Displaying 20 results from an estimated 74 matches for "acceptenv".
2013 Oct 14
1
Provide AcceptEnv variables to a Linux PAM module?
I've been looking for a while and can't figure out for sure if variables
allowed by AcceptEnv are readable by a PAM module. I looked through the
openssh source code and found a few calls to pam_putenv(), which looks
like the relevant call, but I don't see anything that would copy over
AcceptEnv variables. Am I correct that the variables are not available
to PAM? I'm guessing...
2014 Jun 10
1
any concerns about including TZ in AcceptEnv
Hi OpenSSH folks--
this is more of a configuration question than a development question, i
think, but:
Are there any caveats worth being aware of about including the TZ
variable in AcceptEnv for sshd_config by default?
I don't see any particular risk, but if there are gotchas people know
about, i'd be happy to be made aware of them.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signatu...
2015 Feb 26
2
Samba4 SSH SSSD-AD Problem
...following sshd_config:
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
GSSAPIStrictAcceptorCheck no
GSSAPIStoreCredentialsOnRekey yes
UsePAM yes
X11Forwarding yes
UseDNS no
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
/etc/pam.d/sshd directs to the default pam.d configurations.
--
Viele Gr??e
Andreas Hauffe
2016 Oct 10
4
[Bug 2624] New: ListenAddress and Port directives only accept a single value
...m
There are several directives that allow multiple values to be
configured. This is mostly done by space or comma separating them.
The ListenAddress and Port directives however accept only a single
value.
In order to configure multiple values, the directive should be used
multiple times.
Consider AcceptEnv:
"Multiple environment variables may be separated by whitespace or
spread across multiple AcceptEnv directives".
If the configuration was done like AcceptEnv it would not break current
configs, and the inconsistency would be fixed.
FYI the reason I'm looking to have this patched...
2008 Nov 19
1
HELPA
..._host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
SyslogFacility AUTHPRIV
#LogLevel INFO
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE
LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL X11Forwarding yes
Subsystem sftp /usr/libexec/openssh/sftp-server
192.168.0.2 (copssh) sshd_conf:
Protocol 2
SyslogFacility AUTH...
2008 Jul 26
0
Still no joy: no X11 protocols
...NETARY LC_MESSAGES
> SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
> SendEnv LC_IDENTIFICATION LC_ALL
> /etc/ssh/sshd_config
> Protocol 2
> PasswordAuthentication no
> UsePAM yes
> X11Forwarding yes
> Subsystem sftp /usr/lib64/ssh/sftp-server
> AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
> AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
> AcceptEnv LC_IDENTIFICATION LC_ALL
And then from home:
> /etc/ssh/ssh_config
> Host *
> ForwardX11Trusted yes
> Protocol 2
> SendEnv L...
[Bug 2386] New: TERM env variable is always accepted by sshd, regardless the empty AcceptEnv setting
2015 Apr 17
12
[Bug 2386] New: TERM env variable is always accepted by sshd, regardless the empty AcceptEnv setting
https://bugzilla.mindrot.org/show_bug.cgi?id=2386
Bug ID: 2386
Summary: TERM env variable is always accepted by sshd,
regardless the empty AcceptEnv setting
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
Re...
2023 Mar 02
2
Multiple AllowGroup lines in sshd_config?
Hi!
I'm experimenting with migrating the custom sshd_config settings for our
(Debian bullseye, openssh-server 8.4) server environment into fragments
under sshd_config.d/, and am wondering about sshd's behaviour when
encountering multiple AllowGroup lines.
The manual states "For each keyword, the first obtained value will be
used.", so that gives me the impression that any
2010 Mar 31
2
Sending PATH using SendEnv
Hi
I thought this was something that might concern the developers so I thought I'd post here. Apologies in advance if that's not the case.
I'm setting up a CentOS cluster with OpenSSH_4.3p2 which uses ssh to launch processes on the remote nodes. I'm trying to use the SendEnv/AcceptEnv functionality to send the PATH environment variable from the headnode when users are launching jobs on remote nodes, since everything is cross-mounted and therefore in the same place. However, for some reason it's being overwritten on the remote nodes with some kind of default value, which I a...
2007 Jul 29
38
[Bug 1346] New: PAM environment takes precedence over SendEnv
...dubacq1 at free.fr
Created an attachment (id=1332)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1332)
client-sent environment overrides PAM-read environment
This bug has been reported and discussed in the Debian BTS, see bugs
#313317 and #408029 there.
The environment variables sent by AcceptEnv/SendEnv functionalities
should take precedence over PAM variable settings, especially for
locale and terminal related settings (or commands that are
locale-sensitive or terminal sensitive might give incomprehensible
gibberish as output to the user). TERM is already managed in a special
way, but not...
