search for: dev&m

...Forwarded message ---------- Date: Tue, 25 Apr 2000 19:55:56 -0600 (MDT) From: Theo de Raadt <deraadt at cvs.openbsd.org> To: djm at cvs.openbsd.org, markus at cvs.openbsd.org, provos at cvs.openbsd.org, speno at isc.upenn.edu Subject: re: http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=95669367427640&amp;w=2 Index: clientloop.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v retrieving revision 1.21 diff -u -r1.21 clientloop.c --- clientloop.c 2000/04/19 07:05:48 1.21 +++ clientloop.c 2000/04/26 01:54:54 @@...

Hi, I need to add X.509 Certificate support to OpenSSH. I came across the following post on the openssh-unix-dev mailing list that is very useful: http://marc.info/?l=openssh-unix-dev&amp;m=120298135706959&amp;w=2 <http://marc.info/?l=openssh-unix-dev&amp;m=120298135706959&amp;w=2> And also, http://marc.info/?l=openssh-unix-dev&amp;m=104395024824680&amp;w=2 <http://marc.info/?l=openssh-unix-dev&amp;a...

http://bugzilla.mindrot.org/show_bug.cgi?id=1155 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |1218 Bug 1155 depends on bug 1218, which changed state. Bug 1218 Summary: GSSAPI client code permits SPNEGO usage

...ainline OpenSSH. *** First of all, a summary. The project page at http://code.google.com/p/openssh-lpk/ mentions that a few distributions include LPK per default; but reading the various threads at Support for merging LPK and hpn-ssh into mainline openssh? http://marc.info/?l=openssh-unix-dev&amp;m=123483016220368&amp;w=2 and Support for merging LPK into mainline openssh? http://marc.info/?l=openssh-unix-dev&amp;m=125655418812760&amp;w=2 I get the impression that the most important argument is this one, citing Damien Miller (http://marc.info/?l=openssh-unix-dev&amp;m=1252521896308...

...rovided a patch for the problem but [2]was told that no more patches were being considered until 4.1 was released and that I should attach my patch to a new Bugzilla bug. This [3]I did. Is there any chance it will be included in the next release? 1. http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=111266548525108&amp;w=2 2. http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=111287737706979&amp;w=2 3. http://bugzilla.mindrot.org/show_bug.cgi?id=1012 -- David Rothenberger spammer? -> spam at daveroth.dyndns.org GPG/PGP: 0x7F67E734, C233 365A 25EF 2C5F C8E1 43DF B4...

...from dtucker at zip.com.au 2006-09-25 18:24 ------- For the record, I believe all of the outstanding issues have been resolved with the exception of: (In reply to comment #4) > regress hangs on Redhat 7.3, reason unknown (maybe IPv6 related?): > http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=115700350117023 > (maybe define __nonnull__ too?) This I'm at a loss to explain. > regress failure on IRIX w/mipspro compiler (SSH protocol 1 only): > http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=115716627223333 This is a suspected OpenSSL problem: http://marc.theaim...

Jefferson Ogata's patch http://marc.info/?l=openssh-unix-dev&amp;m=108134938701018&amp;w=2 adds a multiple authentication methods option to sshd. I updated the patch to 4.7p1 and added logic to allow it to work with privilege separation. https://bugzilla.mindrot.org/show_bug.cgi?id=1435 -------------- next part -------------- A non-text attachment was scr...

Thanks for these 3rd party hacks! I don't trust them. There must be such feature in openssh out of box. So the most secure/easyer method of giving sftp access to porn collection is: Damiens sftp-server chroot patch, which I hope to see in openssh one day :) http://marc.info/?l=openssh-unix-dev&amp;m=116043792120525&amp;w=2 # useradd -d /data/p0rn -m share /etc/ssh/sshd_config: Match user share X11Forwarding no AllowTCPForwarding no ForceCommand /usr/libexec/sftp-server -C %d pkill sshd; /usr/sbin/sshd and done :) On 7/28/07, Peter SJF Bance <Minstrel at minstrel...

...mportant for OpenSSH to implement SSH2_FXF_APPEND since it is in the spec and clients who expect it to work find that their files are overwritten rather than appended to. I opened a bug for it: https://bugzilla.mindrot.org/show_bug.cgi?id=2159 Some relevant links: http://marc.info/?l=openssh-unix-dev&amp;m=138053388830753&amp;w=2 http://marc.info/?l=openssh-unix-dev&amp;m=123798287811788 http://marc.info/?l=openssh-unix-dev&amp;m=111093206900604 https://bugzilla.gnome.org/show_bug.cgi?id=608910 Thanks -- Ross Lagerwall -------------- next part -------------- Index: sftp-server.c =============...

