search for: max_startups

...ed to this list, so please cc me on any replies. Thanks in advance for your consideration. Garry --- servconf.h 2002/05/29 03:50:01 1.1 +++ servconf.h 2002/05/29 03:50:53 @@ -112,6 +112,7 @@ char *subsystem_name[MAX_SUBSYSTEMS]; char *subsystem_command[MAX_SUBSYSTEMS]; + int check_max_startups; int max_startups_begin; int max_startups_rate; int max_startups; --- servconf.c 2002/05/29 03:49:54 1.1 +++ servconf.c 2002/05/29 03:54:09 @@ -112,6 +112,7 @@ options->protocol = SSH_PROTO_UNKNOWN; options->gateway_ports = -1; options->num_subsystems = 0; + options->check_m...

...ring frequency as well. >> >> Multiple instances of SSHd (on different ports) are easily distinguished >> as well. > > That's a really, really good idea. Patch below. That would certainly cover my use case. I wonder if there's a case to be made to add options.max_startups_begin to the title status (per the amended patch below). It's more informative, but also a bit more confusing e.g. when we're above max_startups_begin and beginning to drop we get a title like: sshd: [listener] 12/10/100 startups But my primary goal here is getting that first number e...

> This makes me think that the syslog approach is probably the way to go Yeah, right. Another idea is to mirror the current preauth load via setproctitle()... That makes that data accessible even without a syscall (at least the writing of the data - quering needs syscalls, right), so that can be kept up-to-date and allows a high monitoring frequency as well. Multiple instances of SSHd (on

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

Heya, I'm trying to convince my company to use OpenSSH instead of the commercial SSH version. I need a little help: 1. What features does OpenSSH offer over commercial SSH (besides being free and open source of course)? 2. Our lawyers want details on the licensing / patents stuff. I have the high level details from the OpenSSH page. I need the nitty gritty like RSA patent# and

...listen_addr(ServerOptions *, char *, u_short); static void add_one_listen_addr(ServerOptions *, char *, u_short); @@ -236,6 +237,7 @@ options->allow_tcp_forwarding = 1; if (options->gateway_ports == -1) options->gateway_ports = 0; + channel_fix_permitted_opens(); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -297,7 +299,7 @@ sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers...

...oc.h" #include "compat.h" @@ -162,6 +163,8 @@ options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->gateway_ports == -1) options->gateway_ports = 0; + if (ssh_prng_command_file == NULL) + ssh_prng_command_file = xstrdup(SSH_PRNG_COMMAND_FILE); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -187,7 +190,7 @@ #endif sPasswordAuthentication, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, - sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, + sStric...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

In sshd.c: /* record remote hostname or ip */ u_int utmp_len = MAXHOSTNAMELEN; However, HOSTNAMELEN is almost certainly too long. Is there a reason not to use UT_HOSTSIZE instead, as below? Index: sshd.c =================================================================== --- sshd.c (revision 182719) +++ sshd.c (working copy) @@ -72,6 +72,7 @@ #include <stdlib.h> #include

Hi, I am not sure to report this as a bug. so mailing to the list. I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk to that port, sshd gets killed after some time 192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i send my dos attack This is the tcpjunk command i gave to the ssh server #tcpjunk -s 192.168.71.1 -p 22 -c req -i 100 req session

...ictions = 0; if (options->use_login == -1) options->use_login = 0; if (options->compression == -1) @@ -234,6 +244,7 @@ options->allow_tcp_forwarding = 1; if (options->gateway_ports == -1) options->gateway_ports = 0; + channel_fix_permitted_opens(); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -294,6 +305,7 @@ sPrintMotd, sPrintLastLog, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, + sPermitTcpConnect, sPermitTcpListen, sRestrictedShe...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

Hi, I've gone and ported the latest version of openssh, 3.1p1, to GNU/Hurd. I've tried to learn from the other threads on this topic, but I still had to get rid of MAXHOSTNAMELEN where I could. James A. Morrison diff -urN openssh-3.1p1.old/Makefile.in openssh-3.1p1/Makefile.in --- openssh-3.1p1.old/Makefile.in Tue Feb 26 14:24:22 2002 +++ openssh-3.1p1/Makefile.in Tue Apr 9 16:16:49

I've searched the archive for this mailing list and the bug list for OpenSSH for this, and I'm finding nothing. I'd appreciate it if somoene could point me to an existing thread about this. (I know that other people are aware of the problem, though, so I'm a bit surprised to find nothing.) We're running OpenSSH under Solaris 10 using SMF instead of a legacy init script. SMF

...#define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ #define MAX_AUTH_METHODS 256 /* Max # of AuthenticationMethods. */ +#define MAX_DISPLAYS 1000 /* Maximum number of fake X11 displays to try. */ /* permit_root_login */ #define PERMIT_NOT_SET -1 @@ -154,6 +155,7 @@ int max_startups; int max_authtries; int max_sessions; + int max_displays; char *banner; /* SSH-2 banner message */ int use_dns; int client_alive_interval; /* diff -Naur openssh-portable/session.c openssh-portable-maxdisplays/session.c --- openssh-portable/session.c 2016-06-01 21:14:01.820052926 -0400...