I have made available three patches for OpenSSH
2.5.1p1 (and 2.3.0p1), two of which may be of
general interest.
They are described in detail at
http://www.ex-parrot.com/~chris/openssh-patches/
but a brief description--
http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-keepalives.patch
modifies the code in clientloop.c to
periodically send a null packet as a keepalive;
this is handy if you use OpenSSH across linux
masquerading routers or other routers which time
out TCP connections. This is done by sending a
packet of type 0 every three minutes, which
seems to work OK -- should I expect this to
cause any issues/problems?
http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-better-reserved-ports.patch
modifies the OpenBSD compatibility code to
allocate reserved ports by counting downwards
from 1023, useful if your firewall only allows a
small set of ports near 1023 to be used for
outgoing connections. (I believe this was
discussed a few months ago on this list.)
(less likely to be of general interest)
http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-accounting.patch
modifies various code in the server to log the
amount of traffic used by SSH sessions; perhaps
useful if your provider bills you for bandwidth
and you aren't in a position to install per-user
accounting patches to your operating system.
(This one is messy and I do not advertise it as
an example of good coding practice :) )
--
Chris Lightfoot -- www.ex-parrot.com/~chris/
I can see clearly now the rain has gone/
But it looks like someone's going to drop the bomb
(Alice What's The Matter, Terrorvision)
