search for: astoorian

Displaying 20 results from an estimated 24 matches for "astoorian".

2001 Sep 28
3
OpenSSH (portable) and entropy gathering
On Thu, 27 Sep 2001 20:41:05 EDT, Damien Miller writes: > On Thu, 27 Sep 2001, Dan Astoorian wrote: > > > > > It would (IMHO) be useful if there were a way to optionally configure > > that code to fall back to the internal entropy gathering routines in the > > event that EGD was not available; as it is, the routines simply fail if > > EGD is unavailable a...
2001 Oct 16
2
Solaris 2.5.1 dirname() bug in libgen.a affects OpenSSH2.9.9p2 auth.c
...tory has been reached. If pw->pw_dir contains a nonstandard construction (e.g., symbolic links, extra slashes within the path, or something else that might be changed by realpath()), the code might continue to walk upwards past the user's home directory. Thanks for your attention, -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2001 Oct 24
1
Config file semantics change intentional?
...uot;ForwardX11" option for a particular host when it was specified in the global client config file for all hosts.) Is this a deliberate change, and the man page hasn't been updated? Or should ssh.c be corrected to read the system-wide config file after the per-user config file? -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2003 Sep 25
2
unexpected change in "locked account" behaviour
...checked whether there are other places in the code where options.use_pam has side effects that could be affected by the change in the default. If other people who compile OpenSSH without PAM support have similar problems, this might be helpful to know. Is this a known behaviour? Thanks, -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2001 Dec 27
2
sftp-server and chroot
Hi, It's a shame that the sshd/sftp-server programs do not support chroot and sftp-only users. As far as I can tell, there's a patch availble that modifies OpenSSH to chroot() based on a specific entry in /etc/passwd. Since, I personally, do not enjoy applying unofficial patches to released programs, I was looking for an alternative but found none. I've written a small sample
2001 Nov 06
1
Entropy and DSA key
On Tue, 6 Nov 2001, Dan Astoorian wrote: > Date: Tue, 6 Nov 2001 13:23:58 -0500 > From: Dan Astoorian <djast at cs.toronto.edu> > To: Dave Dykstra <dwd at bell-labs.com> > Cc: Ed Phillips <ed at UDel.Edu> > Subject: Re: Entropy and DSA key > > On Tue, 06 Nov 2001 10:54:12 EST, Dave Dykstra wr...
2002 Jan 22
4
ssh-rand-helper
...tes from PRNGD if successful output(bytes) Note that the seedfile is always read and written if USE_CMDS is defined even if the entropy comes from PRNGD, so that there's a good seedfile available in case PRNGD goes away. Would a patch (or rewrite) to implement this be welcome? -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2001 Nov 15
1
X11 cookies and forwarding (fwd)
On Thu, 15 Nov 2001, Dan Astoorian wrote: > Date: Thu, 15 Nov 2001 16:09:20 -0500 > From: Dan Astoorian <djast at cs.toronto.edu> > To: Ed Phillips <ed at UDel.Edu> > Subject: Re: X11 cookies and forwarding > > On Thu, 15 Nov 2001 15:46:22 EST, Ed Phillips writes: > > I'm guess I wasn't f...
2000 Nov 08
1
openssh-2.3.0p1 bug: vsprintf("%h") is broken
...notes: sshconnect.c line 59 (ssh_proxy_connect()) *may* suffer from the same bug: snprintf(strport, sizeof strport, "%hu", port); Please let me know if you require further details. Thanks, -- People shouldn't think that it's better to have Dan Astoorian loved and lost than never loved at all. It's Sysadmin, CSLab not, it's better to have loved and won. All djast at cs.toronto.edu the other options really suck. --Dan Redican
2001 Oct 22
2
configure changes
...to work. Due to much demand, I have added optional PATH to --with-pcre, --with-zlib, and --with-tcp-wrappers. I have done extensive testin on --with-zlib, and --with-tcp-wrappers. Please test --with-pcre. (I don't use it here) I have added a test for broken dirname() on Solaris 2.5.1 by Dan Astoorian <djast at cs.toronto.edu>. Dan please test. I've added a better socklen_t test by albert chin (china at thewrittenword.com) (This is cool. Thanks Albert) Do a tail on config.h after running configure and make sure it does the right thing on your platform. The changes are in CVS now. A n...
