Displaying 4 results from an estimated 4 matches for "mm_answer_audit_command".
2006 Sep 14
6
sshd audit not happy with ssh1 and scp
...l, shuts up the warnings):
==== //depot/yahoo/ybsd_6/src/crypto/openssh/monitor.c#4 (text+ko) ====
@@ -272,7 +272,7 @@
{MONITOR_REQ_TERM, 0, mm_answer_term},
#ifdef SSH_AUDIT_EVENTS
{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
- {MONITOR_REQ_AUDIT_COMMAND, MON_ONCE, mm_answer_audit_command},
+ {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command},
#endif
{0, 0, NULL}
};
I notice that early on it tries to enable MONITOR_REQ_AUDIT_COMMAND in
mm_answer_pwnamallow(). However, this doesn't actually work as it tries
to enable it in the monitor_dispatch table (whi...
2016 Feb 17
2
Using 'ForceCommand' Option
...115
Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]: debug3: mm_request_receive
entering Feb 17 16:14:01 is-rhsat-lv02 sshd[13008]: debug3:
mm_request_receive entering
Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]: debug3: monitor_read: checking
request 114
Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]: debug3: mm_answer_audit_command
entering
Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]: fatal: mm_answer_audit_command:
error allocating a session Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]:
debug1: do_cleanup
Feb 17 16:14:01 is-rhsat-lv02 sshd[12985]: debug1: PAM: cleanup Feb 17
16:14:01 is-rhsat-lv02 sshd[12985]: debug1: PAM: closin...
2011 Jun 02
2
preauth privsep logging via monitor
...>
#endif
@@ -52,6 +60,7 @@
#include <openssl/dh.h>
#include "openbsd-compat/sys-queue.h"
+#include "atomicio.h"
#include "xmalloc.h"
#include "ssh.h"
#include "key.h"
@@ -179,6 +188,8 @@ int mm_answer_audit_event(int, Buffer *)
int mm_answer_audit_command(int, Buffer *);
#endif
+static int monitor_read_log(struct monitor *);
+
static Authctxt *authctxt;
static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
@@ -346,6 +357,10 @@ monitor_child_preauth(Authctxt *_authctx
debug3("preauth child monitor started");
+ clos...
2023 Jun 30
1
Subsystem sftp invoked even though forced command created
On 30/06/2023 09:56, Damien Miller wrote:
> It's very hard to figure out what is happening here without a debug log.
>
> You can get one by stopping the listening sshd and running it manually
> in debug mode, e.g. "/usr/sbin/sshd -ddd"
Or starting one in debug mode on a different port, e.g. "-p99 -ddd"