search for: num_remote_forwards

Displaying 20 results from an estimated 20 matches for "num_remote_forwards".

2023 Jun 09
1
Question About Dynamic Remote Forwarding
Hi all, When a client requests dynamic remote forwarding with -R it delays forking into the background. In ssh.c we see if (options.fork_after_authentication) { if (options.exit_on_forward_failure && options.num_remote_forwards > 0) { debug("deferring postauth fork until remote forward " "confirmation received"); } else fork_postauth(ssh); } This seems to depend on forwarding_success() for it to then call fork_postauth. If I'm reading this corr...
2001 Oct 18
1
Patch for SSH-tunneling via HTTPS-proxy
...f diff --unified --recursive openssh-2.9.9p2.orig/readconf.c openssh-2.9.9p2.httpsproxy/readconf.c --- openssh-2.9.9p2.orig/readconf.c Thu Oct 18 11:53:43 2001 +++ openssh-2.9.9p2.httpsproxy/readconf.c Thu Oct 18 11:55:48 2001 @@ -789,6 +789,7 @@ options->num_local_forwards = 0; options->num_remote_forwards = 0; options->clear_forwardings = -1; + options->https_proxy = NULL; options->log_level = (LogLevel) - 1; options->preferred_authentications = NULL; options->bind_address = NULL; diff --unified --recursive openssh-2.9.9p2.orig/readconf.h openssh-2.9.9p2.httpsproxy/readconf.h...
2023 Jun 10
1
Question About Dynamic Remote Forwarding
...un 2023, Chris Rapier wrote: > Hi all, > > When a client requests dynamic remote forwarding with -R it delays forking > into the background. In ssh.c we see > > if (options.fork_after_authentication) { > if (options.exit_on_forward_failure && > options.num_remote_forwards > 0) { > debug("deferring postauth fork until remote forward " > "confirmation received"); > } else > fork_postauth(ssh); > } > > > This seems to depend on forwarding_success() for it to then call > fork...
2001 May 18
0
PATCH: implement delay (sleep) after last tunnelled connection exits
..., { NULL, 0 } }; @@ -494,6 +495,10 @@ intptr = &options->connection_attempts; goto parse_int; + case oSleep: + intptr = &options->sleep; + goto parse_int; + case oCipher: intptr = &options->cipher; arg = strdelim(&s); @@ -761,6 +766,7 @@ options->num_remote_forwards = 0; options->log_level = (LogLevel) - 1; options->preferred_authentications = NULL; + options->sleep = -1; } /* diff -ur openssh-2.9p1/readconf.h openssh-2.9p1S/readconf.h --- openssh-2.9p1/readconf.h Tue Apr 17 12:11:37 2001 +++ openssh-2.9p1S/readconf.h Thu May 17 19:23:25 2001...
2001 Sep 05
2
sshd hangs on logout -- is this a bug?
In the changelog, there is an entry: 20001129 - (djm) Back out all the serverloop.c hacks. sshd will now hang again if there are background children with open fds. Does this mean that this is regarded as expected (and correct) behavior, that should not change in the future, or does it mean that this behavior is a known problem that someone will eventually fix? --Adam -- Adam McKenna
2000 Aug 05
0
Protocol 2 and fork
...d) == 0) tty_flag = 1; @@ -511,6 +507,29 @@ /* reinit */ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); + /* -N option only makes sense with protocol 2. It doesn't make sense + without port forwarding ?????? + */ + if ( options.num_local_forwards == 0 && options.num_remote_forwards == 0 && + no_shell_flag ) { + fprintf(stderr, "-N makes sense only with port forwardings\n"); + usage(); + /* NOT REACHED */ + } + if ((options.protocol & SSH_PROTO_2) && no_shell_flag && + buffer_len(&command) > 0) { + fprintf(stderr,"-N...
2004 Aug 05
1
LocalForward and RemoteForward bind patch
...host_port; @@ -226,14 +227,15 @@ */ void -add_remote_forward(Options *options, u_short port, const char *host, - u_short host_port) +add_remote_forward(Options *options, const char *listen_host, u_short port, + const char *host, u_short host_port) { Forward *fwd; if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many remote forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->remote_forwards[options->num_remote_forwards++]; + fwd->listen_host = listen_host == NULL ? NULL : xstrdup(listen_host); fwd->po...
2001 Sep 28
3
openssh-2.9p2, short hostnames
For systems where the local hostname is obtained as a short name without domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x from ssh.com. For the server, there might be a corresponding option in order to strip the domain name from the remote client name (if it matches the server's DefaultDomain) for use in auth_rhost2, since netgroups usually contain short
2001 Jun 06
0
snk authentication
...6 +436,10 @@ charptr = &options->system_hostfile; goto parse_string; + case oSNKFile: + charptr = &options->snk_keyfile; + goto parse_string; + case oUserKnownHostsFile: charptr = &options->user_hostfile; goto parse_string; @@ -761,6 +766,7 @@ options->num_remote_forwards = 0; options->log_level = (LogLevel) - 1; options->preferred_authentications = NULL; + options->snk_keyfile = NULL; } /* diff -NuBw openssh-2.9p1/readconf.h openssh/readconf.h --- openssh-2.9p1/readconf.h Tue Apr 17 14:11:37 2001 +++ openssh/readconf.h Wed Jun 6 15:07:34 2001 @@ -...
