search for: hlein

Displaying 20 results from an estimated 21 matches for "hlein".

Did you mean: klein
2002 Feb 07
1
chroot patch for openssh 3.0.2p1
High all, I'm running openssh 3.0.2p1 and it seems that the chroot patch delivered in the /contrib folder of the portable distrib does not apply to this release. Does anyone know if i can find an updated patch. Thanks -- Johan LEGROS Direction Informatique R?seau & T?l?com Tel : +33 1 71 71 56 62 Fax : +33 1 71 71 55 77 Email : jlegros at canal-plus.fr URL :
2013 Feb 27
0
[Bug 1585] Allow an `Include' option which reads another config file in place and does not error out when `Include' file not readable
https://bugzilla.mindrot.org/show_bug.cgi?id=1585 hlein at korelogic.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hlein at korelogic.com -- You are receiving this mail because: You are watching the assig...
2010 Jan 28
3
Repost: [patch] Automatically add keys to agent
...will make them more willing victims. It's like sending users "secure" self-extracting encrypted archives, teaching people that it's sometimes OK after all to execute .exe's they receive in emails--undermines best-practice training and will end badly. -- Hank Leininger <hlein at korelogic.com> BE5D FCCA 673B D18B 98A9 3175 896E 3D4A 1B4D C5AC -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 447 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/...
2002 Jan 04
2
Strange problem from "identical" hosts
Long post.. sorry. Ok.. I've got three systems, all running openssh-3.0.2p1. As a matter of fact, they were installed from the same built tree, so I know they are the same. Here's the deal. I've got three systems, call them source1, source2 and target. All are HP-UX 11.0 systems installed from the same tree. Source1 and source2 both have thier root rsa pub keys in target's
2002 Apr 22
9
Password from open filedescriptor
The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean
2000 Dec 27
0
'debug1: tvp!=NULL kid 0 mili 10' messages
...generates useless chatter between sshd and syslogd, causes unnecessary context switches, and of course scribbles useless stuff to disk. At the very least, could these be changed to debug2 or debug3 so that it's disabled for not-really-that-verbose DEBUG LogLevels? Thanks, Hank Leininger <hlein at progressive-comp.com>
2000 Dec 27
1
Openssh and Slackware 7.1
password authentication fails even tho i used LIBS=-lcrypt option Any help will be appreciated
2002 Jul 12
0
[Bug 325] PermitRootLogin forced-commands-only & privsep - not working together
http://bugzilla.mindrot.org/show_bug.cgi?id=325 ------- Additional Comments From hlein at progressive-comp.com 2002-07-13 06:14 ------- Seeing this here too; it appears that when auth2.c:userauth_finish is called, forced_command has been cleared (or perhaps, never set in that forked sshd) so the call to auth_root_allowed(method) returns 0. The following patch makes forced-command l...
2007 Jun 20
1
"Include" directive in ~/.ssh/config
...iles. An obvious alternative is to build a consolidated ~/.ssh/config file from these individual bits using a perl script, Makefile, etc. Has anybody else got similar needs, and if so have you already solved them with either a patch to openssh, or the script approach? Thanks, Hank Leininger <hlein at progressive-comp.com> D639 2E70 96A4 96D4 9AB6 95D6 A8FD BA7C 7093 F8F3 -----BEGIN PGP SIGNATURE----- iD8DBQFGeWOyqP26fHCT+PMRAiKeAJ9x17KSabcEX/4cVJOqWHaKwy6REwCcDl+E 1mr7QpKwVdTXYDfkg3eQzoo= =j0ie -----END PGP SIGNATURE-----
2000 Oct 30
2
Feature disappeared?
Hi, working on tightening our network (somewhat) today, I found that OpenSSH doesn't seem to have the "AllowSHosts" directive (in sshd_config) that Commercial SSH (at least 1.2.25 & up) has. Now I wonder whether that hasn't been implemented yet, or has been dropped for a certain reason. I find this very useful for what I want to achieve - inside the company network,
2001 Sep 26
3
OpenSSH 2.9.9
OpenSSH 2.9.9 has just been uploaded. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH 2.9.9 fixes a weakness in the key file option handling, including source IP based access control. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability
2000 Nov 07
3
bug in documentation for "Protocol" option
ssh.1 says Protocol Specifies the protocol versions ssh should support in order of preference. The possible values are ``1'' and ``2''. Multiple versions must be comma-separated. The default is ``1,2''. This means that ssh tries version 1 and falls back to version 2 if version 1 is not available. but
2001 May 17
6
scp: Problem when source and destination are identical
If the source and destination file are identical, the receiving scp truncates the file. On the sending end, read() returns 0, and garbage is sent instead of actual data, and the receiving end puts it into the file, which at least confuses the users. -- Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2
2002 Feb 02
2
disabling the authentication agent?
Is there any way to disable the authentication agent globally? I'm not quite sure I understand it's purpose. Here is some background info: workstation: Key pair (dsa). host1: No key pair. No authorized_keys. host2: Has my workstation's key in authorized_keys. I ssh to host1 from my workstation. I ssh to host2 from host1. I am asked for a password. Good. I ssh to host2 from my
2000 Dec 28
2
sshd doesn't log which RSA key was used
Hi guys, and another feature request for sshd which I would classify as really useful. And I think this behaviour is currently not available (If yes, sorry, I must have missed it): > I believe that the sshd should log which RSA key was used to connect to > an account. When there are a number of keys in the authorized_keys file > it is often useful to know which one was used for each
2000 Dec 24
2
scp -f / interactive ?
Hi, % scp -v user at host:file.txt . [..] debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0p1 debug: Local version string SSH-1.5-OpenSSH_2.1.1 [..] debug: Sending command: scp -v -f file.txt debug: Entering interactive session. Sending file modes: C0644 3093316 file.txt Since it 'interactives' the remote user needs a shell. Any workaround? But more interesting
2010 Feb 01
1
"phishing" (was: [patch] Automatically add keys to agent)
...oying (or have untenable requirements like "there must be an X display that ssh can talk to, to pop the request up in"), but strong enough not to be faked out. ...If that were sufficiently addressed, then this downside to AddKeyToAgent would go away too. Thanks, -- Hank Leininger <hlein at korelogic.com> BE5D FCCA 673B D18B 98A9 3175 896E 3D4A 1B4D C5AC -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 443 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/...
2000 Oct 25
3
having some trouble using another user's RSA/DSA keys
Debian GNU/Linux 2.2 (potato), openssh-2.2.0p1 Configured with: --prefix=/usr/local/openssh --enable-gnome-askpass --with-tcp-wrappers --with-ipv4-default --with-ipaddr-display My goal here is to, as root, forward a local privileged port over an ssh tunnel to another host using a normal user's login, i.e.: root:# ssh -2 -l jamesb -i ~jamesb/.ssh/id_dsa -L 26:localhost:25 remotehost So far,
2000 Oct 24
2
feature request & patch submit: chroot(2) in sshd
Hello, whereas most people take passwd/shadow/ldap/<whatever> as the place where decision on a chrooted environment / sandbox for certain users is met (just set the given usershell appropriateley), I needed a somewhat different approach. Below is a tiny patch to 2.2.0p1 which enhances the sshd-config by two options and, when set, places all users / users of a certain group immediately in