate ok against the domain win2k3 server, but then Samba bombs out with