2000 Aug 15
0
Experimental -R support patch for openssh client
...ssh-2.1.1p4/ssh.c openssh-2.1.1p4-jhchanges/ssh.c --- openssh-2.1.1p4/ssh.c Sat Jul 15 07:14:17 2000 +++ openssh-2.1.1p4-jhchanges/ssh.c Mon Aug 14 20:04:53 2000 @@ -891,6 +891,22 @@ } } +/* Jarno: ssh2_session calls this */ +void +init_remote_fwd(void) +{ + int i; + for (i = 0; i < options.num_remote_forwards; i++) { + debug("Connections to remote port %d forwarded to local address %.200s:%d", + options.remote_forwards[i].port, + options.remote_forwards[i].host, + options.remote_forwards[i].host_port); + channel_request_remote_forwarding(options.remote_forwards[i].port,...
2001 Sep 28
1
[PATCH] fix for Linux hang on exit bug in 2.9.9p2
...nd_address = NULL; options->smartcard_device = NULL; + options->sleep = -1; } /* diff -u openssh-2.9.9p2/readconf.h openssh-2.9.9p2J/readconf.h --- openssh-2.9.9p2/readconf.h Wed Sep 19 18:57:56 2001 +++ openssh-2.9.9p2J/readconf.h Thu Sep 27 22:01:07 2001 @@ -101,6 +101,7 @@ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; + int sleep; /* Exit delay in seconds */ } Options; diff -u openssh-2.9.9p2/session.c openssh-2.9.9p2J/session.c --- openssh-2.9.9p2/session.c Sun Sep 16 16:17:15 2001 +++ openssh-2.9.9p2J/se...
2000 Aug 23
1
Protocol 2 remote forwarding patch
...d) == 0) tty_flag = 1; @@ -511,6 +507,29 @@ /* reinit */ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); + /* -N option only makes sense with protocol 2. It doesn't make sense + without port forwarding ?????? + */ + if ( options.num_local_forwards == 0 && options.num_remote_forwards == 0 && + no_shell_flag ) { + fprintf(stderr, "-N makes sense only with port forwardings\n"); + usage(); + /* NOT REACHED */ + } + if ((options.protocol & SSH_PROTO_2) && no_shell_flag && + buffer_len(&command) > 0) { + fprintf(stderr,"-N...
2010 Jan 14
1
ssh(1) multiplexing rewrite
..._OK); + goto out; + } } - if (errno == ENOENT) - debug("Control socket \"%.100s\" does not exist", path); - else { - error("Control socket connect(%.100s): %s", path, - strerror(errno)); + break; + case MUX_FWD_REMOTE: + for (i = 0; i < options.num_remote_forwards; i++) { + if (compare_forward(&fwd, + options.remote_forwards + i)) + goto exists; } - close(sock); + break; + } + + if (options.control_master == SSHCTL_MASTER_ASK || + options.control_master == SSHCTL_MASTER_AUTO_ASK) { + if (!ask_permission("Open %s on %s?", fw...
2006 Feb 04
2
[PATCH] allow user to update changed key in known_hosts
...error("%s host key for %.200s has changed and you have " "requested strict checking.", type, host); goto fail; } + + /* * If strict host key checking has not been requested, allow @@ -814,13 +764,6 @@ options.num_local_forwards = options.num_remote_forwards = 0; } - /* - * XXX Should permit the user to change to use the new id. - * This could be done by converting the host key to an - * identifying sentence, tell that the host identifies itself - * by that sentence, and ask the user if he/she whishes to - * accept the authentication. -...
2001 Feb 10
3
Protocol 2 remote forwarding patch
...s[i].host, options.local_forwards[i].host_port, - options.gateway_ports); + options.gateway_ports, 0); + } +} + +/* Jarno Huuskonen: ssh2 client calls this to initiate remote port forwarding + * requests. + */ +void +init_remote_fwd(void) +{ + int i; + for (i = 0; i < options.num_remote_forwards; i++) { + debug("Connections to remote port %d forwarded to local address %.200s:%d", + options.remote_forwards[i].port, + options.remote_forwards[i].host, + options.remote_forwards[i].host_port); + channel_request_remote_forwarding(options.remote_forwards[i].port,...
2005 Jan 24
17
[Bug 413] Port forwarding: [localhost:]localport:remotehost:remoteport
http://bugzilla.mindrot.org/show_bug.cgi?id=413 ------- Additional Comments From dtucker at zip.com.au 2005-01-24 14:27 ------- Created an attachment (id=782) --> (http://bugzilla.mindrot.org/attachment.cgi?id=782&action=view) forward-bind.sh: regression test for binding port forwards to addresses Current limitations of test: - no testing of IPv6 - no testing of backwards compat
2012 May 03
5
[PATCH/RFC 0/6] New mux client request to list open tcp forwardings.
These patches implement a new mux client request to list the currently opened TCP forwardings. It also removes some todos regarding keeping the list of forwardings in the options up-to-date. Bert Wesarg (6): attach the forwarding type to struct Forward merge local and remote forward lists generate unique ids for forwardings to be used for identification remove closed forwardings from
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the
2001 Oct 16
1
Defeating Timing Attacks Patch for OpenSSH 2.9.9p2 and 2.9p2
...d by Begin SD Mod and End SD Mod. + * + * The last change was committed on 10/3/2001. + *************************************************************************** */ /* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */ @@ -101,6 +127,14 @@ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; + + /* + * SD Mod: Added option to use steno timing manipulation. + * By default, timing analysis evasion is used. The -S flag + * must be used to turn off this feature....
2001 Oct 06
1
Defeating Timing Attacks
Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,