search for: requesttty

https://bugzilla.mindrot.org/show_bug.cgi?id=1995 Bug #: 1995 Summary: RequestTTY=no in config doesn't work if stdin is not a tty Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2...

https://bugzilla.mindrot.org/show_bug.cgi?id=1995 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Set all RESOLVED bugs to CLOSED with release

https://bugzilla.mindrot.org/show_bug.cgi?id=1995 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org Attachment #2171|

...s because of privilege separation, like e.g.: ??sshd(2931)???sshd(10174)???bash(10180) ? ??sshd(10000)???sshd(10050,someuser)???sleep(10051) When sending INT, TERM, QUIT or HUB to the 2nd process (10050), the first one always exits with and error, and the remote command gets a HUP when RequestTTY=yes|force or nothing when it's =no. When sending INT, TERM, QUIT or HUB to the 1st process (10000), than the second get the same (sent by the 1st) except for the case of QUIT. Plus the same behavior with the remote command (here sleep) as above, depending on RequestTTY (but of course, not work...

I noticed that this command returns NO through ssh: > $ ssh user at host "if [ -t 1 ]; then echo YES; else echo NO; fi" > NO and YES when run locally (of course): > $ if [ -t 1 ]; then echo YES; else echo NO; fi > YES I can't find any command line option related to running command remotely in terminal. I think users intuitively expect commands to be run in

...al Message----- From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org] On Behalf Of Scott Neugroschl Sent: Tuesday, August 09, 2016 1:04 PM To: Volker Diels-Grabsch; openssh-unix-dev at mindrot.org Subject: RE: Equivalent ssh_config setting for "ssh -N" RequestTTY no -----Original Message----- From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org] On Behalf Of Volker Diels-Grabsch Sent: Tuesday, August 09, 2016 9:19 AM To: openssh-unix-dev at mindrot.org Subject: Equivalent ssh_config setting for "ssh -N" Dear O...

We recently upgraded to openss 5.8p2 from a somewhat older version. This broke openssh login to ScreenOS devices. These devices don't support PTY allocation. Apparently, ssh now reacts to PTY allocation failure by failing the login. This is a change from the previous behavior. The simple workaround is ssh -T $device. I see in the ChangeLog that some device would hang with PTY allocation

Dear OpenSSH developers, Is there an equivalent ssh_config setting for the command line option ssh -N ... ? I want to connect to a server that doesn't provide an interactive shell but allows for port forwarding only. I'd love to configure this into my ~/.ssh/config as follows: Host foo Hostname ... Port ... User ... LocalForward ...

https://bugzilla.mindrot.org/show_bug.cgi?id=1815 Summary: RemoteCommand and PseudoTTY config options Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

Hi, AFAICT, there is no .ssh/config option for disabling pseudo-tty allocation. It would be nice to have one. Context: we're using gitolite in our project, and it sets things up to run a command with "no-pty". Every once in a while, users will try to ssh to the machine to see that things are working, and when they see the "PTY allocation request failed on channel 0"

I'm running a 5.0p1 derivative SSH server (that for various reasons I can not upgrade), on a host system that does not support PTYs. Attempts to connect to that sshd via sftp are failing due to an inability to allocate a pty. I can't really see a reason that an sftp session requires a pty. Is this addressed in later versions? Should I patch my system to avoid even trying to

https://bugzilla.mindrot.org/show_bug.cgi?id=1815 Tisza Gerg? <gtisza at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |gtisza at gmail.com --- Comment #5 from Tisza Gerg? <gtisza at gmail.com> --- One possible use case for

...uations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap. Portable OpenSSH: * sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit sandbox from the Linux SECCOMP filter sandbox when...

...uations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap. Portable OpenSSH: * sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit sandbox from the Linux SECCOMP filter sandbox when...

...host name. * ssh_config(5) "Host" options now support negated Host matching, e.g. Host *.example.org !c.example.org User mekmitasdigoat Will match "a.example.org", "b.example.org", but not "c.example.org" * ssh_config(5): a new RequestTTY option provides control over when a TTY is requested for a connection, similar to the existing -t/-tt/-T ssh(1) commandline options. * sshd(8): allow GSSAPI authentication to detect when a server-side failure causes authentication failure and don't count such failures against MaxA...

...host name. * ssh_config(5) "Host" options now support negated Host matching, e.g. Host *.example.org !c.example.org User mekmitasdigoat Will match "a.example.org", "b.example.org", but not "c.example.org" * ssh_config(5): a new RequestTTY option provides control over when a TTY is requested for a connection, similar to the existing -t/-tt/-T ssh(1) commandline options. * sshd(8): allow GSSAPI authentication to detect when a server-side failure causes authentication failure and don't count such failures against MaxA...

https://bugzilla.mindrot.org/show_bug.cgi?id=1986 Bug 1986 depends on bug 2023, which changed state. Bug 2023 Summary: MACs hmac-sha2-256-96 and hmac-sha2-512-96 rejected from new RFC https://bugzilla.mindrot.org/show_bug.cgi?id=2023 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW

...uations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap. Portable OpenSSH: * sshd(8): Allow sshd pre-auth sandboxing to fall-back to the rlimit sandbox from the Linux SECCOMP filter sandbox when...

...host name. * ssh_config(5) "Host" options now support negated Host matching, e.g. Host *.example.org !c.example.org User mekmitasdigoat Will match "a.example.org", "b.example.org", but not "c.example.org" * ssh_config(5): a new RequestTTY option provides control over when a TTY is requested for a connection, similar to the existing -t/-tt/-T ssh(1) commandline options. * sshd(8): allow GSSAPI authentication to detect when a server-side failure causes authentication failure and don't count such failures against MaxA...

...directly in SSHFP format. bz#2821 * regress tests: fix PuTTY interop test broken in last release's SSHv1 removal. bz#2823 * ssh(1): Compatibility fix for some servers that erroneously drop the connection when the IUTF8 (RFC8160) option is sent. * scp(1): Disable RemoteCommand and RequestTTY in the ssh session started by scp (sftp was already doing this.) * ssh-keygen(1): Refuse to create a certificate with an unusable number of principals. * ssh-keygen(1): Fatally exit if ssh-keygen is unable to write all the public key during key generation. Previously it would silently...