similar to: Multiple PAM vulnerabilities in portable OpenSSH

Displaying 20 results from an estimated 10000 matches similar to: "Multiple PAM vulnerabilities in portable OpenSSH"

2003 Sep 23
3
OpenSSH: multiple vulnerabilities in the new PAM code
This affects only 3.7p1 and 3.7.1p1. The advice to leave PAM disabled is far from heartening, nor is the semi-lame blaming the PAM spec for implementation bugs. I happen to like OPIE for remote access. Subject: Portable OpenSSH Security Advisory: sshpam.adv This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1
2003 Sep 23
1
Portable OpenSSH 3.7.1p2 released
Portable OpenSSH 3.7.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/portable.html shortly. Please note that this is a release to address issues in the portable version only. The items mentioned below do not affect the OpenBSD version. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client
2003 Sep 23
1
Portable OpenSSH 3.7.1p2 released
Portable OpenSSH 3.7.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/portable.html shortly. Please note that this is a release to address issues in the portable version only. The items mentioned below do not affect the OpenBSD version. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client
2009 Jun 04
3
PasswordAuthentication fails in openssh3.7.1p1 as it does not use PAM
All, I am an engineer working with Brocade. We recently upgraded one of our products to openssh3.7.1p1. Once we did this, the password authentication always failed while connecting through ssh. The authentication succeeds if attempted through keyboard-interactive authentication. On debugging this we found that Password authentication is not working because it doesn't Use PAM in
2004 Feb 27
0
PAM patch for openssh 3.7.1p2
SecureComputing's PAM library doesn't pass back the correct context to the pam_conversation function, i.e. it passes back NULL. So this patch works around this fact. likely you'll only want this hack if you expect to use pam_safeword.so in your authentication check, and only if you run sshd in privilege separation (separate process) mode so that the PAM conversation is single
2003 Sep 21
11
[Bug 696] PAM modules getting bypassed when connecting from f-secure ssh client to openssh 3.7p1 or 3.7.1p1 servers
http://bugzilla.mindrot.org/show_bug.cgi?id=696 Summary: PAM modules getting bypassed when connecting from f- secure ssh client to openssh 3.7p1 or 3.7.1p1 servers Product: Portable OpenSSH Version: 3.7.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: minor Priority: P2
2004 May 18
1
pam_tally question
hi, i just noticed that my pam_tally config has stopped working. it used to work in 3.6.1p2, but since then hasn't. i configured openssh like so: ./configure --with-tcp-wrappers --with-pam --with-privsep-user=sshd --with-md5-passwords --with-ipaddr-display and i do have "UsePAM yes" set in sshd_config. i've tried and failed to get it to work with 3.7.1p2 and 3.8.1p1. i've
2003 Sep 26
1
openssh-3.7.1p2: no pam_close_session() invocation
Hello, I would like to use PAM. All PAM interaction worked well with openssh-3.5 Now that I have tried to upgrade to 3.7.1p1/p2 the pam_close_session() function won't get invoked. Some debugging shows, that the call is protected by an if-statement (module auth-pam.c, function sshpam_cleanup): if (sshpam_session_open) { pam_close_session(sshpam_handle, PAM_SILENT); /* cb, 26.09.03 */
2003 Oct 07
0
[Bug 732] Number of logins mandated by PAM doesn't work correctly
http://bugzilla.mindrot.org/show_bug.cgi?id=732 Summary: Number of logins mandated by PAM doesn't work correctly Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: openssh-bugs at mindrot.org
2003 Oct 04
1
pam problem in openssh-3.7.1p2
ok, here the log +root at alex ~/ssh+ ls -al total 1604 drwxr-xr-x 2 root wheel 512 Oct 4 17:03 . drwxr-xr-x 16 root wheel 1024 Oct 4 17:02 .. -rw------- 1 root wheel 791161 Sep 22 15:06 openssh-3.7.1p1.tar.gz -rw------- 1 root wheel 792280 Sep 25 15:00 openssh-3.7.1p2.tar.gz +root at alex ~/ssh+ tar xzf openssh-3.7.1p2.tar.gz +root at alex ~/ssh+ cd openssh-3.7.1p2 +root at
