search for: host_status

...options.check_host_ip = 0; + + snprintf(hostline, sizeof(hostline), "%s,%s", host,ip); + SHA1(hostline, strlen(hostline), md); + uuencode(md, SHA_DIGEST_LENGTH, uu, SHA_DIGEST_LENGTH*2); + host_status = check_host_in_hostfile(host_file, uu, host_key, + file_key, &host_line); + if (host_status == HOST_NEW) { + host_file = system_hostfile; + host_status = check_host_in_hostfile(host_file, uu, +...

...IO, {'S', SG_DXFER_FROM_DEV, cmd[16]=[85, 08, 0e, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 40, ec, 00], mx_sb_len=32, iovec_count=0, dxfer_len=512, timeout=15000, flags=0, data[512]=["@\0\377?7\310\20\0\0\0\0\0?\0\0\0\0\0\0\0HPAD0409105B"...], status=00, masked_status=00, sb[0]=[], host_status=0, driver_status=0, resid=0, duration=184, info=0}) = 0 ioctl(3, HDIO_GET_IDENTITY, 0x7fffda088500) = -1 EINVAL (Invalid argument) HDIO_GET_IDENTITY failed: Invalid argument +++ exited with 22 +++ And at the host level: ioctl(1, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, 0x7...

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the

...izeof(line)) != 0) { - xfree(file); - fclose(f); - logit("Authentication refused: %s", line); + xfree(file); restore_uid(); return (0); } === modified file 'auth.c' --- auth.c 2007-07-30 09:54:36 +0000 +++ auth.c 2007-08-02 12:03:02 +0000 @@ -397,79 +397,6 @@ return host_status; } - -/* - * Check a given file for security. This is defined as all components - * of the path to the file must be owned by either the owner of - * of the file or root and no directories must be group or world writable. - * - * XXX Should any specific check be done for sym links ? - * - * Takes...

...+ if (!pubkey_allowed_user(authctxt->pw)) { + debug2("userauth_pubkey: user not allowed pubkey auth"); + return 0; + } + have_sig = packet_get_char(); if (datafellows & SSH_BUG_PKAUTH) { debug2("userauth_pubkey: SSH_BUG_PKAUTH"); @@ -796,3 +805,24 @@ return (host_status == HOST_OK); } + + +/* + * Check if the user is allowed to log in with public key authentication. + */ +static int pubkey_allowed_user(struct passwd *pw) +{ + Authaccess access; + + access.num_allow_users = options.num_pkey_allow_users; + access.allow_users = options.pkey_allow_users; + access.num...

...y_write(key, f) == 0)) success = 1; else error_fr(r, "sshkey_write"); diff --git a/sshconnect.c b/sshconnect.c index 7cf6b6386..72bdc7d1f 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -964,7 +964,7 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, HostStatus host_status = -1, ip_status = -1; struct sshkey *raw_key = NULL; char *ip = NULL, *host = NULL; - char hostline[1000], *hostp, *fp, *ra; + char hostline[1000], *hostp, *fp, *cafp, *ra; char msg[1024]; const char *type, *fail_reason = NULL; const struct hostkey_entry *host_found = NULL, *ip_found = NU...

https://bugzilla.mindrot.org/show_bug.cgi?id=2305 Bug ID: 2305 Summary: sshd does not accept @cert-authority when doing host based authentication. Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component:

...const char* ip, const char* type, HostStatus ip_status, + const char *user_hostfile); /* * Connect to the given ssh server using a proxy command. @@ -524,10 +527,9 @@ Key *file_key; const char *type = key_type(host_key); char *ip = NULL; - char hostline[1000], *hostp, *fp; HostStatus host_status; HostStatus ip_status; - int r, local = 0, host_ip_differ = 0; + int local = 0, host_ip_differ = 0; int salen; char ntop[NI_MAXHOST]; char msg[1024]; @@ -674,71 +676,10 @@ error("No %s host key is known for %.200s and you " "have requested strict checking.",...