search for: nentli

Displaying 19 results from an estimated 19 matches for "nentli".

Did you mean: nently
2009 Jan 30
1
Patch to log tunnel information
First, all credit to Vladimir Parkhaev as this is his code. He may have submitted this before for all I know, but I for one definitely would like to see this end up in the codebase, so I'm submitting it. *** openssh-5.1p1/serverloop.c Fri Jul 4 09:10:49 2008 --- openssh-5.1p1-RCFHACKS/serverloop.c Thu Jan 29 08:56:11 2009 *************** *** 957,962 **** --- 957,968 ---- c =
2007 Apr 24
1
Logging enhancement
I would like to suggest a logging enhancement that would contribute greatly to access auditing. Currently nothing is logged when a user connects to another server as a different user. The auditing trail is broken for tracing access. userA> ssh userB at hostB A simple syslog addition (for example) to ssh.c closes that gap. /* Log into the remote system. This never
2008 Feb 20
1
alignment problem in monitor_fdpass.c
Hi, After FreeBSD changed from using -O2 to using -O on their ARM port, I found that sshd stopped working. (gcc version 4.2.1 20070719 [FreeBSD]) I have downloaded openssh-SNAP-20080220.tar.gz and the code still look the same. Anyway looking into it, I found that the problem is in monitor_fdpass.c in the functions mm_send_fd and mm_receive_fd. Using -O2 used to align the tmp array on a 4 byte
2008 Sep 02
2
Queries on ssh_askpass
Hi, I had developed a program which spawns a shell where i am trying to use ssh commands to log into a linux server. There is a pop up dialog window which is prompting me for key-ing the password. Actually i want to get rid of this pop up dialog box, as i don't want this to be visible in my program/code execution. Could you please let me know is there any way to resolve and stop this
2008 Mar 07
1
Command-based ssh_config declarations
How difficult would it be to enhance the client ssh_config file to allow command-based declarations similar to that provided by the "Host" keyword? The main reason I need something like this is when ssh is used via CVS and Subversion. I want all CVS/Subversion traffic to use a different SSH port and different authentication options. So... you might have an ssh_config file that
2009 Jan 20
1
OpenSSH private key encryption: time for AES?
Hi, all. So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys should be, i realized that, if i update my 2048-bit keypairs to 4096 bits, it really doesn't matter that much, because they're still only encrypted with 3DES, which provides an effective 112 bits of symmetric encryption strength: $ head -4 ~/.ssh/id_rsa -----BEGIN RSA PRIVATE KEY----- Proc-Type:
2008 Dec 16
2
Request change to file match.c, function match_pattern_list
Greetings, This request is in the grey area between a bug report and an enhancement request. Request ------- Please apply the following diff (or something functionally similar) to file ``match.c'' in OpenSSH-5.1p1: 161a162,164 > } else { > if (negated) > got_positive = 1; /* Negative match, negated = Positive */ In case the lines above wrapped in the email
2006 May 10
2
Patch to add resume feature to scp
Dear all, I have enhanced scp to do the following. 1) Check the SHA1 checksums of the file fragments at the source and destination and resume file transfer from where it left off last time 2) If the file checksums match and size also matches, then the file is assumed to be identical and skipped, the user is also informed of the same 3) If the destination file size is larger than the source,
2007 Dec 26
1
sshd's -e doesn't work as expected
Hello, I'm running a sshd server using the -e flag so that I can capture its whole output and later send it to the user. I'm also setting LogLevel to DEBUG1 in the configuration file and I don't want to disturb syslogd. But the problem is that it doesn't work as expected (or as I expect, which I think should be the correct behavior). The log file ends up being empty because the
2008 Dec 09
2
Feature request: AlwaysDenyLogin, LoginDelayTime
Please consider adding the following features to sshd: 1. AlwaysDenyLogin - a setting that will result in always denying login regardless of the credentials given by the client. 2. LoginDelayTime - to specify a delay in milliseconds before the server responds to a client's login attempt. These would help to employ brute force bots. Regards
2008 Jul 15
2
Risk of StrictMode (but read only)
Is there a risk associated with having authorized_keys files set to readable but "StrictMode no"? I am thinking particularly in the case of having public keys all centralized in a directory in /etc or something. Is it really a potential hack vector if someone can read a public key, or is the only real danger if they were writable? --- Don Hoover dxh at yahoo.com
2008 Aug 20
1
using ssh-add unattended on dubious files -- how can i avoid a hang?
I need ssh-add to fail cleanly if it tries and fails to read a key, rather than prompting the user. I can't seem to figure out how to do that. This is on a Linux 2.6.26 system, running OpenSSH 5.1p1 (as built on debian lenny/sid) First, the things i've tried: * i've unset the DISPLAY and SSH_ASKPASS environment variables, so no X11-style prompting should happen. * i've
2006 Dec 01
2
mirroring a loop device across an ssh connection
all, I've been looking into a secure way of accessing a remote loopback encrypted partition securely via openssh. The basic idea I have currently is that a file/partition is connected to /dev/loop0 on a remote server, which I have an ssh connection to. I hold the key (for cryptsetup via dm_crypt) on the local client. I'd like to mirror the loop device of the server on the client.
2007 Dec 13
3
OpenSSH patches for Mac OS X
OpenSSH Unix Dev, Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build includes a number of patches, some general bug fixes and some platform- specific fixes and enhancements. These patches are available from our open source site (http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/ ). Following is a brief description of each patch. We'd be more than happy to
2008 Nov 11
2
Fwd: Permissions in chroot SFTP
Hi, I configured openssh 5.1p1 for sftp server. Here the specifications in sshd_config file: Subsystem sftp internal-sftp Match Group sftp ForceCommand internal-sftp ChrootDirectory /home/%u AllowTcpForwarding no When a user is logged in, he can't upload his document and he receives this message: carlo at Music:~$ sftp user at 213.217.147.123 Connecting to
2008 Nov 21
3
OpenSSH security advisory: cbc.adv
OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary
2008 Jan 31
1
RFC: ssh-copy-id tweaks
I'd like to propose a couple of tweaks to ssh-copy-id: o Change the default ID_FILE from identity.pub to id_dsa.pub or perhaps {id_dsa,id_rsa,identity}.pub to cover all the bases, although the patch below deals only with id_dsa.pub - it would need some more tweaking to deal with more than one (possibly non-existent) file. o If the destination authorized_keys file already contains the
2007 Jan 23
3
Move servers public/private keys to a new host
Is it possible to move a server's public and private keys from one host to another? Or perhaps a better way to ask what I really want... is it possible to configure a server on a new host to return the same public key it did on the old host? I'm in the process of migrating our CVS server from a Solaris host to a Linux host (this weekend) and I just realized the hostkey is going to
2008 Jun 12
2
Request for added functionality - tracking and blocking attacks
Somebody please forward this, if this is not an appropiate place to ask the OpenSSH developers for a new feature. As many of us have seen, any sshd left open on the internet eventually becomes the target of password guessing attacks. I am aware of tools for scanning the security logs, and manipulating iptables to block ongoing attacks, but I am not aware of a way to configure sshd itself to