Displaying 7 results from an estimated 7 matches for "privsep_preauth_child".
2013 Mar 13
2
Time zone for chrooted internal-sftp?
Hi,
A question regarding chroot, internal-sftp, and time zones: Is it possible to get the time stamps presented by the chrooted internal-sftp to always be aligned with the system global time zone setting?
What is the reason this not done by default, that is couldn't the chrooted internal-sftp inherit the time zone information from the SSH daemon?
/John
--
John Olsson
Ericsson AB
2002 Sep 11
1
tru64 sia: move call of session_setup_sia() to do_setusercontext(), letting grantpty() and friends handle pty perms
...the device permissions. Logging in with this method shows that a utmp
entry does get made for the tty. There are several issues I see with this
configuration, but I don't think any pose insurmountable problems:
- There is an #if'd-out call to do_setusercontext() in the subroutine
privsep_preauth_child(), which means that the SSH_PRIVSEP_USER would
be run through the session_setup_sia() should the '#if 0' preprocessor
directive be removed. I don't want SSH_PRIVSEP_USER to be passed
through session_setup_sia(), because I like that account to be locked
and the sessi...
2011 Jun 22
3
sandbox pre-auth privsep child
...ld terminated by signal %d",
+ __func__, WTERMSIG(status));
+ if (box != NULL)
+ ssh_sandbox_parent_finish(box);
+ return 1;
} else {
/* child */
close(pmonitor->m_sendfd);
@@ -659,8 +676,11 @@ privsep_preauth(Authctxt *authctxt)
if (getuid() == 0 || geteuid() == 0)
privsep_preauth_child();
setproctitle("%s", "[net]");
+ if (box != NULL)
+ ssh_sandbox_child(box);
+
+ return 0;
}
- return (0);
}
static void
2006 Jan 08
3
Allow --without-privsep build.
...r->m_pid, SIGALRM);
-
+#endif
/* Log error and exit. */
fatal("Timeout before authentication for %s", get_remote_ipaddr());
}
@@ -536,6 +539,7 @@ demote_sensitive_data(void)
/* We do not clear ssh1_host key and cookie. XXX - Okay Niels? */
}
+#ifdef USE_PRIVSEP
static void
privsep_preauth_child(void)
{
@@ -678,6 +682,7 @@ privsep_postauth(Authctxt *authctxt)
*/
packet_set_authenticated();
}
+#endif /* USE_PRIVSEP */
static char *
list_hostkey_types(void)
@@ -1691,10 +1696,11 @@ main(int ac, char **av)
/* prepare buffer to collect messages to display to user after login */
b...
2003 Oct 28
2
Privilege separation
...for privilege separation */
int use_privsep;
struct monitor *pmonitor;
+#endif /* DISABLE_PRIVSEP */
/* message to be displayed after login */
Buffer loginmsg;
@@ -526,6 +528,7 @@
/* We do not clear ssh1_host key and cookie. XXX - Okay Niels? */
}
+#ifndef DISABLE_PRIVSEP
static void
privsep_preauth_child(void)
{
@@ -674,6 +677,7 @@
/* It is safe now to apply the key state */
monitor_apply_keystate(pmonitor);
}
+#endif /* DISABLE_PRIVSEP */
static char *
list_hostkey_types(void)
@@ -1034,6 +1038,7 @@
}
}
+#ifndef DISABLE_PRIVSEP
if (use_privsep) {
struct passwd *pw;
struct s...
2008 Apr 21
3
FIPS 140-2 OpenSSL(2007) patches
Hi,
I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with
FIPS 140-2 OpenSSL.
These are based on previously reported patches by Steve Marquess
<marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>,
for ver. OpenSSH 3.8.
Note that these patches are NOT OFFICIAL, and MAY be used freely by
anyone.
Issues [partially] handled:
SSL FIPS Self test.
RC4,
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |