search for: ossh

...ix. 3) lost of warning. Most are ignorable. 4) Current patch *IS NOT* complete enough to support out of box next compiling. But it works against 1.2.2x ssh both client/server and works with itself. So it's progress. -------------- next part -------------- diff -ruN openssh-1.2.2/bsd-login.c ossh-1.2.2n/bsd-login.c --- openssh-1.2.2/bsd-login.c Sat Dec 25 17:21:48 1999 +++ ossh-1.2.2n/bsd-login.c Thu Jan 27 00:42:24 2000 @@ -48,9 +48,7 @@ #if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) # include <utmpx.h> #endif -#ifdef HAVE_UTMP_H -# include <utmp.h> -#endif + #incl...

All, We have recently updated our password aging to include setting inactivity days. We are running ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. Accounts that have been inactive still prompt to change passwords - if you telnet the same servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive accounts are bein...

...thing else. (Assume it comes binary only on Solaris for the sake of argument...) --Matt > -----Original Message----- > From: Damien Miller [mailto:djm at mindrot.org] > Sent: Tuesday, March 27, 2001 7:48 PM > To: Carson Gaspar > Cc: openssh-unix-dev at mindrot.org > Subject: Re: OSSH 2.5.2p2: Why is /usr/local/ put into the > include & lib > paths under Solaris? > > > On Tue, 27 Mar 2001, Carson Gaspar wrote: > > > I'd like to know why /usr/local/(include|lib) is added to the > > (include|library) path. I'd _especially_ like to know...

--sysconfdir configuration option doesn't work. sshd always try to open its config files from /usr/local/etc/ : pochini at orione:/home/pochini/openssh-2.9p2# sshd --help sshd: invalid option -- - sshd version OpenSSH_2.9p2 Usage: sshd [options] Options: -f file Configuration file (default /etc/ssh/sshd_config) [...] -h file File from which to read host key (default:

I've been trying to establish the following setup: * on port 22, a vanilla sshd that allows publickey and keyboard-interactive requests using only protocol v2 * on port 1022, a sshd that allows publickey, password and keyboard-interactive requests using both protocol 1 and 2 The first is meant to be open to the world, the second is accessible only from within the (firewalled) private

...ssue date: 8 February 2001 Author: Michal Zalewski <lcamtuf at razor.bindview.com> Contact: Scott Blake <blake at razor.bindview.com> CVE: CAN-2001-0144 Topic: Remotely exploitable vulnerability condition exists in most ssh daemon installations (F-SECURE, OpenSSH, SSH from ssh.com, OSSH). Tested against: ** Vulnerable: SSH 1.2.x (ssh.com) -- all recent releases F-SECURE SSH 1.3.x -- all recent releases OpenSSH prior to 2.3.0 (unless SSH protocol 1 support is disabled) OSSH 1.5.7 (by Bjoern Groenvall) and other ssh1/OpenSSH derived daemons ** N...

I'd like to know why /usr/local/(include|lib) is added to the (include|library) path. I'd _especially_ like to know why it's added before user-specified library directories such as OpenSSL. If I specify --with-openssl=/foo/openssl, I want to actually _use_ the version of openssl in /foo/openssl, not some version that may have been installed in /usr/local. This really makes no

Hello; Sorry for the crosspost/repost, but I am getting desparate here. I am having difficulties setting up ssh (ossh4.3p2 - NIS -Solaris8/Sparc) to authenticate and allow ossh access based on NIS netgroup. So, users and/or host should be from a valid netgroup triple, contained within the ossh servers .rhosts, .shosts, hosts.equiv and/or shosts.equiv. I am having alot of trouble getting NIS netgroup to work w...

I'm having trouble with users transferring files to a solaris box running ossh v2.3.1p1 via sftp using ssh.com's windows client. The sftp client appears not to respect the users umask, creating files with either mode 666 or 600. We're using version 2.4.0 of the windows client. Any ideas? thanks, -Brett ----------------- Brett Longworth Systems Manager Departmen...

...ot.org/show_bug.cgi?id=248 from the client, when I run scp to the server, I get: scp: warning: Executing scp1 compatibility. scp: FATAL: Executing ssh1 in compatibility mode failed (Check that scp1 is in your PATH). There are more details about this problem here: http://www.snailbook.com/faq/scp-ossh-to-ssh2.auto.html The problem seems to be that there is a new implementation of scp. Has anyone considered of supporting scp2 with openssh? Are there problems with it or isn't just anyone interested about writing the code for it?

What kind of connection delays are people seeing with Ossh 2.2.0p1?? One of the programmers here is seeing delays of up to 25s, which is clearly unacceptable. He's localized the problem to seeding the random number generator - it appears that the _minimum_ number of commands needed to seed the random number generator is 16. On his hosts (for a varie...

...computer communications protocol. For more than 5 years "SSH" has been used by T. Ylonen and others as a name for a computer communications protocol. The Internet community should be allowed to continue to do so, and also to name compatible implementations accordingly. As the creator of OSSH I would like to add that OSSH has been distributed since May 4:th 1999. So far, none of T. Ylonen's associaties have notified me of any unlawful use of the "SSH" trademark. Sincerely, Bj?rn Gr?nvall -- _ _ ,_______________. Bjor...

Hello, this is MAx Gregis from Italy. I send you this e.mail about privsep error with OSSH 3.4 on Solaris 2.6 an Solaris 7. Usually i find the error of compression disabled if i use SSHD qith inetd daemon. But if i put this entry: sshd:23:respawn:/usr/local/sbin/sshd -D > /dev/null 2>&1 in /etc/inittab ( and after a good "init q" for reading new inittab) In t...

...out something. I've searched the bug list and the mail archives but haven't seen another posting about this. Apologies if there is one and my eyes just slid right over it. I've run a configure with the following options, and with no options at all: ./configure --prefix=/usr/local/ossh --sysconfdir=/etc/ossh --with-tcpwrappers make clean make make install if test ! -z ""; then \ /usr/bin/perl ./fixprogs ssh_prng_cmds ; \ fi (cd openbsd-compat && make) make[1]: Entering directory `/usr/local/src/openssh-4.2p1/openbsd-compat' make[1]: Nothing to be...

http://bugzilla.mindrot.org/show_bug.cgi?id=80 ------- Additional Comments From eric-ossh at brouhaha.com 2002-08-22 04:57 ------- This "HostKeyAlias" business seems like a flimsy excuse for not implmeenting a feature that users want. In this age of ubiquitous firewalls and NAT, it is NOT reasonable to assume that two ports on the same IP address refer to the same host, or t...

...LSH Not. vulnerable. LSH does not support SSH protocol 1. JavaSSH Not vulnerable. The Java Telnet/SSH Applet (http://www.mud.de/se/jta/) does not include CRC attack detection. A security note regarding Java SSH plugin can be found on: http://www.mud.de/se/jta/doc/plugins/SSH.html OSSH (by Bjoern Groenvall) OSSH 1.5.7 and below is vulnerable. The problem has been fixed in version 1.5.8 Cisco SSH Cisco SSH does not appear to be vulnerable. Solution/Vendor Information/Workaround: The patch included should be applied to the file deattack.c from the ssh-1.2.31 (and below)...

On Wed, 6 Jun 2001, Markus Friedl posted the following to Bugtraq: > this feature [placing the X11 cookie file in /tmp] was inherited > from ossh and the reason was: > 1) if $HOME is on NFS, then the cookie travels unencrypted > over the network, this defeats the purpose of X11-fwding > 2) $HOME/.Xauthority gets polluted with temorary cookies. > however, i'm not sure whether the benefit justifies the comp...

...e ahead and applied Simon's KRB5 patch to openssh-3.1p1. I don't know how far along Simon is; for all I know he might have the definitive patch out tomorrow. So FWIW, here's what I have now. gunzip <openssh-3.1p1.krb5.patch.gz | patch -p0 autoconf ./configure --prefix=/usr/local/ossh --with-ssl-dir=/usr/local/ssl \ --with-kerberos5=/usr/local/krb5.123 |& tee results.config make |& tee results.make -- "My company prefers to have that kind of decision made by uninformed executives. We call it "Empowerment". --Dilbert s...

...--------------------------------------------------- About politics: Don't worry about results It's the thought that counts -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ossh-auth.c.patch.txt Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030919/9dc1fed6/attachment.txt

Hello; Forgive me for asking on this list, but I've noticed that their has been some recent changes to the code with regards to netgroup.h, and hoping that someone on this list can help, I've already tried the users list. I am having difficulties setting up ssh (ossh4.3p2 with PAM-enabled [DO I NEED IT?] - NIS -Solaris8/Sparc) to authenticate and allow users passwordless entry based solely on a user, or the host that they are on, being on a valid list of netgroup user/and/or/hosts contained in the server hosts .shosts or shosts.equiv. I assume that I am una...