February 2001 - openSUSE Security - openSUSE Mailing Lists

openssh
by omicron 27 Feb '01

27 Feb '01

hi i'm using openssh , and i want to know how i can login to a remote computer from mine ( which has a dialup connection -- dynamic ip, but with a dyndns.org hostname) without being asked for a password. i used ssh-keygen to generate both dsa & rsa keys and i put the pub keys in the remote computer's ~/.ssh/authorized_keys2 & ~/.ssh/authorized_keys, but it still is asking for a password. What have i done wrong ? regard omicron -- ****** An optimist sees light at the end of every tunnel. A pessimist fears it might be of an incoming train. omicron(a)omicron.dyndns.org omicron.symonds.net C O G I T O E R G O S U M ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

6 5

RE: [suse-security] openssh
by Reckhard, Tobias 27 Feb '01

27 Feb '01

Hello all. > i'm using openssh , and i want to know how i can login to a remote > computer from mine ( which has a dialup connection -- dynamic ip, but with a > dyndns.org hostname) without being asked for a password. i used ssh-keygen to > generate both dsa & rsa keys and i put the pub keys in the remote computer's > ~/.ssh/authorized_keys2 & ~/.ssh/authorized_keys, but it still is asking for > a password. What have i done wrong ? There are several questions here: 1. What password is it asking of you? The RSA and DSA private keys usually have a passphrase associated with them, which the SSH client will ask of you. 2. Have you configured client and server for RSA and/or DSA authentication? 3. Are the SSH client user's public keys in ~/.ssh/authorized_keys[2] in the correct format? Are the permissions on the files correct? Are the filenames correct? IMHO, the best way to discover what the real problem is, is to call sshd with the -d option on the SSH server and use 'ssh -v -v' on the client, monitoring the result. That way, you can trace just about everything that happens on the client as well as the server. This should help you find the cause of your problem. HTH Tobias

2 1

InterScan eManager Content Management Notification! (VBS Type Filter) (fwd)
by Roman Drahtmueller 27 Feb '01

27 Feb '01

This is funny. Couldn't stand seeing you die without having seen it... It complains about my rc.status mail... Roman. ---------- Forwarded message ---------- From: ContentMaster(a)grohe.at To: draht(a)suse.de Date: Mon, 26 Feb 2001 14:25:36 +0100 Subject: InterScan eManager Content Management Notification! (VBS Type Filter) ******Message from InterScan E-Mail VirusWall NT****** The following mail was blocked by InterScan eManager Content Management. Source mailbox: <draht(a)suse.de> Destination mailbox(es): <ml(a)lofl.de>,<suse-security(a)suse.com> Policy: VBS Type Filter Action: Quarantine ContentMaster(a)GROHE.AT has encountered an EMail containing potentially dangerous VBS and acted accordingly. ******************* End of message *******************

6 7

Missing anouncements?
by Frank Steiner 27 Feb '01

27 Feb '01

Hi, just checked the "Patches, Updates, Bugfixes" webpage of suse.de for SuSE 6.4 and was quite surprised to find 23 updates marked as security updates for January and February, while the security-announce mailing list contains only 4 announcements for Jan/Feb, although some of the updates are already quite old like cron or gnuserv. Is there some special reason for that big discrepancy? Best regards, Frank -- Dipl.-Inform. Frank Steiner mailto:fst@informatik.uni-kiel.de Lehrstuhl f. Programmiersprachen mailto:fsteiner@web.de CAU Kiel, Olshausenstraße 40 Phone: +49 431 880-7265, Fax: -7613 D-24098 Kiel, Germany http://www.informatik.uni-kiel.de/~fst/