...ot at all necessary. Am I missing something? > If you're saying that the scp protocol is an unfixable mess then the openssh team has been agreeing[0] with you for at least a decade and a half. We fix what we can, but some parts can't be fixed. [0] eg https://marc.info/?l=openssh-unix-dev&amp;m=104157774216425&amp;w=2 -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.

Hi, When people try and break into my system from the internet I get lots of messages like: Nov 14 19:08:13 rook sshd[6333]: Failed password for invalid user guest from 210.83.48.238 port 40811 ssh2 Nov 14 19:08:19 rook sshd[6338]: Invalid user admin from 210.83.48.238 Nov 14 19:08:19 rook sshd[6338]: Failed password for invalid user admin from 210.83.48.238 port 40920 ssh2 Nov 14 19:08:24 rook

Doing a search in the list archives, I see that in 2001/2002 there was a patch made available for IdleTimeout keyword, for example: http://marc.info/?l=openssh-unix-dev&amp;m=99838019319356&amp;w=2 Looks like that patch did not make it in the following versions of OpenSSH - is there a reason why - any chance of the patch getting back in? I do know about ClientInterval, but I think I need IdleTimeout. The specific circumstance is that I've a SSH2 session fr...

http://bugzilla.mindrot.org/show_bug.cgi?id=763 Summary: Add Null packet keepalive option Product: Portable OpenSSH Version: 3.7p1 Platform: All URL: http://marc.theaimsgroup.com/?l=openssh-unix- dev&amp;m=98460103932386&amp;w=2 OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: hauser at acm.org for those often being disconnected, please add this fea...

...t the proper OpenSSH and the Portable edition. I would argue that it is important for OpenSSH to implement SSH2_FXF_APPEND since it is in the spec and clients who expect it to work find that their files are overwritten rather than appended to. Some relevant links: http://marc.info/?l=openssh-unix-dev&amp;m=138053388830753&amp;w=2 http://marc.info/?l=openssh-unix-dev&amp;m=123798287811788 http://marc.info/?l=openssh-unix-dev&amp;m=111093206900604 https://bugzilla.gnome.org/show_bug.cgi?id=608910 Thanks -- You are receiving this mail because: You are watching the assignee of the bug.

...ad nauseum on usenet. In looking at the archives, it seems that the patch for this has been removed from the contrib section of the ssh source. While patches for chrooted ssh exist (chrootssh comes to mind), I've also read the discussion here: http://marc.theaimsgroup.com/?l=openssh-unix-dev&amp;m=102163541912823&amp;w=2 and am curious to get this groups take on possible solutions. 1. does anyone have recommendations/warnings about applying the securessh patch? The two main problems I see are code auditting (which, while I understand C, I don't know the ssh source well enough...

...DependingO 1289,1305 nThis: On some platforms (at least Solaris, probably others) sshd in OpenSSH 4.6p1 will log the following error to syslog, but otherwise works OK. error: channel 0: chan_read_failed for istate 3 Mentioned on the mailing list: http://marc.info/?l=openssh-unix-dev&amp;m=117469473826677 http://marc.info/?l=openssh-unix-dev&amp;m=117565843600487 This is a side effect of the changes from the infamous bug #52. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...by the timing of openssh packet network transmission. The issue is that keystroke timing is correlated with the plaintext, and openssh users expect their communications to be kept entirely secret. Despite some excellent ideas and patches, such as Jason Coit's http://marc.info/?l=openssh-unix-dev&amp;m=100326089315915&amp;w=2 there has been little done to address this problem. As far as I can tell, the only countermeasure implemented in OpenSSH is that the server will echo back dummy messages (rather than nothing) when users enter passwords. But users expect all of their communication to...

I did not find any clues when 'googling' and could not find any search options on the archives. So, your answer does really not help. If you can help me with some reference, then it is highly appreciated. I would like to understand the rationaly. Not why 'it is just like it is'. No, why. What is the reasoning behind it. I speak Dutch, English, some Japanese and C. So, I can

http://bugzilla.mindrot.org/show_bug.cgi?id=748 ------- Additional Comments From dtucker at zip.com.au 2004-01-29 21:47 ------- So far no-one has said anything about IPv6 working or not on HP-UX 11.11, so we don't know whether or not it works. We do know that (in some cases, anyway) IPv4 doesn't work because of the getaddrinfo issue. Based on the currently available information,

Hello, I have been having issues with x11 forwarding using my linux-mandrake based servers. I checked my XAUTHORITY variable and it was set to ~/.Xauthority ... After reading the mail archives, I found the /tmp/ssh* directory created during my ssh session, and did this: export XAUTHORITY="/tmp/ssh-hzuA1805/cookies" xeyes ...and the X11 forwarding worked! I'm using the