search for: max_allow_groups

...options->chroot_users[options->num_chroot_users++] = + xstrdup(arg); + } + break; + case sAllowGroups: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_groups >= MAX_ALLOW_GROUPS) --- openssh-3.4p1.vanilla/servconf.h Thu Jun 20 21:09:47 2002 +++ openssh-3.4p1/servconf.h Wed Jul 3 11:23:26 2002 @@ -20,6 +20,7 @@ #define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ #define MAX_DENY_USERS 256 /* Max # users on deny list. */ +#define MAX_CHROOT_USERS 256...

...ver ssh (OpenSSH). Usually we use openssh-4.4p1, builded from the sources with changed "servconf.h" file by this type: ???#define MAX_ALLOW_USERS ????????10000 ????/* Max # users on allow list. */ ???#define MAX_DENY_USERS ???????????10000 ????/* Max # users on deny list. */ ???#define MAX_ALLOW_GROUPS ?????10000 ????/* Max # groups on allow list. */ ???#define MAX_DENY_GROUPS ????????10000 ????/* Max # groups on deny list. */ and configured with this additional options: # ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ipv4-default --with-pam --without-4in6 --without-zlib-version-check...

...enssh-4.4p1, builded from the sources with changed "servconf.h" file by this type: > #define MAX_ALLOW_USERS 10000 /* Max # users on allow list. */ > #define MAX_DENY_USERS 10000 /* Max # users on deny list. */ > #define MAX_ALLOW_GROUPS 10000 /* Max # groups on allow list. */ > #define MAX_DENY_GROUPS 10000 /* Max # groups on deny list. */ > > and configured with this additional options: > # ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ipv4-default --with-pam --w...

...ic key deny users.", + filename, linenum); + options->pkey_deny_users[options->num_pkey_deny_users++] = xstrdup(arg); + } + break; + + case sPubkeyAllowGroups: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_pkey_allow_groups >= MAX_ALLOW_GROUPS) + fatal("%s line %d: too many public key allow groups.", + filename, linenum); + options->pkey_allow_groups[options->num_pkey_allow_groups++] = xstrdup(arg); + } + break; + + case sPubkeyDenyGroups: + while ((arg = strdelim(&cp)) && *arg != '\0') {...

...ions->max_connections; + goto parse_int; default: fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", --- openssh-1.2pre13/servconf.h.orig Fri Nov 19 23:31:16 1999 +++ openssh-1.2pre13/servconf.h Fri Nov 19 23:32:08 1999 @@ -70,6 +70,7 @@ char *allow_groups[MAX_ALLOW_GROUPS]; unsigned int num_deny_groups; char *deny_groups[MAX_DENY_GROUPS]; + int max_connections; /* Maximum number of simultaneous connections. */ } ServerOptions; /* Initializes the server options to special values that indicate that they --- openssh-1.2pre13/sshd.c.orig Fri Nov 19 21...

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

...u_int num_allow_users_fixedname; + char *allow_users_fixedname[MAX_ALLOW_USERS]; + u_int num_allow_users_ipaddr; + char *allow_users_ipaddr[MAX_ALLOW_USERS]; u_int num_deny_users; char *deny_users[MAX_DENY_USERS]; u_int num_allow_groups; char *allow_groups[MAX_ALLOW_GROUPS]; u_int num_deny_groups; char *deny_groups[MAX_DENY_GROUPS]; u_int num_subsystems; diff -r -U 8 openssh-3.9p1.orig/sshd.8 openssh-3.9p1.jpmg/sshd.8 --- openssh-3.9p1.orig/sshd.8 2004-05-02 13:15:08.000000000 +0100 +++ openssh-3.9p1.jpmg/sshd.8 2005-01-20 10:11:24.697069880 +0000 @@ -330,1...

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the