2014 May 16
2
? about portable version of sshd crashing
...etting ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config:111 setting UsePAM no
/etc/ssh/sshd_config line 111: Unsupported option UsePAM
debug3: /etc/ssh/sshd_config:116 setting X11Forwarding no
debug3: /etc/ssh/sshd_config:129 setting UseDNS no
debug3: /etc/ssh/sshd_config:140 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC
LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
debug3: /etc/ssh/sshd_config:141 setting AcceptEnv LC_PAPER LC_NAME
LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
debug3: /etc/ssh/sshd_config:142 setting AcceptEnv LC_IDENTIFICATION LC_ALL
LANGUAGE
debug3: /etc/ssh/sshd_config:143 settin...
2013 Apr 04
1
Using "root" Type User Via Forwarding-SSH-Tunnel Inside Non-Root SSH Connection
...to this:
# File: /etc/ssh/sshd_config
port NNN10
protocol 2
SyslogFacility AUTHPRIV
AllowUsers non-root root at 127.0.0.1 administrator at 127.0.0.1
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
X11Forwarding no
Banner /etc/issue.net
Subsystem sftp /usr/libexec/openssh/sftp-server
# End of File...
2014 Sep 24
11
[Bug 2282] New: When group member count exceeds 126, config reliant fails
https://bugzilla.mindrot.org/show_bug.cgi?id=2282
Bug ID: 2282
Summary: When group member count exceeds 126, config reliant
fails
Product: Portable OpenSSH
Version: 5.3p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sftp-server
2008 Jul 23
10
[Bug 1490] New: sshd -T reports a string of UNKNOWNs
...legeseparation yes
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
authorizedkeysfile .ssh/authorized_keys
authorizedkeysfile2 .ssh/authorized_keys2
loglevel INFO
syslogfacility AUTH
hostkey /etc/openssh/ssh_host_key
hostkey /etc/openssh/ssh_host_rsa_key
hostkey /etc/openssh/ssh_host_dsa_key
acceptenv DISPLAY
acceptenv X_ORIGINATING_HOST
acceptenv LANG
acceptenv LC_*
subsystem sftp /usr/libexec/sftp-server
maxstartups 10:100:10
permittunnel no
permitopen
Bringing the UNKNOWNs into greater clarity with a few debugging
printf()s (the number is the opcode number, of course):
UNKNOWN opcode name(1...
2008 Jul 23
10
[Bug 1490] New: sshd -T reports a string of UNKNOWNs
...legeseparation yes
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
authorizedkeysfile .ssh/authorized_keys
authorizedkeysfile2 .ssh/authorized_keys2
loglevel INFO
syslogfacility AUTH
hostkey /etc/openssh/ssh_host_key
hostkey /etc/openssh/ssh_host_rsa_key
hostkey /etc/openssh/ssh_host_dsa_key
acceptenv DISPLAY
acceptenv X_ORIGINATING_HOST
acceptenv LANG
acceptenv LC_*
subsystem sftp /usr/libexec/sftp-server
maxstartups 10:100:10
permittunnel no
permitopen
Bringing the UNKNOWNs into greater clarity with a few debugging
printf()s (the number is the opcode number, of course):
UNKNOWN opcode name(1...
2023 Jun 30
1
Subsystem sftp invoked even though forced command created
On 30/06/2023 09:56, Damien Miller wrote:
> It's very hard to figure out what is happening here without a debug log.
>
> You can get one by stopping the listening sshd and running it manually
> in debug mode, e.g. "/usr/sbin/sshd -ddd"
Or starting one in debug mode on a different port, e.g. "-p99 -ddd"
2013 Sep 13
1
openssh (6.2p2), inherit host environment variables to subsystem sftp-server process
Hi,
is there a regular way that a subsystem process (sftpserver
here) inherits environment variables from its parent (sshd)?
Namely LANG and LC_* variables.
In my case it's important to get the variable of hosting
environment and not from client side (AcceptEnv).
Regards
Martin
--
Registered Linux User #87175, http://linuxcounter.net
2006 Nov 12
2
Client options to server
Hi,
I'm using openssh 4.4
I'm trying to develop a new SSH appliance, but I need some parameters
from client.
In client I setup new record in the structure options that I think are
passed to server.
Where is the structure of the server where stored client options?
Thanks
--
Vincenzo Sciarra
2008 Aug 13
3
[Bug 1504] New: Allow the user to change the environment in a secure way
https://bugzilla.mindrot.org/show_bug.cgi?id=1504
Summary: Allow the user to change the environment in a secure
way
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs
2015 Oct 30
5
Centos 6: language mess with ssh
Thank you for you help.
I tried your tips but the problem remains. Example:
$ echo "SendEnv LANG LC_ALL" > ~/.ssh/config
$ LANG=C; export LANG; LC_ALL=C; export LC_ALL
$ ssh aa at quercy
You are required to change your password immediately (root enforced)
Last login: Fri Oct 30 15:02:34 2015 from quercy
WARNING: Your password has expired.
You must change your password now and login