search for: printmotd

https://bugzilla.mindrot.org/show_bug.cgi?id=1031 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Blocks| |2594 Resolution|--- |FIXED

...he older implementation of ssh, and |host01 is a potato system running OpenSSH. |I would like to suggest that OpenSSH be modified to suppress printing the |motd if the -t option is used and it is a non-login session, ie, the |connection is opened for command processing only. |bj at host00:~$ grep PrintMotd /etc/ssh/sshd_config |PrintMotd yes |bj at host01:~$ grep PrintMotd /etc/ssh/sshd_config |PrintMotd no Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853 -------------- next part --------------...

...perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config +[ "${USEPAM}" = yes ] && \ + perl -p -i -e "s/#UsePAM yes/UsePAM yes/" \ $FAKE_ROOT/${sysconfdir}/sshd_config # fix PrintMotd perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \

...Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: shriniva at us.ibm.com Hi, We are having problem with banner (/etc/issue)... it is displaying twice when we login to the server by using ssh.. we also edited sshd_config file and added this information (PrintMotd no) and restarted the sshd daemon .. still the problem exists... pls help me to fix this Thanks in Advance, srinivas ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...uot;. If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #UseLogin no # For auditing UseLogin yes #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 # no default banner path #Banner...

>Personally, (Just my IMHO) CheckMail should go away. There are too >many different formats and it should not be SSHD's job to understand >them. It's biff and other evil program's responsiblity to do such >things. And IMHO PrintMOTD as well, since both CheckMail and PrintMOTD are often implemented either in a PAM module on some Linux systems or via the global shell profile (/etc/profile, /etc/.login) on others. Getting rid of both of these gets rid of big chunk of code of of sshd that is too heavily indented. I also think th...

...1; + if (options->print_lastlog == -1) + options->print_lastlog = 1; if (options->x11_forwarding == -1) options->x11_forwarding = 0; @@ -209,5 +212,6 @@ typedef enum { sChallengeResponseAuthentication, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, - sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, + sPrintMotd, sPrintLastLog, sIgnoreRhosts, + sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, sUseLogin, sAllowTcpForwarding, @@ -254,4 +258,5 @@ static struct { { "listenaddress&q...

...hostsRSAAuthentication -#IgnoreUserKnownHosts yes - -# # The following setting overrides permission checks on host key files # and directories. For security reasons set this to "yes" when running # NT/W2K, NTFS and CYGWIN=ntsec. StrictModes no -X11Forwarding no -X11DisplayOffset 10 -PrintMotd yes -KeepAlive yes - -# Logging -SyslogFacility AUTH -LogLevel INFO -#obsoletes QuietMode and FascistLogging +RSAAuthentication yes +PubkeyAuthentication yes +#AuthorizedKeysFile %h/.ssh/authorized_keys +# rhosts authentication should not be used RhostsAuthentication no -# +# Don't read...

.../usr/local/etc/ssh/ssh_host_key HostKey /usr/local/etc/ssh/ssh_host_rsa_key HostKey /usr/local/etc/ssh/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin no IgnoreRhosts yes RhostsRSAAuthentication StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes PrintLastLog no SyslogFacility AUTH LogLevel INFO RhostsRSAAuthentication no HostbasedAuthentication no RSAAuthentication yes PasswordAuthentication yes PermitEmptyPasswords no UsePAM yes #ChallengeResponseAuthentication no KerberosAuthentication no UseLogin no Banner /usr/local/e...

...nfiguration file. " Port 22 ListenAddress 0.0.0.0 HostKey /etc/ssh_host_key RandomSeed /etc/ssh_random_seed ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 7200 PermitRootLogin yes IgnoreRhosts no StrictModes yes QuietMode no X11Forwarding yes X11DisplayOffset 10 FascistLogging no PrintMotd yes KeepAlive yes SyslogFacility DAEMON RhostsAuthentication yes RhostsRSAAuthentication yes RSAAuthentication no PasswordAuthentication yes PermitEmptyPasswords no UseLogin no " The rest of the detail is in the attached text file. I hope that is enough info. regards, Mike Rose ---------...

...68 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords,...

...hallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no #X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #KeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #MaxStartups 10 # no default banner path #Banner /some/path #VerifyReverseMapping no # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server ------...

...#39;' #PAMAuthenticationViaKbdInt yes # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes X11Forwarding yes X11DisplayOffset 256 PrintMotd no #PrintLastLog no KeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net #ReverseMappingCheck yes Subsystem sftp /opt/talisen/ssh/rsftp-server --------- end of file --------- Anyone know what I''m missing? Thanks in advance, JJ

...00.100.100) /etc/ssh/sshd_config: Port 22 Protocol 2,1 ListenAddress 0.0.0.0 HostKey /etc/ssh/ssh_host_key HostDSAKey /etc/ssh/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin no IgnoreRhosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes /etc/ppp/options: lock local noauth proxyarp Client information: *Stock Redhat 6.2 machine running a 2.2.17pre20 kernel OpenSSH version 2.2.0p1 (downloaded as Redhat RPMs, revision 2) OpenSSL version 0.9.5a (downloaded as Redhat RPMs, revision 3) PPP version 2.3.11 /etc/ssh/ssh...

...768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # RSAAuthentication yes # To disable tunneled clear text password...

Hi. Solaris packages created by buildpkg.sh don't create privsep user or group and sshd won't start until they are created (or privsep is disabled): ## Executing postinstall script. starting /usr/local/sbin/sshd... Privilege separation user sshd does not exist /etc/init.d/opensshd: Error 255 starting /usr/local/sbin/sshd... bailing. The attached patch (against -cvs) ports the relevant

...tRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no UsePAM yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 # no default banner path #Banner /some/path # override default of no...

...or +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no # To disable tunneled clear text passwords, change to no here! -PasswordAuthentication yes -PermitEmptyPasswords no +#PasswordAuthentication yes +#PermitEmptyPasswords no -X11Forwarding no -X11DisplayOffset 10 -PrintMotd yes -#PrintLastLog no -KeepAlive yes +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes + +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#KeepAlive yes #UseLogin no +UsePrivilegeSeparation $privsep_used +#Compression...

http://bugzilla.mindrot.org/show_bug.cgi?id=1180 Summary: Add finer-grained controls to sshd Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dtucker at

...og in. I thought this was ssh would work with the following sshd_config file: --- BEGIN FILE --- Port 22 ListenAddress 0.0.0.0 HostKey /etc/ssh/ssh_host_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes StrictModes yes X11Forwarding yes X11DisplayOffset 10 PrintMotd yes KeepAlive yes CheckMail no UseLogin no SyslogFacility AUTH LogLevel INFO RhostsRSAAuthentication yes IgnoreRhosts yes RhostsAuthentication no IgnoreUserKnownHosts yes RSAAuthentication yes PasswordAuthentication no PermitEmptyPasswords no ---- END FILE --- But, it turns out, that as long as au...