<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>RE: HP-UX PAM with Trusted System patch</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>Trusted HP-UX refers to any HP-UX running with the /tcb crap and various other security related extentions. On any of our systems from 10.20 through 11.11, you can go into SAM and choose "Convert to trusted system" or somesuch.</FONT></P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Darren Cole [<A HREF="mailto:dcole@keysoftsys.com">mailto:dcole@keysoftsys.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Tuesday, July 16, 2002 8:06 PM</FONT>
<BR><FONT SIZE=2>To: Dan Wanek; openssh-unix-dev@mindrot.org</FONT>
<BR><FONT SIZE=2>Subject: Re: HP-UX PAM with Trusted System patch</FONT>
</P>
<BR>
<P><FONT SIZE=2>The patch looks reasonable, but I don't believe Trust HP-UX has pam or at</FONT>
<BR><FONT SIZE=2>least we don't have it on our machines. I even asked around the office and</FONT>
<BR><FONT SIZE=2>no one thinks we have pam on 10.26. Are we mistaken or missing a patch? Or</FONT>
<BR><FONT SIZE=2>are you talking about something version other than Trusted HP-UX 10.26?</FONT>
<BR><FONT SIZE=2>Later version of HP-UX may have pam (I think 11i does), but I don't know of</FONT>
<BR><FONT SIZE=2>any later version of Trusted HP-UX than 10.26.</FONT>
</P>
<P><FONT SIZE=2>Darren Cole</FONT>
</P>
<P><FONT SIZE=2>----- Original Message -----</FONT>
<BR><FONT SIZE=2>From: "Dan Wanek" <dwanek@dexter.it-ias.depaul.edu></FONT>
<BR><FONT SIZE=2>To: <openssh-unix-dev@mindrot.org></FONT>
<BR><FONT SIZE=2>Sent: Tuesday, July 16, 2002 6:25 AM</FONT>
<BR><FONT SIZE=2>Subject: HP-UX PAM with Trusted System patch</FONT>
</P>
<BR>
<P><FONT SIZE=2>> I'm fairly new to the list and new to submitting patches. Can someone</FONT>
<BR><FONT SIZE=2>> please verify the attached patch for running a HP-UX Trusted System with</FONT>
<BR><FONT SIZE=2>> PAM and OpenSSH 3.4p1? The problem seemed to be that pam couldn't verify</FONT>
<BR><FONT SIZE=2>> the user via __pamh after the call to permanently_set_uid in session.c.</FONT>
<BR><FONT SIZE=2>> So I called do_pam_session prior to the call and added a function</FONT>
<BR><FONT SIZE=2>> do_pam_set_tty in order to set the tty after allocation.</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>> --</FONT>
<BR><FONT SIZE=2>> Dan Wanek</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>></FONT>
</P>
<P><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>openssh-unix-dev@mindrot.org mailing list</FONT>
<BR><FONT SIZE=2><A HREF="http://www.mindrot.org/mailman/listinfo/openssh-unix-dev" TARGET="_blank">http://www.mindrot.org/mailman/listinfo/openssh-unix-dev</A></FONT>
</P>
<CODE><FONT SIZE=3><BR>
<BR>
***********************************************************************************<BR>
WARNING: All e-mail sent to and from this address will be received or<BR>
otherwise recorded by the A.G. Edwards corporate e-mail system and is<BR>
subject to archival, monitoring or review by, and/or disclosure to,<BR>
someone other than the recipient.<BR>
************************************************************************************<BR>
</FONT></CODE></BODY>
</HTML>