Displaying 8 results from an estimated 8 matches for "auth_sock_nam".
Did you mean:
auth_sock_name
2006 Sep 18
1
BSD Auth: set child environment variables requested by login script [PATCH]
...ug 2006 10:40:19 -0000 1.219
+++ usr.bin/ssh/session.c 18 Sep 2006 09:32:57 -0000
@@ -844,6 +844,9 @@
child_set_env(&env, &envsize, "KRB5CCNAME",
s->authctxt->krb5_ticket_file);
#endif
+#ifdef BSD_AUTH
+ bsdauth_child_set_env(&env, &envsize);
+#endif
if (auth_sock_name != NULL)
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_sock_name);
######################################
Solution 2:
######################################
This one saves the current environment and lets auth_close() do the changes
on an empty envi...
2013 Aug 05
2
RemoteForward and dynamically allocated listen port
...for a long time.
Would any of these approaches be acceptable? Any other ideas?
Thanks,
Andrew
--- session.c.orig 2013-08-03 13:22:10.354171156 -0700
+++ session.c 2013-08-05 09:58:00.017397667 -0700
@@ -1307,6 +1307,17 @@
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_sock_name);
+ char name[256];
+ u_int n = 0;
+ for (i = 0; i < 100; i++) {
+ Channel *c = channel_by_id(i);
+ if (c == NULL || c->type != SSH_CHANNEL_RPORT_LISTENER)
+ continue;
+ snprintf(name, sizeof name, "SSH_REMOTE_FORWARD_PORT_%d", n);
+ snprintf(buf, sizeof buf, "%d"...
2002 Jul 25
3
[PATCH] prevent users from changing their environment
...strncasecmp(opts, cp, strlen(cp)) == 0) {
+ if (options.permit_user_env &&
+ strncasecmp(opts, cp, strlen(cp)) == 0) {
char *s;
struct envstring *new_envstring;
--- session.c 22 Jul 2002 11:03:06 -0000 1.145
+++ session.c 24 Jul 2002 16:55:27 -0000
@@ -899,7 +899,7 @@
auth_sock_name);
/* read $HOME/.ssh/environment. */
- if (!options.use_login) {
+ if (options.permit_user_env && !options.use_login) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
read_environment_file(&env, &envsize, buf);
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2681
Bug ID: 2681
Summary: postauth processes to log via monitor
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2003 Jan 29
0
[PATCH] features for restricted shell environments
...lag) {
- debug("Port forwarding not permitted for this authentication.");
- break;
- }
- if (!options.allow_tcp_forwarding) {
+ if (auth_restricted(RESTRICT_TCP, s->pw)) {
debug("Port forwarding not permitted.");
break;
}
@@ -1085,7 +1083,7 @@
auth_sock_name);
/* read $HOME/.ssh/environment. */
- if (options.permit_user_env && !options.use_login) {
+ if (!options.use_login && !auth_restricted(RESTRICT_ENV, pw)) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
strcmp(pw->pw_dir, "/") ? pw->p...
2017 Oct 10
3
tunnel device name acquisition?
Numerous how-tos all over the Internet show how one would set up
a tunnel using ssh, e.g.:
ssh -f -o Tunnel=ethernet <server_ip> true
I was wondering if there's a way to subsequently acquire the names
of the local and remote tun/tap interfaces (e.g., using the default
"-w any:any") for subsequent automatic tunnel configuration, e.g.:
ip link set $TapDev up
ip link set
2001 Oct 24
2
disable features
...to try. */
@@ -122,8 +123,9 @@
*/
static char *x11_fake_data = NULL;
static u_int x11_fake_data_len;
+#endif
-
+#ifdef WITH_AGENTFWD
/* -- agent forwarding */
#define NUM_SOCKS 10
@@ -131,12 +133,15 @@
/* Name and directory of socket for authentication agent forwarding. */
static char *auth_sock_name = NULL;
static char *auth_sock_dir = NULL;
+#endif
/* AF_UNSPEC or AF_INET or AF_INET6 */
static int IPv4or6 = AF_UNSPEC;
+#ifdef WITH_TCPFWD
/* helper */
static void port_open_helper(Channel *c, char *rtype);
+#endif
/* -- channel core */
@@ -678,6 +683,7 @@
chan_fn *channel_pre[SS...
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in