search for: max_startups_r

...s. Thanks in advance for your consideration. Garry --- servconf.h 2002/05/29 03:50:01 1.1 +++ servconf.h 2002/05/29 03:50:53 @@ -112,6 +112,7 @@ char *subsystem_name[MAX_SUBSYSTEMS]; char *subsystem_command[MAX_SUBSYSTEMS]; + int check_max_startups; int max_startups_begin; int max_startups_rate; int max_startups; --- servconf.c 2002/05/29 03:49:54 1.1 +++ servconf.c 2002/05/29 03:54:09 @@ -112,6 +112,7 @@ options->protocol = SSH_PROTO_UNKNOWN; options->gateway_ports = -1; options->num_subsystems = 0; + options->check_max_startups = -1; options->max_startups_beg...

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

Hi, I am not sure to report this as a bug. so mailing to the list. I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk to that port, sshd gets killed after some time 192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i send my dos attack This is the tcpjunk command i gave to the ssh server #tcpjunk -s 192.168.71.1 -p 22 -c req -i 100 req session

...en_addr(ServerOptions *, char *, u_short); @@ -236,6 +237,7 @@ options->allow_tcp_forwarding = 1; if (options->gateway_ports == -1) options->gateway_ports = 0; + channel_fix_permitted_opens(); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -297,7 +299,7 @@ sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sAllowUsers, sDenyUsers, sAllowGroups, sDen...

...->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->gateway_ports == -1) options->gateway_ports = 0; + if (ssh_prng_command_file == NULL) + ssh_prng_command_file = xstrdup(SSH_PRNG_COMMAND_FILE); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -187,7 +190,7 @@ #endif sPasswordAuthentication, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, - sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, + sStrictModes, sEmptyPasswd, sRandomSeedFile, sPrngCommandFile, sKeepAlives, sChe...

...= 0; if (options->compression == -1) @@ -234,6 +244,7 @@ options->allow_tcp_forwarding = 1; if (options->gateway_ports == -1) options->gateway_ports = 0; + channel_fix_permitted_opens(); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -294,6 +305,7 @@ sPrintMotd, sPrintLastLog, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, + sPermitTcpConnect, sPermitTcpListen, sRestrictedShell, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression...

...ions->fwd_opts.gateway_ports = -1; options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; options->fwd_opts.streamlocal_bind_unlink = -1; + options->fwd_opts.streamlocal_bind_root_directory = NULL; options->num_subsystems = 0; options->max_startups_begin = -1; options->max_startups_rate = -1; @@ -355,6 +356,7 @@ fill_default_server_options(ServerOptions *options) CLEAR_ON_NONE(options->authorized_principals_file); CLEAR_ON_NONE(options->adm_forced_command); CLEAR_ON_NONE(options->chroot_directory); + CLEAR_ON_NONE(options->fwd_opts.streamlocal_bind_root_direct...

...ort ports[MAX_PORTS]; /* Port number to listen on. */ @@ -108,8 +114,7 @@ char *deny_groups[MAX_DENY_GROUPS]; u_int num_subsystems; - char *subsystem_name[MAX_SUBSYSTEMS]; - char *subsystem_command[MAX_SUBSYSTEMS]; + Subsystem subsystem[MAX_SUBSYSTEMS]; int max_startups_begin; int max_startups_rate; @@ -129,6 +134,7 @@ char *authorized_keys_file; /* File containing public keys */ char *authorized_keys_file2; int pam_authentication_via_kbd_int; + int nodelay; } ServerOptions; diff -ru openssh-3.0.2p1.orig/session.c openssh-3.0.2p1.cfgnodelay/session.c --- openssh-3.0.2p...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in