Displaying 8 results from an estimated 8 matches for "num_auth_method".
Did you mean:
num_auth_methods
2014 Jun 19
1
AuthenticationMethods in sshd_config accepting empty method list
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everyone,
I just came across a contradiction between the man page of AuthenticationMethods and the accepted
methods list.
According to the sshd_config manual page:
"""
AuthenticationMethods
Specifies the authentication methods that must be successfully completed for a user to be granted
access. This option must be followed by one
2015 May 13
11
[Bug 2398] New: AuthenticationMethods doesn't have default value (inconsistency) and it accept empty value
...feature working, we need to choose value for ANY (proposed
"any"), use this value as default (enforced by
fill_default_server_options) and make sure that it is handled
everywhere in the code consistently. There are few design
consideration, before posting a patch:
* We can't use just num_auth_methods == 0, because this is considered
as not-defined and it can't override previously definde authentication
methods
* We can use enforce num_auth_methods == 1 && strcmp(auth_methods[0],
"any"), but it is not much elegant from my POV, but best I have got.
* We can use num_auth_m...
2014 Jun 23
2
ListenAdress Exclusion
I was wondering what everyone's thoughts were on a simpler way to exclude
addresses from having listeners on them.
I know a lot of people have multiple subnets, especially larger
corporations.
Some networks are non-route-able, and therefor unsuitable for use with SSH,
aside from communication between other servers on the same subnet.
Given that we may want to exclude those non-route-able
2024 Jan 18
2
[Bug 3657] New: AuthenticationMethods any apparently not possible after previous non-any assignment
...ntu0.11, OpenSSL 1.1.1f 31 Mar 2020
I think I have narrowed it down to the code change in commit a10f929d1,
between 8.6 and 8.7:
servconf.c:process_server_config_line_depth(...)
case sAuthenticationMethods:
...
The code, before and after this change, rejects "any" if
options->num_auth_methods>0.
The working code ensures this to be 0 at the start of the loop with a
surrounding if, so this does not trigger.
The changed code misses the surrounding if.
It may be that the old code resets the num_auth_count before processing
the config line and the new code does not.
But this seems to...
2015 Jun 02
3
OpenSSH Linux portable patch proposal
Dear OpenSSH Developers,
I would like to propose a patch to OpenSSH for Linux. In the recent few
months, I have encountered a scenario where a PAM module used for
authentication in SSH should be informed about the previous successful
authentication methods. I described the complete scenario here:
2014 Feb 10
0
[PATCH] Basic SCTP support for OpenSSH client and server
...int(sListenViaSCTP, o->listen_via_sctp);
+#endif
/* formatted integer arguments */
dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
diff --git a/servconf.h b/servconf.h
index 752d1c5..77bb49e 100644
--- a/servconf.h
+++ b/servconf.h
@@ -183,6 +183,8 @@ typedef struct {
u_int num_auth_methods;
char *auth_methods[MAX_AUTH_METHODS];
+
+ int listen_via_sctp;
} ServerOptions;
/* Information about the incoming connection as used by Match */
diff --git a/ssh.c b/ssh.c
index add760c..c2f663c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -196,7 +196,7 @@ static void
usage(void)
{
fpri...
2020 Mar 24
4
ZSTD compression support for OpenSSH
I hacked zstd support into OpenSSH a while ago and just started to clean
it up in the recent days. The cleanup includes configuration support
among other things that I did not have.
During testing I noticed the following differences compared to zlib:
- highly interactive shell output (as in refreshed at a _very_ high
rate) may result in higher bandwidth compared to zlib. Since zstd is
quicker
2020 Sep 05
8
[PATCH 0/5] ZSTD compression support for OpenSSH
I added ZSTD support to OpenSSH roughly over a year and I've been
playing with it ever since.
The nice part is that ZSTD achieves reasonable compression (like zlib)
but consumes little CPU so it is unlikely that compression becomes the
bottle neck of a transfer. The compression overhead (CPU) is negligible
even when uncompressed data is tunneled over the SSH connection (SOCKS
proxy, port