search for: mm_is_monitor

Displaying 6 results from an estimated 6 matches for "mm_is_monitor".

2011 Oct 20
2
[Bug 1945] New: Only 1 of the 2 krb cache files is removed on closing the ssh connection with UsePrivilegeSeparation=yes
...rw------- 1 test users 416 Oct 20 14:03 /tmp/krb5cc_243_245 I have tested this on hpux but believe the same behaviour on other OS as well. Probable fix is to change the condition in sshpam_cleanup(void)/auth-pam.c < if (sshpam_handle == NULL || (use_privsep && !mm_is_monitor())) --- > if (sshpam_handle == NULL && (use_privsep && !mm_is_monitor())) -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
2006 Feb 12
1
sshd double-logging
...24:03 -0000 @@ -231,6 +231,15 @@ auth_log(Authctxt *authctxt, int authent void (*authlog) (const char *fmt,...) = verbose; char *authmsg; +#if 0 + logit("authenticated %d method %s info '%s' postponed %d monitor %d", + authenticated, method, info, authctxt->postponed, mm_is_monitor()); +#endif + authlog = logit; /* XXX for testing only */ + + if (use_privsep && !mm_is_monitor() && !authctxt->postponed) + return; + /* Raise logging level */ if (authenticated == 1 || !authctxt->valid || Index: monitor.c ==========================================...
2013 Oct 31
9
[Bug 2167] New: Connection remains when fork() fails.
https://bugzilla.mindrot.org/show_bug.cgi?id=2167 Bug ID: 2167 Summary: Connection remains when fork() fails. Product: Portable OpenSSH Version: 5.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at
2020 Mar 11
6
[PATCH 0/1] *** SUBJECT HERE ***
Hi, sifting through my system's logs, I noticed many break-in attempts by rogue ssh clients trying long lists of common passwords. For some time now I pondered different approaches to counter these, but could not come up with a solution that really satisfied me. I finally reached the conclusion that any countermeasures required support in sshd itself, and created the attached patch. If
2011 Jun 02
2
preauth privsep logging via monitor
...ut_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4); + if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg), + buffer_len(&log_msg)) != buffer_len(&log_msg)) + fatal("%s: write: %s", __func__, strerror(errno)); + buffer_free(&log_msg); +} + int mm_is_monitor(void) { Index: monitor_wrap.h =================================================================== RCS file: /var/cvs/openssh/monitor_wrap.h,v retrieving revision 1.29 diff -u -p -r1.29 monitor_wrap.h --- monitor_wrap.h 5 Mar 2009 13:58:22 -0000 1.29 +++ monitor_wrap.h 2 Jun 2011 03:58:14 -0000 @@...
2004 Jan 26
6
OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos
Rather then implementing kafs in MIT Kerberos, I would like to suggest an alternative which has advantages to all parties. The OpenSSH sshd needs to do two things: (1) sets a PAG in the kernel, (2) obtains an AFS token storing it in the kernel. It can use the Kerberos credentials either obtained via GSSAPI delegation, PAM or other kerberos login code in the sshd. The above two