search for: ask_permission

Displaying 8 results from an estimated 8 matches for "ask_permission".

2008 Jun 19
5
Portforwarding using the control master.
Hi all, currently I am considering writing a patch for OpenSSH that will allow portforwarding using the control_master unix domain socket. The idea is to introduce an extra SSHMUX command, SSHMUX_COMMAND_SOCKS, which will then pass control to the normal socks functions used for dynamic forwarding. The main reason for me to write this patch are: - some more control over who gets to connect to
2010 Jan 12
2
[patch] Automatically add keys to agent
...9;'. The default is ``no''. Having more knobs isn't really useful, IMHO. Default lifetime is configurable via ssh-agent(1)'s -t flag, and if you want to confirm each key use you should be willing to live without this convenience feature. By the way, are there plans to replace ask_permission() (also used for other "ask" type options, e.g. ControlMaster) by something a little more user-friendly? Having to type "yes" works, but isn't exactly elegant. (Not volunteering here, I know nothing about X.) Please be gentle, but inspect thoroughly, as this is my first pa...
2009 Jul 08
4
Feature request: "SetupCommand" invoked before connecting
Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which
2014 Apr 24
4
[Bug 2236] New: ssh-agent: fix unintended UNIX-domain socket removal
...y: P5 Component: ssh-agent Assignee: unassigned-bugs at mindrot.org Reporter: ldv at altlinux.org Created attachment 2432 --> https://bugzilla.mindrot.org/attachment.cgi?id=2432&action=edit proposed fix ssh-agent sometimes forks child processes. For example, ask_permission() may fork a child process to execute an askpass program. If it fails to execute, the child process exits using fatal(), which in turn calls cleanup_exit(), and the latter calls cleanup_socket(). As result, an error in child process causes unintended UNIX-domain socket removal. The fix is to reco...
2010 Jan 14
1
ssh(1) multiplexing rewrite
...ic int +process_mux_master_hello(struct mux_master_state *state, Channel *c, + Buffer *m, Buffer *r) +{ + u_int ver; - switch (mux_command) { - case SSHMUX_COMMAND_OPEN: - if (options.control_master == SSHCTL_MASTER_ASK || - options.control_master == SSHCTL_MASTER_AUTO_ASK) - allowed = ask_permission("Allow shared connection " - "to %s? ", host); - /* continue below */ - break; - case SSHMUX_COMMAND_TERMINATE: - if (options.control_master == SSHCTL_MASTER_ASK || - options.control_master == SSHCTL_MASTER_AUTO_ASK) - allowed = ask_permission("Terminate sha...
2006 Aug 25
2
RFC: non-root ssh tun access
...tun_open(int tun, int mode) +{ struct ifreq ifr; char name[100]; int fd = -1, sock; diff -Nurd openssh-4.3p2.orig/misc.h openssh-4.3p2/misc.h --- openssh-4.3p2.orig/misc.h 2006-01-31 05:49:28.000000000 -0500 +++ openssh-4.3p2/misc.h 2006-08-25 09:01:57.000000000 -0400 @@ -55,7 +55,11 @@ int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); -int tun_open(int, int); +#if defined(SSH_TUN_LINUX) +int tun_open(int, int, uid_t); +#else +int tun_open(int, int); +#endif /* Common definitions for ssh tun...
2007 Sep 07
0
Public key reading abstraction (to allow future work)
...file into a static buffer, discarding * lines that exceed the buffer size. Returns 0 on success, -1 on failure. */ === modified file 'misc.h' --- misc.h 2007-07-30 09:54:36 +0000 +++ misc.h 2007-08-02 12:12:51 +0000 @@ -85,6 +85,7 @@ char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); +FILE *open_keyfile(const char *, struct passwd *, int); int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); #endif /* _MISC_H */
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...return (id); } return (NULL); @@ -218,7 +266,7 @@ confirm_key(Identity *id) char *p; int ret = -1; - p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); + p = sshkey_fingerprint(id->idkey->key, fingerprint_hash, SSH_FP_DEFAULT); if (p != NULL && ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) @@ -256,14 +304,14 @@ process_request_identities(SocketEntry * (r = sshbuf_put_u32(msg, tab->nentries)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); TAILQ_FOREACH(id, &tab->...