1 0

ssh and saint... and popper
by Gediminas Grigas 26 Feb '01

26 Feb '01

Hello, Saint says: "ssh versions 1.2.27 and earlier if compiled with the --with-rsaref option are vulnerable." ... "This problem can be fixed by upgrading to ssh-1.2.28. If this is not possible, then install the ssh patch " Suse has latest patch which produces ssh-1.2.27-209 for SuSE 6.3/6.4 (this version was uploaded 15/Feb or so.) So i thought it looks like brand new vulnerability... The only link given to 1.2.28 sources is on ftp://ftp.cs.hut.fi/pub/ssh/ which seems does not allow anonymous users... I would prefer rpm, becouse i have one machine without any sources due low HDD space, so it couldnt compile at all - but rpmfind did not find any 1.2.28. Oh well i would compile sources on other suse 6.3 machine, only if i could get them. So my question would be: is it new ssh bug, and no vendors yet developed patch, or theres some mess with versions and saint? Where i could get sources of ssh-1.2.28? P.S. The saint i downloaded today - so it should be up to date P.P.S. Saint also finds complains on popper, even althought i patched it on last suse rpm update (pop-99.11.2-5) it seems provaides qpop 2.53, so i got sources from eudora.com and upgraded popper to 3.1.2 (what a version jump?!) QUALCOMM`s note on this: Security Vulnerability Some versions of Qpopper are vulnerable to buffer overruns. Qpopper 2.41 and older can be used to obtain root access to your system. Qpopper 2.53 and older may permit an attacker who has access to a valid account to obtain a shell with group-id 'mail', potentially allowing read/write access to all mail. All users of Qpopper are urged to upgrade to the current version. :( Sincerely Yours, Gediminas Grigas mailto:gedas@kryptis.lt

4 4

Re: [suse-security] SuSE 7.1 - firewall
by Ernst Koch 26 Feb '01

26 Feb '01

>On the installation we have the following problem: >the first time the firewall script runs the Network is not up so >we only get an error message. > > >Can someone tell me if this is normal or how I can fix this. I have got the same problem. How can I start the firewall *after* the network (ippp0) was started? Regards Ernst -- Sent through GMX FreeMail - http://www.gmx.net

7 6

Strange log-entry
by Ralf Ronneburger 26 Feb '01

26 Feb '01

Hi, when I read my logs today to check out, what's been going on in the last two days while I was gone, I found the following : Feb 25 18:45:57 network identd[9199]: request_thread: read(11, ..., 1023) failed: Connection reset by peer Feb 25 18:45:57 network xinetd[390]: service ftp, accept: Connection reset by peer (errno = 104) Feb 25 18:45:57 network Waiting[409]: Service_connection: accept on listening socket failed - Resource temporarily unavailable My box is a normal workstation with an IP not know publically. Does anyone know, what someone was trying to do? Any help is apreciated! Thanks, Ralf Ronneburger

1 0

about teh cookies problems someone was mentioning///
by jfweber＠eternal.net 26 Feb '01

26 Feb '01

******* Where does a newborn go from here? The Net is Vast, and Infinate...******** whelp guys, Here's how I solved the cookies problems evne on windwoes! make the cookie file "read only" It works pretty well, even for MSN sites. apparenlty thier computer tries to write to your hard drive and thinks , since it sent the message that it must have worked, or if they get an error message they dont keep trying, either way is ok by moi! It only annoys my users a little bit, I have them surf to evey "personalised" site they have and setup personalisations, before I make the file read only.. and then tell they they dont have any more alloted space to do more, unless they want to delete some??? <evil grin> and on a really other topic: since I cant even get an email reply out of Suse US; phone tree never has a human pick up I went ot Best Buy , which so many of you have touted, and got suse7.1 pro for $49 !!! I am about to log out of this y'ar windwos and get into serious installation mode ... Blondely, j afterthought--- Clinton has replaced the military salute with a wink.

1 0

Seawall
by Togan Muftuoglu 26 Feb '01

26 Feb '01

Hi everyone, Does any one use Seawall firewall package ? If do whart are the likes/dislikes pros/cons TIA -- Togan Muftuoglu

1 0

Re: [suse-security] openssh
by Nix 26 Feb '01

26 Feb '01

At 05:28 PM 25/02/2001, you wrote: >hi > i'm using openssh , and i want to know how i can login to a remote >computer from mine ( which has a dialup connection -- dynamic ip, but with a >dyndns.org hostname) without being asked for a password. i used ssh-keygen to >generate both dsa & rsa keys and i put the pub keys in the remote computer's >~/.ssh/authorized_keys2 & ~/.ssh/authorized_keys, but it still is asking for >a password. What have i done wrong ? Are you running ssh-agent on your workstation?? --- Nix - nix(a)susesecurity.com http://www.susesecurity.com

2 1