search for: appgate

Displaying 20 results from an estimated 21 matches for "appgate".

2007 Oct 30
2
Patch: open port forwards from slave
...ort forwards in a slave. So I patched openssh to make it possible to add port forwards via a slave process. This is done by creating a new command which can be sent over the control connection (SSHMUX_COMMAND_FORWARD). The patch against openssh current can be downloaded (13K) from: http://www.appgate.com/downloads/maf/slavepf-current.patch I would be happy if other people found it useful and if it could make it into the official distribution. /MaF -- Martin Forssen <maf at appgate.com> Development Manager Phone: +46 31 7744361 AppGate Network Secur...
2007 Dec 13
2
SOLVED: failed to create ldlinux.sys
...fs.h> /* FIGETBSZ, FIBMAP */ @@ -372,6 +373,11 @@ usage(); /* + * Fix sigchld handling + */ + signal(SIGCHLD, SIG_DFL); + + /* * First make sure we can open the device at all, and that we have * read/write permission. */ /MaF -- Martin Forssen <maf at appgate.com> Development Manager Phone: +46 31 7744361 AppGate Network Security AB
2003 Jan 05
6
SSH v3 specs?
Has any thought toward a v3 protocol spec been discussed elsewhere, and if so what enhancements are being looked at. Is it too early to consider such things, or should we open the door to the new features a protocol update would bring? More specifically I have been investigating working toward a more enterprise-friendly hierichical authentication scheme, but I have quickly realized the
2002 Nov 22
1
forwarding to a wider audience - KbdInteractiveDevices???
Could someone provide a description of the config setting KbdInteractiveDevices And how it would be used. There is no mention of this here: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5&arch=&apropos=0&manpath=OpenBSD+Current And a quick glance of the source doesn't seem to reveal much. Thanks in advance, scott
2003 Jan 06
2
certificate in openssh
hi, we have been looking for ways to implement digital certificate authentication in openssh. Pointers to similar kind of ongoing work will be more appreciated. Thanks.
2005 Sep 08
0
Blocking the password-guessing bots
...or the last three months I see that this algorithm would have blocked approximately 98.5% of all bot-attempts. My question now is if the OpenSSH developers are interested in an implementation of this? Or would I waste my time if I ported it to standard OpenSSH? /MaF -- Martin Forssen <maf at appgate.com> Development Manager Phone: +46 31 7744361 AppGate Network Security AB
2008 Feb 14
3
ssh_exchange_identification: Connection closed by remote host
Hi, I'm getting this error when I ssh to the servers. ssh_exchange_identification: Connection closed by remote host I added /etc/hosts.allow and it actually worked once and if I tried again I get the same error. OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090702f debug1: Reading configuration data /usr/local/etc/ssh_config debug1: Rhosts Authentication disabled,
2001 Feb 08
0
BindView advisory: sshd remote root (bug in deattack.c)
...ter unsigned char *c; 8<-------------------patch for openssh-2.2.0-------------------------- Vendor Response: CORE SDI has issued their own advisory detailing fix information and has also pointed out that SSH1 clients are also vulnerable. Bjorn Gronvall - OSSH Fixed in version ossh-1.5.8 AppGate The default configuration of the AppGate server is not vulnerable since it has SSH-1 support disabled. However customers who need ssh1-support can contact support at appgate.com to get patches. Mindbright The MindTerm client does not have this vulnerability. SSH Current release 2.4.0...
2003 Apr 28
4
SFTP in Java
Hi, I have to implement SFTP using a Java program. I am looking for a package that implements a SFTP Client(preferably with sample code on usage). I need this in order to do SFTP file upload from my Java program. Any help would be appreciated. Thanks in advance. Regards, Preetha.
2001 Feb 08
0
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
...erable - SSH1 is deprecated, and not supported, upgrade to SSH2 - Nonetheless the proposed patch has been applied to the ssh-1.2.x source tree, future releases of ssh-1.2.x will have the bug closed. F-Secure SSH F-Secure SSH-1.3.x is vulnerable. Contact the vendor for a fix. AppGate The default configuration of the AppGate server is not vulnerable since it has SSH-1 support disabled. However customers who need ssh1-support can contact support at appgate.com to get patches. Mindbright The MindtTerm client does not have this vulnerability. TTSSH Not vulnerable....
