search for: dugsong

Displaying 20 results from an estimated 22 matches for "dugsong".

2000 Mar 25
1
ANNOUNCE: openssh-1.2.3
...tsockname() requires initialized tolen; andy at guildsoftware.com - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; from Holger.Trapp at Informatik.TU-Chemnitz.DE [pty.c pty.h] - register cleanup for pty earlier. move code for pty-owner handling to pty.c ok provos@, dugsong@ [readconf.c] - turn off x11-fwd for the client, too. [rsa.c] - PKCS#1 padding [scp.c] - allow '.' in usernames; from jedgar at fxp.org [servconf.c] - typo: ignore_user_known_hosts int->flag; naddy at mips.rhein-neckar.de - sync with sshd_config [ssh-keygen.c] - enable s...
2000 Mar 25
1
ANNOUNCE: openssh-1.2.3
...tsockname() requires initialized tolen; andy at guildsoftware.com - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; from Holger.Trapp at Informatik.TU-Chemnitz.DE [pty.c pty.h] - register cleanup for pty earlier. move code for pty-owner handling to pty.c ok provos@, dugsong@ [readconf.c] - turn off x11-fwd for the client, too. [rsa.c] - PKCS#1 padding [scp.c] - allow '.' in usernames; from jedgar at fxp.org [servconf.c] - typo: ignore_user_known_hosts int->flag; naddy at mips.rhein-neckar.de - sync with sshd_config [ssh-keygen.c] - enable s...
2000 Jan 01
3
OpenSSH protocol 1.6 proposal
...so far, the OpenBSD OpenSSH developers and the Linux/Solaris/etc. OpenSSH developers led by Damien Miller have been getting along just fine. we hereby cordially invite you to join the party! http://violet.ibs.com.au/openssh/list.html best wishes for the new year. -d. --- http://www.monkey.org/~dugsong/
2002 Feb 12
1
openssh + pam errors (fwd)
...the fork. ive been running it for a couple of weeks and everything seems good. i used to have to use uselogin yes and set the limits with login because openssh was broken, but this takes care of it. ---------- Forwarded message ---------- Date: Mon, 11 Feb 2002 23:05:54 -0500 From: Dug Song <dugsong at monkey.org> To: Rob Mosher <nyt at countercultured.net> Subject: Re: openssh + pam errors send this patch to openssh-unix-dev at mindrot.org Damien Miller maintains the OpenSSH-portable tree, he'll know what to do with it... -d. --- http://www.monkey.org/~dugsong/ --- old/se...
2009 Mar 04
2
[PATCH] accept SOCKS request over the mux socket
Hi, The attached patch extends the mux listener to accept SOCKS requests in addition to the native mux commands. The rationale behind is that creating tunnels attached to TCP ports is a security hazard in multi-user machines where there is no way to control who connects through the tunnels. On the other hand, The mux UNIX domain socket binds to the file system and regular permissions can be
2002 Jan 04
2
3.0.2 AFS login problem, Solaris 2.5.1
...network when the old (SSH1) server (which works) runs reveals *no connection* to 'kerberos' over port 750 during successful login... only some stuff on 7004. So I looked at the code, wondering how the ssh1.2.21 could work where this didn't... and found that 1.2.21 used a patch from dugsong that called ka_UserAuthenticateGeneral at this point... but 3.0.2 does not call any ka_ routines. I am suspecting that ka_UserAuthenticateGeneral is what talks over 7004 and that if I could make an equivalent patch to 3.0.2 that would use it, I'd be able to talk to our kaserver. It's...
2001 Jul 04
0
Sneek peak at what was commited.
...[servconf.h serverloop.h session.h sftp-client.h sftp-common.h sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h] prototype pedant. not very creative... - () -> (void) - no variable names - dugsong at cvs.openbsd.org 2001/06/26 16:15:25 [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h servconf.c servconf.h session.c sshconnect1.c sshd.c] Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar at freebsd.org> and Bjorn Gronvall <bg at sics...
1999 Nov 20
0
OpenSSH & Kerberos 5?
