similar to: SSH PAM authentication/login with a new user DB (through NSS)

I connect to my OpenSSH 3.8.1p1 server and when the password dialog shoes up I wait a min or so, long enough for the "Timeout before authentication for %s" alarm to trigger. If at that point I enter my password ssh will just sit there: debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad

On Fri, Jun 04, 2004 at 01:20:54PM -0400, Joey Hess wrote: > My colocated server was refusing both ssh and ssl telnet connections. > It looked like this: > > joey:~>ssh -v kite > OpenSSH_3.8.1p1 Debian 1:3.8.1p1-4, OpenSSL 0.9.7d 17 Mar 2004 > debug1: Reading configuration data /home/joey/.ssh/config > debug1: Applying options for kite > debug1: Reading configuration

I would like to implement an arbitrary script to be executed when logging on via SSH. This is supposedly possible using the ForceCommand option to sshd. However, as soon as I implement any script, even as simple as echoing a string, clients can no longer connect to the server. Clients report only that the connection was dropped by the server. The server, in debug mode, shows: Feb 17 16:14:01

Greetings, I know this has been discussed (pretty much since 3.7.1) and I have been going through the archives trying to make sense of it but I am still having problems getting 3.8.1p1 to work with PAM and AFS on Solaris 8. The problem (for those who may have missed it): When I try and log in as an AFS user to a Solaris 8 box running 3.8.1p1, I can authenticate to the machine but do not

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

https://bugzilla.mindrot.org/show_bug.cgi?id=1795 Summary: An integer variable "num" in mm_answer_pam_query() is not initialized before used Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: PAM support

I am out of ideas about what the problem is. I am using the default sshd_config installed by the port. I can authenticate, copy files, and start processes, but sshd fails to create a tty session. This happens from remote machines and creating a session from the host machine. I find the following under messages. Aug 8 19:32:16 mongoloid sshd[44626]: fatal: mm_send_fd: sendmsg(4): Bad

Hi OpenSSH team, I find a url http://www.gossamer-threads.com/lists/openssh/dev/42808?do=post_view_threaded#42808, which provides unofficial patch for FIPS Capable OpenSSH. I try it and it seems working for some cases. (BTW, I also find that aes128-ctr, aes192-ctr and aes256-ctr ciphers can't work in FIPS mode properly. The fips mode sshd debug info is as following.

sshd also dies when certain other kinds of traffic is generated, such as `man pw' using the most pager[1], and many x11 apps such as emacs. However, it is stable when running simple x11 apps such as xeyes, and the link its self is stable -- a terminal will stay connected without issue for days, as long as not much happens in it. Also a sshfs connection dies immediately. ssh -Y karren gkrellm

Hi OpenSSh Developer, Currently, I can make openssh-5.0p1 working in FIPS mode. The detail steps I did are as follows. 1) Build FIPS OpenSSL according to FIPS User Guide(http://www.openssl.org/docs/fips/) on HP-UX PA 11.23 box. FIPS object module is generated by compiling openssl-fips-1.1.2. FIPS OpenSSL is built by openssl-0.9.7m, which is passed fips option for Configure step. 2) Modify

Darren Tucker <dtucker at zip.com.au> writes: >That's a vendor-modified version of OpenSSH. Assuming it corresponds to >what's in FreeBSD head, there's about a thousand lines of changes. Ugh. >Can you reproduce the problem with an unmodified version from openssh.com? >Failing that, can you get the server-side debug output from a failing >connection (ie

http://bugzilla.mindrot.org/show_bug.cgi?id=938 Summary: "AllowGroups" option and secondary user's groups limit Product: Portable OpenSSH Version: 3.9p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: PAM support AssignedTo: openssh-bugs at

Hello, I am using OpenSSH-3.8p1 on HP-UX machine with USE_POSIX_THREADS option. This is for making the kerberos credentials file to be created in the system with PAM. In OpenSSH versions 3.5 when authentication is done with pam kerberos, a /tmp/krb5cc_X_Y file is created on the server side. But the KRB5CCNAME variable is not set by default. So, after we manually set this environment variable, the

[ Sorry for the length of this; I felt it better to provide potentially too much info, rather than not enough. I've probably missed something that's important, though! ] I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and "UsePrivilegeSeparation no" is set. The code detects that the user password is aged (according to shadow) but then fails to let me

Hi Darren/Damien, Sorry for responding so late. Still hope we can get this sorted out. Yes I am indeed using PAM for ssh authentication and disabling priv seperation is a no-go for us since it opens up a security loophole. From what I can see in ptree and auth logs, when the child passwd process returns with SIGCHLD, the parent sshd process terminates. Sshd logs are as follows as requested at

https://bugzilla.mindrot.org/show_bug.cgi?id=2475 Bug ID: 2475 Summary: Login failure when PasswordAuthentication, ChallengeResponseAuthentication, and PermitEmptyPasswords are all enabled Product: Portable OpenSSH Version: 7.1p1 Hardware: ix86 OS: Linux Status: NEW

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello to every one! Maybe this is not exactly the right place, but I don't know where to ask, so... I have a FreeBSD-6-STABLE machine, setuped with custom nss lib which reads from pgsql database. It seems to be working just fine except that I can't login trought ssh, when trying the normal method. When I do $>ssh host.com tcsh I get

https://bugzilla.mindrot.org/show_bug.cgi?id=3512 Bug ID: 3512 Summary: net-misc/openssh-9.1_p1: stopped accepting connections after upgrade to sys-libs/glibc-2.36 (fatal: ssh_sandbox_violation: unexpected system call) Product: Portable OpenSSH Version: 9.1p1 Hardware: amd64 OS: Linux

hi all, can anyone help me with dovecot-sql.conf please ? I'm not a mysql expert and I'am trying to authenticate dovecot2 to an existing database. I have a database "egroupware" with table "egw_accounts". The field "account_lid" is the full email address and "account_pwd" is the password in Blowfish format. Here is my dovecot-sql.conf driver =

is it possible to crete a domu without network support hello users, Myself Dharma, new to xen,              i am trying to create a domu .I have realtek 8168SC gigabit ethernet card which is not supported by xen.it has support for rtl8169 only. is it possible to create domu without network support while i am trying to create it getting error :2049 device not found hotplug scripts missing Any