2009 Feb 06
3
Hung connection over Juniper Tunnel
Hello list! So I recently reconfigured our office network to allow a permanent VPN connection to our data center. This consists of a Juniper SSG-520 connected via a tunnel to a Juniper Netscreen-25 over a 100M leased NTT VPN (yes I'm tunneling over the VPN as it's the only way to make it routable.) Here is where OpenSSH come in. When I try and ssh to a machine on the other end
2016 Jan 14
0
Fwd: Heads up: OpenSSH users
...on two systems that are CentOS 7, a server, and >> a workstation that I literally built yesterday, and grep -i on >> both reports "no, not here". > > Yes, as it's undocumented, but enabled since about 2010. FYI: https://github.com/openssh/openssh-portable/search?q=AppGate+Network+Sec urity+AB > Even OpenBSD 5.9 (pre-release, it's going to be released on May > 1st, 2016) does not mention it. > > Timo > >> mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EAREIAAYFAlaX2IIACgkQuSPmkPhAW0rh0AD+Kje8MZE5xlnK1YQlH1H7oFgK M6JOfkgiWt3gvdzO...
2003 Jan 27
0
[Bug 476] New: Privsep directory error could be improved
...proved Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: maf at appgate.com I recentry tried the cvs-version of portable openssh, but it refused to run since the privsep directory had bad owner or mode. I had to check teh code to see which owner and mode it should have. How about modifying the error to provide this information. I will attach a patch which fixes this....
2003 Jan 27
2
[Bug 476] Privsep directory error could be improved
http://bugzilla.mindrot.org/show_bug.cgi?id=476 ------- Additional Comments From maf at appgate.com 2003-01-27 20:30 ------- Created an attachment (id=209) --> (http://bugzilla.mindrot.org/attachment.cgi?id=209&action=view) Improves the error message ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2010 Jun 08
2
OpenSSH with "resumable" functionality
I just stumbled across this thread on openssh-dev... Is there anywhere to track progress on this issue? It'd be a fantastic feature that would fix all sorts of problems I deal with regularly. You may also be interested in an article "Design and Implementation of a Mobile SSH Protocol", if you haven't seen it, since that team implemented (afaict) the same feature, whether or not
2002 Feb 13
8
[Bug 112] Using host key fingerprint instead of "yes"
http://bugzilla.mindrot.org/show_bug.cgi?id=112 ------- Additional Comments From dan at doxpara.com 2002-02-13 11:43 ------- Heh, I kinda like that. You should update the yes/no prompt to say that pasting the expected host key will result in appropriate testing, as well as providing some sort of error if the remote side *doesn't* match the key pasted in. I hadn't thought of cut
2016 Jan 14
10
Fwd: Heads up: OpenSSH users
Probably worth a read... http://www.openssh.com/txt/release-7.1p2 > Important SSH patch coming soon. For now, everyone on all operating > systems, please do the following: > > Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" > to prevent upcoming #openssh client bug CVE-2016-0777. More later. echo "UseRoaming no" >>
2015 May 23
5
Name based SSH proxy
...5-05-23 12:58:12.193450191 +0200 @@ -147,7 +147,7 @@ roaming_resume(void) resume_in_progress = 1; /* Exchange banners */ - ssh_exchange_identification(timeout_ms); + ssh_exchange_identification(timeout_ms, ""); packet_set_nonblocking(); /* Send a kexinit message with resume at appgate.com as only kex algo */ diff -up openssh-6.6p1/sshconnect.c.original openssh-6.6p1/sshconnect.c --- openssh-6.6p1/sshconnect.c.original 2015-05-23 11:56:55.235217137 +0200 +++ openssh-6.6p1/sshconnect.c 2015-05-23 13:43:41.426983727 +0200 @@ -515,12 +515,13 @@ ssh_connect(const char *host, struct a...
2001 Apr 26
0
Yet Another Compatibility Fix (SSH_MSG_CHANNEL_OPEN_FAILURE)
Hi, SSH.COM/F-Secure version 2.0.xx sends/receives SSH_MSG_CHANNEL_OPEN_FAILURE packets without the additional two strings (additional info/language tag) - I think the SecSH drafts at that time didn't have those two strings. Possibly some other implementations have this problem too. Anyway, a fix for OpenSSH (against latest cvs tree) is included. (This has been partially fixed before in
2001 Oct 21
1
Converting old F-Secur SSH-keys
Hi, I just tries to convert an old ssh2 dsa-key generated by F-Secure SSH in 1998. The problem is that the base64-encoding of this key is bad. They key works just fine when using F-Secure SSH but openssh will not convert it. My question now is if people think it is worth fixing this, and if it is where should it be fixed? One could either fixed the base64-routines to be more tolerant, but that