...nSSH mailing list that this would be better > served in, let me know (I couldn't find one on the OpenSSH web site). Damien Miller is hosting one, at least until openssh.org is transferred to the OpenSSH project. see http://violet.ibs.com.au/openssh/list.html -d. --- http://www.monkey.org/~dugsong/
1999 Nov 26
1
openssh & XEmacs gnuclient issue
In switching to openssh from ssh-1.2.27, I have encountered the following problem with the way openssh handles its XAUTHORITY files separately from ~/.Xauthority. XEmacs has a gnuserv process that runs and allows commands to be issued to a remote XEmacs process. The trouble is when the command is to make a new frame ( window ) on a different X display, it fails because the Xauth cookie is not in
1999 Dec 02
3
[Fwd: [Fwd: OpenSSH for UNIX]]
This is a resend, the first try got bounced because of the message size limit on the list. -------------- next part -------------- An embedded message was scrubbed... From: Damien Miller <damien at ibs.com.au> Subject: [Fwd: OpenSSH for UNIX] Date: Thu, 02 Dec 1999 10:52:38 +1100 Size: 73561 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/19991202/e81e7166/attachment.mht
2000 Feb 16
0
new OpenSSH t-shirts
new OpenSSH t-shirts for sale: http://www.monkey.org/openssh/ 3-D rendered blowfish design, $15 USD ppd. limited time only. slices and dices. etc. -d. --- http://www.monkey.org/~dugsong/
2000 Jul 20
3
sftp
Hi, What is the status on sftp ? People here who are not familiar with "command line ftp" would like to use the new spiffy graphical sftp provided with ssh.com new NT client. As we are planning on replacing all our sshd with openssh, we need sftpd as well. Thanks, Emmanuel -------------- next part -------------- An HTML attachment was scrubbed... URL:
2005 May 26
2
openssh-4.1p1.tar.gz.asc has bad signature?
Hi, #tcsh#machine# gpg --verify openssh-4.1p1.tar.gz.asc openssh-4.1p1.tar.gz gpg: Signature made Wed May 25 08:26:24 2005 EDT using DSA key ID 86FF9C48 gpg: BAD signature from "Damien Miller (Personal Key) <djm at mindrot.org>" I made sure that I had the same key loaded that the signature was made with, but that didn't change the error. Thanks, Matt -- Matthew Goebel :
2000 May 09
1
openssh-2.1.0 and AFS
Hi! I've noticed that openssh always does a do_setpag() if compiled with AFS-support no matter which authentication method is used. Maybe I'm missing something but shouldn't it only get a pag, if AFS-token-passing is used? If password authentication is used, an AFS-pam-module (or the authenticate function on AIX) will do the job, otherwise, no token can be obtained and therefore no
2000 Jan 13
5
Inhibiting swapping with mlock
There's one vulnerability that's bugged me for some time. It applies to nearly all crypto software, including ssh. That's the swapping of sensitive info (such as keys and key equivalents) onto hard drives where they could possibly be recovered later. The Linux kernel provides a system call, mlock(), that inhibits swapping of a specified region of virtual memory. It locks it into real
2002 Oct 24
3
iptables output ?
hi, anyone to know a tool that will display more friendly output ... probably a tree like structure (if no cross sections occur)... OR a top like output... thanx raptor _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
2008 Feb 06
4
Using tcpdump to sniff telnet password
Hi all, As long as I can remember reading various articles/docs, they all say that telnet is not secure because all traffic is in clear text. Well, out of boredom, I try to sniff username and password from a telnet session. The command I use: tcpdump tcp port 23 -vvv -w test.txt Then I read the result: strings test.txt |`D |fD |fD 38400,38400 Red Hat Enterprise Linux ESD Ologin: D 5eE
1999 Jul 30
0
Linux 2.2.10 ipchains Advisory (fwd)
...ing intrusion detection systems and packet filters provided by Anzen Computing. The version of fragrouter that performs this attack should be available shortly, at http://www.anzen.com/research/nidsbench/. Additional Information ---------------------- data protect would like to thank Dug Song <dugsong@anzen.com> for his help in implementing this attack. For information regarding this advisory, please contact Thomas Lopatic <tl@dataprotect.com> or John McDonald <jm@dataprotect.com>. The contents of this advisory are Copyright (C) 1999 data protect GmbH, and may be distributed fre...
2000 May 20
5
Kerberos V5 integration
Hi, This is just a quick note to let people know that I've _almost_ got Kerberos V5 working based on the patches posted to this list. I'm currently at the stage where Kerberos principals can be used to verify logins (ie Kerberos credentials are correctly passed), but I haven't (yet) got ticket forwarding to work - this is the next step! I've taken the original patches and updated
2000 Aug 23
14
Test snapshot
...r.net - provos at cvs.openbsd.org 2000/08/02 10:27:17 [readconf.c sshd.8] disable kerberos authentication by default - provos at cvs.openbsd.org 2000/08/02 11:27:05 [sshd.8 readconf.c auth-krb4.c] disallow kerberos authentication if we can't verify the TGT; from dugsong@ kerberos authentication is on by default only if you have a srvtab. - markus at cvs.openbsd.org 2000/08/04 14:30:07 [auth.c] unused - markus at cvs.openbsd.org 2000/08/04 14:30:35 [sshd_config] MaxStartups - markus at cvs.openbsd.org 2000/08/15 13:20:46 [a...