search for: controlallowus

Attached (and inline) is a patch to add the following config options: ControlBindMask ControlAllowUsers ControlAllowGroups ControlDenyUsers ControlDenyGroups It pulls the peer credential check from client_process_control() in ssh.c, and expounds upon it in a new function, client_control_grant(). Supplemental groups are not checked in this patch. I didn't feel comfortable taking a shot at...

About two months ago I sent out a patch which provided for a list of users allowed to access a master control socket (rather than the current self or root). Did anybody look at it? Was there any interest? Does it need tweaking? I could think of many uses for it, and I hate to see it linger. - Bill

...to specify a mask and access control lists for control sockets. I'll seperate them out when I port this over to the main OpenSSH source in OpenBSD. So, the following options are honored with this patch: Client: -> old stuff <- ControlBindMask Mask to use when binding a control socket ControlAllowUsers List of users and uids allowed to connect ControlAllowGroups List of groups and gids allows to connect ControlDenyUsers List of users and uids disallowed ControlDenyGroups List of groups and gids disallowed -> new stuff <- StreamLocalBindMask Mask to use when binding a forward socket...

https://bugzilla.mindrot.org/show_bug.cgi?id=2727 Bug ID: 2727 Summary: ssh_dispatch_run_fatal: Connection to 127.0.0.1 port 8002: message authentication code incorrect Product: Portable OpenSSH Version: 7.5p1 Hardware: ix86 OS: Linux Status: NEW Severity: major Priority: P5