search for: channel_request

...or a channel, that channel is considered closed for that party and it may reuse the channel number; PuTTY's indignation at receiving the CHANNEL_FAILURE at that time therefore seems reasonable to me. I think what must have happened is that OpenSSHD sent its CHANNEL_CLOSE before it received the CHANNEL_REQUEST and CHANNEL_CLOSE from PuTTY; so when _it_ received the CHANNEL_REQUEST, it had sent but not received CHANNEL_CLOSE, and hence it did not yet consider the channel closed and felt free to respond to the request. However, although that sounds reasonable, I think it is in fact wrong behaviour. I thin...

...with the server. The bug shows up on WindosXp/Cygwin and on Linux. I am not sure if this bug should be assigned to 'sshd' or 'sftp-server'. Steps to reproduce the bug: 1. open connection to a sshd server 2. exchange keys and authenticate user 3. open a ssh channel 4. send SSH_MSG_CHANNEL_REQUEST for sftp subsystem 5. observe how the server responds with - SSH_MSG_CHANNEL_WINDOWS_ADJUST - -----> SSH_MSG_CHANNEL_FAILURE <-------- (a bug?) 6. continue talking with the sftp server as if nothing happened (I can do everything I would expect to: ls, get, put, etc.) Verbose log fr...

Hi! I am resending the following message about problems with utmp handling. * In the meantime I had some request in private mail from people asking whether I have new information. * The problem is still persistant in 2.9p2. * My own new investigations show, that the problem only appears with protocol 2, not with protocol 1, I therefore only started to note it when protocol 2 became the

I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the

...* SD Mod: if -S option is used, request + * client to not use stenographic timing manipulation as well. + */ + if(!options.use_steno_timing_manipulation) + { + debug("sending no steno msg"); + channel_request(c->remote_id,"no_steno",0); + } + /* End SD Mod */ + } else { debug("server_input_channel_open: failure %s", ctype); packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); --- session.c Sun Sep 16 15:17:15 2001 +++...

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,