Displaying 4 results from an estimated 4 matches for "auth2_read_banner".
2003 Sep 23
2
[Bug 707] missing banner file now prints empty line
...us: NEW
Severity: trivial
Priority: P5
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: Al.Smith at gold.net
New in 3.7p1 and above, if the banner file is missing then sshd will send a
banner to an SSH2 client, containing a newline.
auth2_read_banner() correctly returns a NULL if the file is missing, but
this is lost in the privsep: if in auth2-none.c the PRIVSEP() is removed from
auth2_read_banner() then everything works fine.
Upon further analysis I came to the conclusion that
mm_answer_auth2_read_banner() will return either a banner string,...
2003 Oct 28
2
Privilege separation
...5 @@
mm_skey_respond,
skey_free_ctx
};
+#endif /* DISABLE_PRIVSEP */
#endif /* SKEY */
diff -adurN openssh-3.7.1p2.privsep/auth.h openssh-3.7.1p2/auth.h
--- openssh-3.7.1p2.privsep/auth.h Wed Sep 3 06:11:30 2003
+++ openssh-3.7.1p2/auth.h Sat Oct 4 22:49:24 2003
@@ -133,7 +133,9 @@
char *auth2_read_banner(void);
+#ifndef DISABLE_PRIVSEP
void privsep_challenge_enable(void);
+#endif /* DISABLE_PRIVSEP */
int auth2_challenge(Authctxt *, char *);
void auth2_challenge_stop(Authctxt *);
diff -adurN openssh-3.7.1p2.privsep/auth1.c openssh-3.7.1p2/auth1.c
--- openssh-3.7.1p2.privsep/auth1.c Wed Sep...
2003 Jan 29
0
[PATCH] features for restricted shell environments
...filename
--- auth.h 28 Jan 2003 18:06:51 -0000 1.1.1.2
+++ auth.h 29 Jan 2003 20:39:19 -0000 1.3
@@ -142,6 +143,7 @@
void auth_log(Authctxt *, int, char *, char *);
void userauth_finish(Authctxt *, int, char *);
int auth_root_allowed(char *);
+int auth_restricted(int, struct passwd *);
char *auth2_read_banner(void);
--- channels.c 28 Jan 2003 18:06:51 -0000 1.1.1.2
+++ channels.c 28 Jan 2003 19:06:35 -0000 1.4
@@ -96,6 +98,10 @@
/* Number of permitted host/port pairs in the array. */
static int num_permitted_opens = 0;
+
+/* Don't allow any more to be added. */
+static int fix_permitted_opens...
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in