2003 Nov 18
4
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwor ds
It works for the "yes" case but not for the "without-password" case. The function that checks (auth_root_allowed(auth_method) is special cased for "password". The Pam case sends "keyboard-interactive/pam" which like all other authentication methods except password succeeds. Here is a patch to make it work for me. Please feel free to criticize as
2003 Sep 25
2
unexpected change in "locked account" behaviour
I just ran into what I'd describe as an unexpected side-effect. I don't think it's necessarily a bug, and I don't need any assistance in working around it, but this information might be useful to others for troubleshooting. This was using OpenSSH built under Solaris 2.5.1, and running under 2.5.1 or 8. The symptom was that after upgrading from 3.7.1p1 to 3.7.1p2, some accounts
2003 Sep 17
4
[Bug 647] Setting "UsePAM no" in sshd_config gives error if not config'ed w/ --with-pam
http://bugzilla.mindrot.org/show_bug.cgi?id=647 Summary: Setting "UsePAM no" in sshd_config gives error if not config'ed w/ --with-pam Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: SunOS Status: NEW Severity: minor Priority: P4 Component: sshd
2003 Nov 17
1
3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwords
Greetings, I know that part of the following has been discussed here before but please bear with me. We are running on Solaris versions 2.6 - 9 with a NISplus name service. The permissions on the NISplus password map have been modified to limit read access to the encrypted password field of the passwd table to only the entry owner and the table administrators. See:
2004 Jan 25
1
Puzzled about PAM support in OpenSSH-3.7.1p2
I'm trying to understand the code around PAM support in auth2.c and auth2-chall.c. I'm working with the OpenSSH 3.7.1p2 sources on FreeBSD 4.x. The scenario I'm trying to make work is SSH login to a captive accout for users in a RADIUS database but whose login does not appear in /etc/passwd or getpwnam(). I understand that if the username is not found in getpwnam(), then the
2003 Oct 04
1
Problem with OpenSSH =>3.7p1 on Linux \w Linux-PAM 0.77
Hello, I'm currently running OpenSSH 3.6.1p2 successfully on older Slackware Linux. Glibc in use is 2.2.2 and Linux-PAM 0.77. I have been compiling OpenSSH for couple years until now with options --sysconfdir=/etc/ssh --with-ipv4-default --with-pam \ --without-shadow --disable-suid-ssh Unfortunately, upgrading to =>3.7p1 makes PAM-authentication fail. Authentication simply
2003 Sep 23
0
PAM vulnerability in portable OpenSSH
> Interesting quote: > > "Due to complexity, inconsistencies in the specification and differences > between vendors' PAM implementations we recommend that PAM be left disabled > in sshd_config unless there is a need for its use. Sites only using public > key or simple password authentication usually have little need to enable PAM > support." > > Slander?
2015 Nov 19
4
[Bug 2502] New: using AuthenticationMethods to require s/key and pam doesn't work
https://bugzilla.mindrot.org/show_bug.cgi?id=2502 Bug ID: 2502 Summary: using AuthenticationMethods to require s/key and pam doesn't work Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd
2003 Oct 28
2
Privilege separation
Hello! Please consider including the attached patch in the next release. It allows one to drop privilege separation code while building openssh by using '--disable-privsep' switch of configure script. If one doesn't use privilege separation at all, why don't simply allow him to drop privilege separation support completely? -- Sincerely Your, Dan. -------------- next part
2003 Sep 17
3
[Bug 665] sshd doesn't work on Mac OS X
http://bugzilla.mindrot.org/show_bug.cgi?id=665 Summary: sshd doesn't work on Mac OS X Product: Portable OpenSSH Version: 3.7p1 Platform: PPC OS/Version: Mac OS X Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: max at