search for: courtesan

...tem, if I downgrade sudo to the base version, it behaves the same as on the first server, so this appears to be sudo version specific rather than an i386 vs x86-64 difference. Looking at the changelogs at the package home site, I don't see anything obvious that covers this change: http://www.courtesan.com/sudo/stable.html#1.7.0 http://www.courtesan.com/sudo/stable.html#1.7.1 http://www.courtesan.com/sudo/stable.html#1.7.2 Does anyone know how to change the behavior with the umask values when using the newer version of sudo? This is causing us some issues when sudoing to update an SVN working d...

To the openssh and sudo developer mailing lists: Ssh has a key agent allowing authentication to remote hosts without entering your password/passphrase again and again, which is very convenient. I think the 'su', 'sudo', and similiar commands could benefit from this idea and mechanism. I don't have the necessary expertise in cryptology to do this myself so I just want to throw

--- channels.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/channels.c b/channels.c index a84b487..396e192 100644 --- a/channels.c +++ b/channels.c @@ -3014,10 +3014,14 @@ channel_setup_fwd_listener_streamlocal(int type, struct Forward *fwd, debug3("%s: type %d path %s", __func__, type, fwd->listen_path); + /* Expand home directory if necessary */ +

https://bugzilla.mindrot.org/show_bug.cgi?id=2416 Bug ID: 2416 Summary: [PATCH] Allow forwarding of stdio to streamlocal end points Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2601 Bug ID: 2601 Summary: StreamLocalBindUnlink not working Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

...s, executes Shorewall commands (start, stop, restart, status, ...) * shows system/Shorewall logs * multi-language ready (english/italian) * IE/Firefox compatible Hosting system prerequisites (besides Shorewall specifics) * sudo utility (usually part of all distro, anyhow available at http://www.courtesan.com/sudo/) Curious enough? URL: http://62.110.196.251 User: awdwall Password: gogetit Any comments, critics, suggestions, opinions are more than welcome. Support Please don''t even think I''ll be able to react to your requests/bug reports as '...

...) calls fatal() if it > cannot resolve ~foo. This is not terrible when using -L and -R on > the normal command line but it seems pretty harsh to exit when -L > or -R are used via the ~C escape or the streamlocal-forward at openssh.com > request. > Message-Id: <aea6cdc1d1b42d07 at courtesan.com> > > Perhaps we just need a non-fatal version of tilde_expand_filename(). Yeah, we should refactor it into a version that returns a ssherr.h code and (perhaps) leave the existing tilde_expand_filename() as a wrapper. -d

Hi developers, I'm not sure if this is the right place to ask this question, so please don't crcify me if it isn't :) I'm trying to compile openssh-2.5.2p2 on SunOS 4.1.3. Since SunOS is not in the portable list, I took a look at this mailing list archive and found some of you guys have been able to compile it. My ./configure says I don't have the regex library : configure:

...The FreeBSD Project Topic: a third sendmail header parsing buffer overflow Category: contrib Module: contrib_sendmail Announced: 2003-09-17 Credits: Michal Zalewski <lcamtuf@dione.ids.pl> Todd C. Miller <Todd.Miller@courtesan.com> Affects: All releases of FreeBSD FreeBSD 4-STABLE prior to the correction date Corrected: 2003-09-17 15:18:20 UTC (RELENG_4, 4.9-PRERELEASE) 2003-09-17 20:19:00 UTC (RELENG_5_1, 5.1-RELEASE-p5) 2003-09-17 20:19:22 UTC (RELENG_5_0,...

...The FreeBSD Project Topic: a third sendmail header parsing buffer overflow Category: contrib Module: contrib_sendmail Announced: 2003-09-17 Credits: Michal Zalewski <lcamtuf@dione.ids.pl> Todd C. Miller <Todd.Miller@courtesan.com> Affects: All releases of FreeBSD FreeBSD 4-STABLE prior to the correction date Corrected: 2003-09-17 15:18:20 UTC (RELENG_4, 4.9-PRERELEASE) 2003-09-17 20:19:00 UTC (RELENG_5_1, 5.1-RELEASE-p5) 2003-09-17 20:19:22 UTC (RELENG_5_0,...

https://bugzilla.mindrot.org/show_bug.cgi?id=2529 Bug ID: 2529 Summary: direct-streamlocal channel open doesn't match PROTOCOL documentation Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh

nuqneH, I've tried using TIS authsrv authentication via bsd auth and found it quite limited. The most important restriction it does not log ip and fqdn of the remote peer, nor the application name, to the authentication server. It does not matter much for TIS authsrv, but since other applications do provide such information, our authsrv version uses it for extra authentication restrictions.

I've used ssh as a secure telnet up to now but done little else with it. The FreeBSD machines I look after on our internet-facing network all have one account which I connect to for administration. I've set up /etc/hosts.allow on all the machines to only allow ssh from a limited internal network range. Now I want to create a new account on one machine which will be accessible from the

I'm working with a FreeBSD user -- a teacher -- who's running KDE on a system on which she neither has nor wants root privileges. She wants to be able to mount and unmount floppies and ZIP cartridges from within KDE, using the standard KwikDisk utility (which, by the way, generates mount and unmount command that don't conform to FreeBSD syntax; however, it appears possible to fix this

...The error code from the last command is 1. Info: strndup.c is a new file in openssh-7.7p1, and the correction is simple: Now: ???? 1? /*????? $OpenBSD: strndup.c,v 1.2 2015/08/31 02:53:57 guenther Exp $??? */ ???? 2 ???? 3? /* ???? 4?? * Copyright (c) 2010 Todd C. Miller <Todd.Miller at courtesan.com> ???? 5?? * ???? 6?? * Permission to use, copy, modify, and distribute this software for any ???? 7?? * purpose with or without fee is hereby granted, provided that the above ???? 8?? * copyright notice and this permission notice appear in all copies. ???? 9?? * ??? 10?? * THE SOFTW...

Hi, is there a list anywhere of what still needs needs to be done for the 1.1 release? I'm interested in helping out to get tinc to version 1.1 if possible. - todd

Only the short -b option is missing, --batch works as expected. - todd diff --git a/src/tincctl.c b/src/tincctl.c index 9eb9a1b..766b769 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -168,7 +168,7 @@ static bool parse_options(int argc, char **argv) { int r; int option_index = 0; - while((r = getopt_long(argc, argv, "+c:n:", long_options, &option_index)) != EOF) { +

On Tue, 03 Oct 2017 21:46:32 +0200, Guus Sliepen wrote: > I'll also run sed on the codebase to add parentheses around the argument > of sizeof operators, since code formatters otherwise turn "sizeof *foo" > into "sizeof * foo". Not all "sizeof foo" were converted to "sizeof(foo)". I've opened a pull request with a patch:

I noticed that the base64 functions in util.c don't produce the same results as other versions that implement RFC 1421 (and its successors). This results in PEM files that can only be decoded by tinc itself. Is this intentional? Below is a diff to make tinc's base64 functions match what everyone else does. This will break existing key files, though, which is unfortunate. - todd diff

Not all OSes have SA_RESTART (for instance, SunOS does not). Also, for the non-SA_RESTART case in scp.c sa.sa_flags was not being initialized (noted by dworkin at village.org). - todd --- scp.c.DIST Sat Feb 17 17:56:33 2001 +++ scp.c Sat Feb 17 17:57:59 2001 @@ -1224,8 +1224,9 @@ struct sigaction sa; sa.sa_handler = updateprogressmeter; sigemptyset((sigset_t *)&sa.sa_mask); +