2002 Oct 11
2
[Bug 413] New: Port forwarding: [localhost:]localport:remotehost:remoteport
http://bugzilla.mindrot.org/show_bug.cgi?id=413 Summary: Port forwarding: [localhost:]localport:remotehost:remoteport Product: Portable OpenSSH Version: older versions Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:
2001 Nov 08
0
entropy.c patch to avoid unnecessary reading of /dev/urandom
This one-line patch prevents OpenSSH from depleting entropy unnecessarily from /dev/urandom when the OpenSSL library acquires its own entropy. Without this patch OpenSSH opens /dev/urandom and reads 32 bytes, and then OpenSSL opens it again and reads an additional 20. -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2001 Dec 10
2
pubkey auth with NFS home on AIX
can someone confirm this: http://bugzilla.mindrot.org/show_bug.cgi?id=29 Authentication refused: realpath /home/user/.ssh/authorized_keys failed: The file access permissions do not allow the specified action.
2002 Jan 25
1
bug in readconf.c
Hi, there is a tiny bug in readconf.c: options->use_privileged_port is always set to 0 regardless of whether -P is specified or not. This has the effect that RhostsAuthentication is disabled even if "RhostsAuthentication yes" is specified. The (trivial) patch is appended below. Martin ======================================================================== Martin Siegert Academic
2002 Nov 21
3
[Bug 413] Port forwarding: [localhost:]localport:remotehost:remoteport
http://bugzilla.mindrot.org/show_bug.cgi?id=413 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sjc at makalumedia.com ------- Additional Comments From markus at openbsd.org 2002-11-22 09:48 ------- *** Bug 441 has been marked as
2002 Dec 10
1
Problem with Openssh3.5
Hello I have compiled Openssh3.5 on Solaris 2.6 It works well on 2.6, 2.7 and solaris 8 but on solaris 8 it try to log in /var/adm/wtmp file and it dose not exist. What can I do to fix this. Read something about "build sol" insted of "configure"....but where do i find information about this command (build sol). Mail me on: daniel.d.olsson at telia.se Thanks
2001 Jun 21
0
Bug: OpenSSH (port.) daemon sets $MAIL incorrectly on Solaris (others?)
...skier, in that it makes the (possibly unfounded) assumption that if MAILDIR is defined on a platform, it will always have a trailing slash, but that _PATH_MAILDIR never will; the first solution adapts to whatever is provided. Please let me know if you require further information. Thanks, -- Dan Astoorian People shouldn't think that it's better to have Sysadmin, CSLab loved and lost than never loved at all. It's djast at cs.toronto.edu not, it's better to have loved and won. All www.cs.toronto.edu/~djast/ the other options really suck. --Dan Red...
2001 Oct 31
4
Open SSL connection to HTTPS?
Hi All, I just tried to test my web server with telnet. The only problem was that my web server refuses non-encrypted connections (duh!). I know that SSL and SSH are *entirely* different, but ssh is the only commonly-available encryption-enabled command-line tool around. It would be greate to have an SSL-emulation mode in OpenSSH.... Just wishful thinking, Ciaran --
2001 Oct 30
1
[PATCH] for solaris 2.6
I didn't see this one applied to the repository yet. It may not be the best patch possible... basic problem is that _LARGEFILE64_SOURCE needs to be defined on Solaris 2.6 if AC_SYS_LARGEFILE ends up doing a '#define _FILE_OFFSET_BITS 64' If _FILE_OFFSET_BITS == 64, then <sys/resource.h> will define a 'struct rlimit64' but NOT define a 'struct rlimit' leading to
2001 Nov 16
4
passphrase quality
>No. ssh-keygen should never be pamifed. It is worthless to do so. > >If we are going to enforce passphrase quality it should be for all OSes. >The world does not revolve around Linux. No matter what the press may >think. The Linux community didn't invent PAM, Sun did. Many more systems than Linux have PAM, Solaris, HP-UX some BSDs for a start. Having said that I agree with