I have made available three patches for OpenSSH 2.5.1p1 (and 2.3.0p1), two of which may be of general interest. They are described in detail at http://www.ex-parrot.com/~chris/openssh-patches/ but a brief description-- http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-keepalives.patch modifies the code in clientloop.c to periodically send a null packet as a keepalive; this is handy if you use OpenSSH across linux masquerading routers or other routers which time out TCP connections. This is done by sending a packet of type 0 every three minutes, which seems to work OK -- should I expect this to cause any issues/problems? http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-better-reserved-ports.patch modifies the OpenBSD compatibility code to allocate reserved ports by counting downwards from 1023, useful if your firewall only allows a small set of ports near 1023 to be used for outgoing connections. (I believe this was discussed a few months ago on this list.) (less likely to be of general interest) http://www.ex-parrot.com/~chris/openssh-patches/openssh-2.5.1p1-accounting.patch modifies various code in the server to log the amount of traffic used by SSH sessions; perhaps useful if your provider bills you for bandwidth and you aren't in a position to install per-user accounting patches to your operating system. (This one is messy and I do not advertise it as an example of good coding practice :) ) -- Chris Lightfoot -- www.ex-parrot.com/~chris/ I can see clearly now the rain has gone/ But it looks like someone's going to drop the bomb (Alice What's The Matter, Terrorvision)