search for: monitor_apply_keyst

...E Linux <selinux at tycho.nsa.gov> Cc: Colin Watson <cjwatson at debian.org> #ifdef DISABLE_FD_PASSING if (1) { #else if (authctxt->pw->pw_uid == 0 || options.use_login) { #endif /* File descriptor passing is broken or root login */ monitor_apply_keystate(pmonitor); use_privsep = 0; return; } When browsing the ssh source I noticed the above in sshd.c. It appears from a casual inspection that we should change this and remove the check for pw_uid == 0. Logging in as root in SE Linux does not mean that we...

On Sun, Mar 01, 2015 at 03:23:04AM +1100, Damien Miller wrote: > > > On Sat, 28 Feb 2015, The Doctor wrote: > > > BSD/OS issues > > > > with 1.0.2a dev > > Thanks for testing. > You are welcome. > > make tests > > > > regress/netcat.c:656: `on' undeclared (first use in this function) > > regress/netcat.c:656: (Each

...itor_read_log: child log fd closed debug3: mm_share_sync: Share sync debug3: mm_share_sync: Share sync end debug1: temporarily_use_uid: 934/55 (e=0/0) debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism debug1: restore_uid: 0/0 User child is on pid 7678 debug1: permanently_set_uid: 934/55 debug3: monitor_apply_keystate: packet_set_state debug2: set_newkeys: mode 0 debug2: set_newkeys: mode 1 debug1: ssh_packet_set_postauth: called debug3: ssh_packet_set_state: done debug3: notify_hostkeys: key 1: ssh-rsa SHA256:XXXXXXXXX debug3: notify_hostkeys: key 2: ssh-dss SHA256:XXXXXXXXX debug3: notify_hostkeys: sent 2 h...

After upgrading a Linux system from OpenSSH 6.7 to 6.9, Cisco switches/routers can no longer scp config files to/from the system. The last debug entry before the Cisco device closes the connection is "debug1: server_input_channel_open: confirm session". The next line is "Connection closed by x.x.x.x". Anyone else seen this or know of a fix? The Cisco device gives

...P */ /* message to be displayed after login */ Buffer loginmsg; @@ -526,6 +528,7 @@ /* We do not clear ssh1_host key and cookie. XXX - Okay Niels? */ } +#ifndef DISABLE_PRIVSEP static void privsep_preauth_child(void) { @@ -674,6 +677,7 @@ /* It is safe now to apply the key state */ monitor_apply_keystate(pmonitor); } +#endif /* DISABLE_PRIVSEP */ static char * list_hostkey_types(void) @@ -1034,6 +1038,7 @@ } } +#ifndef DISABLE_PRIVSEP if (use_privsep) { struct passwd *pw; struct stat st; @@ -1056,6 +1061,7 @@ fatal("%s must be owned by root and not group or "...

On 30/06/2023 09:56, Damien Miller wrote: > It's very hard to figure out what is happening here without a debug log. > > You can get one by stopping the listening sshd and running it manually > in debug mode, e.g. "/usr/sbin/sshd -ddd" Or starting one in debug mode on a different port, e.g. "-p99 -ddd"

...debug1: monitor_read_log: child log fd closed Jul 7 11:52:16 TOTO sshd[19126]: debug3: ssh_sandbox_parent_finish: finished Jul 7 11:52:16 TOTO sshd[19126]: User child is on pid 19553 Jul 7 11:52:16 TOTO sshd[19553]: debug1: permanently_set_uid: 1001/1001 Jul 7 11:52:16 TOTO sshd[19553]: debug3: monitor_apply_keystate: packet_set_state Jul 7 11:52:16 TOTO sshd[19553]: debug2: set_newkeys: mode 0 Jul 7 11:52:16 TOTO sshd[19553]: debug1: rekey after 4294967296 blocks Jul 7 11:52:16 TOTO sshd[19553]: debug2: set_newkeys: mode 1 Jul 7 11:52:16 TOTO sshd[19553]: debug1: rekey after 4294967296 blocks Jul 7 11:...

http://bugzilla.mindrot.org/show_bug.cgi?id=296 ------- Additional Comments From bugzilla-openssh at thewrittenword.com 2002-06-26 01:20 ------- Are you sure? I have 3.3p1 running on 4.0D and 5.1 and I can connect as non-root. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hi, OpenSSH 7.2 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains many bugfixes and several new features. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is available via Git at https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at

Hi, OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at