Displaying 8 results from an estimated 8 matches for "ask_permission".
2008 Jun 19
5
Portforwarding using the control master.
Hi all,
currently I am considering writing a patch for OpenSSH that will allow
portforwarding using the control_master unix domain socket. The idea is
to introduce an extra SSHMUX command, SSHMUX_COMMAND_SOCKS, which will
then pass control to the normal socks functions used for dynamic
forwarding.
The main reason for me to write this patch are:
- some more control over who gets to connect to
2010 Jan 12
2
[patch] Automatically add keys to agent
...9;'. The default is ``no''.
Having more knobs isn't really useful, IMHO. Default lifetime is
configurable via ssh-agent(1)'s -t flag, and if you want to confirm each
key use you should be willing to live without this convenience feature.
By the way, are there plans to replace ask_permission() (also used for
other "ask" type options, e.g. ControlMaster) by something a little
more user-friendly? Having to type "yes" works, but isn't exactly
elegant. (Not volunteering here, I know nothing about X.)
Please be gentle, but inspect thoroughly, as this is my first pa...
2009 Jul 08
4
Feature request: "SetupCommand" invoked before connecting
Hi,
(I'm not subscribed to the list, so please CC me on reply.)
I'd like to request adding a feature to OpenSSH:
Task:
~~~~~
It is quite sometime useful to invoke a program prior to connecting to
an ssh server. The most common use case will probably be port knocking.
That is a small program sends certain packets to a server and the server
reacts to this by unlocking the ssh port, which
2014 Apr 24
4
[Bug 2236] New: ssh-agent: fix unintended UNIX-domain socket removal
...y: P5
Component: ssh-agent
Assignee: unassigned-bugs at mindrot.org
Reporter: ldv at altlinux.org
Created attachment 2432
--> https://bugzilla.mindrot.org/attachment.cgi?id=2432&action=edit
proposed fix
ssh-agent sometimes forks child processes. For example,
ask_permission() may fork a child process to execute an askpass
program.
If it fails to execute, the child process exits using fatal(), which in
turn calls cleanup_exit(), and the latter calls cleanup_socket(). As
result, an error in child process causes unintended UNIX-domain socket
removal. The fix is to reco...
2010 Jan 14
1
ssh(1) multiplexing rewrite
...ic int
+process_mux_master_hello(struct mux_master_state *state, Channel *c,
+ Buffer *m, Buffer *r)
+{
+ u_int ver;
- switch (mux_command) {
- case SSHMUX_COMMAND_OPEN:
- if (options.control_master == SSHCTL_MASTER_ASK ||
- options.control_master == SSHCTL_MASTER_AUTO_ASK)
- allowed = ask_permission("Allow shared connection "
- "to %s? ", host);
- /* continue below */
- break;
- case SSHMUX_COMMAND_TERMINATE:
- if (options.control_master == SSHCTL_MASTER_ASK ||
- options.control_master == SSHCTL_MASTER_AUTO_ASK)
- allowed = ask_permission("Terminate sha...
2006 Aug 25
2
RFC: non-root ssh tun access
...tun_open(int tun, int mode)
+{
struct ifreq ifr;
char name[100];
int fd = -1, sock;
diff -Nurd openssh-4.3p2.orig/misc.h openssh-4.3p2/misc.h
--- openssh-4.3p2.orig/misc.h 2006-01-31 05:49:28.000000000 -0500
+++ openssh-4.3p2/misc.h 2006-08-25 09:01:57.000000000 -0400
@@ -55,7 +55,11 @@
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
-int tun_open(int, int);
+#if defined(SSH_TUN_LINUX)
+int tun_open(int, int, uid_t);
+#else
+int tun_open(int, int);
+#endif
/* Common definitions for ssh tun...
2007 Sep 07
0
Public key reading abstraction (to allow future work)
...file into a static buffer, discarding
* lines that exceed the buffer size. Returns 0 on success, -1 on failure.
*/
=== modified file 'misc.h'
--- misc.h 2007-07-30 09:54:36 +0000
+++ misc.h 2007-08-02 12:12:51 +0000
@@ -85,6 +85,7 @@
char *read_passphrase(const char *, int);
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
+FILE *open_keyfile(const char *, struct passwd *, int);
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
#endif /* _MISC_H */
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...return (id);
}
return (NULL);
@@ -218,7 +266,7 @@ confirm_key(Identity *id)
char *p;
int ret = -1;
- p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT);
+ p = sshkey_fingerprint(id->idkey->key, fingerprint_hash, SSH_FP_DEFAULT);
if (p != NULL &&
ask_permission("Allow use of key %s?\nKey fingerprint %s.",
id->comment, p))
@@ -256,14 +304,14 @@ process_request_identities(SocketEntry *
(r = sshbuf_put_u32(msg, tab->nentries)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
TAILQ_FOREACH(id, &tab->...