search for: restore_uid

...e for quinot from 10.10.0.172 port 35503 ssh2 debug1: userauth-request for user quinot service ssh-connection method hostbased debug1: attempt 1 failures 1 debug1: userauth_hostbased: cuser quinot chost vienna.int.domain.com. pkalg s sh-dss slen 55 debug1: temporarily_use_uid: 529/101 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 529/101 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 529/101 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 529/101 (e=0) debug1: restore_uid Failed hostbased for quinot from 10.10.0.172 port 35503 ssh2 debug1: userauth-request for user quinot service...

...userauth-request for user test service ssh-connection method publickey debug1: attempt 1 failures 0 debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 63203/54000 (e=0/0) debug1: trying public key file /etc/sshtest/authorized_keys debug1: fd 5 clearing O_NONBLOCK debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 63203/54000 (e=0/0) debug1: trying public key file /etc/sshtest/authorized_keys debug1: fd 5 clearing O_NONBLOCK debug1: restore_uid: 0/0 Failed publickey for test from 172.31.43.3 port 2991 ssh2 debug1: userauth-request for user test service ssh-connection method...

...es 1 Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: userauth_hostbased: cuser patrol chost aixhost1.Stanford.EDU. pkalg ssh-dss slen 55 Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: temporarily_use_uid: 6737/1012 (e=0) Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: restore_uid Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: temporarily_use_uid: 6737/1012 (e=0) Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: restore_uid Jan 10 13:31:15 sunhost.stanford.edu sshd[6832]: debug1: temporarily_use_uid: 6737/1012 (e=0) Jan 10 13:31:15 sunhost.stanford.edu ssh...

Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>

...n 255) 3:33pm.orangecrush: ~> ssh -v qacrmdb -n /bin/true OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 504 geteuid 504 anon 1 debug1: Connecting to qacrmdb [10.43.0.61] port 22. debug1: temporarily_use_uid: 504/504 (e=504) debug1: restore_uid debug1: temporarily_use_uid: 504/504 (e=504) debug1: restore_uid debug1: Connection established. debug1: identity file /home/ipopov...

...file %s", file); > > /* Fail quietly if file does not exist */ > /* If UsePriviledgeSeperation is yes, stat() always fails. */ > if (stat(file, &st) < 0) { > /* Restore the privileged uid. */ > debug("Public key file does not exist."); > restore_uid(); > return 0; > } > > /* Open the file containing the authorized keys. */ > f = fopen(file, "r"); > if (!f) { > packet_send_debug("Could not open file %.900s > for reading.",file); > packet_send_debug(&q...

...or a hosts.deny in the etc directory. I ran ssh -v localhost and this is what I got... # ssh -v localhost OpenSSH_2.9, SSH protocols 1.5/2.0, OpenSSL 0x0090581f debug1: Reading configuration data /etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 0 geteuid 0 anon 1 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: temporarily_use_uid: 0/0 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 0/0 (e=0) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type DSA debug...

All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid

...t st; Key *key; /* Temporarily use the user's uid. */ @@ -183,26 +182,9 @@ file = authorized_keys_file(pw); debug("trying public RSA key file %s", file); - /* Fail quietly if file does not exist */ - if (stat(file, &st) < 0) { - /* Restore the privileged uid. */ - restore_uid(); - xfree(file); - return (0); - } - /* Open the file containing the authorized keys. */ - f = fopen(file, "r"); + f = open_keyfile(file, pw, options.strict_modes); if (!f) { - /* Restore the privileged uid. */ - restore_uid(); - xfree(file); - return (0); - } - if (options.stric...

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

...d Passwort, SSH denys the Acces to the System fbeckman at zvadmxz:/home/fbeckman # ssh -v fbeckman at xy OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090605f debug1: Reading configuration data /etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 0 geteuid 0 anon 1 debug1: Connecting to webmann [129.8.140.69] port 22. debug1: temporarily_use_uid: 0/1 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 0/1 (e=0) debug1: restore_uid debug1: Connection established. debug1: identity file /.ssh/identity type 0 debu...

...home/spin/.ssh/config debug1: Applying options for * debug1: Applying options for njdb* debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 1000 geteuid 0 anon 1 debug1: Connecting to njdb1b [X.X.X.X] port 22. debug1: temporarily_use_uid: 1000/100 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 1000/100 (e=0) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type D...

...from 192.168.1.5 port 1743 ssh2 debug1: userauth-request for user root service ssh-connection method publickey debug1: attempt 1 failures 1 debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 0/0 (e=0) debug1: trying public key file /root/.ssh/authorized_keys debug1: restore_uid debug1: temporarily_use_uid: 0/0 (e=0) debug1: trying public key file /root/.ssh/authorized_keys2 debug1: restore_uid Failed publickey for root from 192.168.1.5 port 1743 ssh2 debug1: userauth-request for user root service ssh-connection method publickey debug1: attempt 2 failures 2 debug1:...

...ome/ads/.ssh/config debug1: Applying options for polaris debug1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 1000 geteuid 1000 anon 1 debug1: Connecting to polaris [129.234.2.123] port 2222. debug1: temporarily_use_uid: 1000/1000 (e=1000) debug1: restore_uid debug1: temporarily_use_uid: 1000/1000 (e=1000) debug1: restore_uid debug1: Connection established. debug1: identity file...

...v 147.101.224.39 Successful: OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 0 geteuid 0 anon 1 debug1: Connecting to 147.101.224.39 [147.101.224.39] port 22. debug1: temporarily_use_uid: 0/0 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 0/0 (e=0) debug1: restore_uid debug1: Connection established. debug1: identity file /root/.ssh/identi...

...bug3: monitor_read: checking request 20 debug3: mm_answer_keyallowed entering debug3: mm_answer_keyallowed: key_from_blob: 0x81973440 debug1: temporarily_use_uid: 32767/32767 (e=0/0) debug3: Running AuthorizedKeysCommand: "/usr/local/libexec/ssh-ldap-wrapper" as "nobody" debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 32767/32767 (e=0/0) debug2: key not found user_key_command_allowed2: dup2: Bad file descriptor AuthorizedKeysCommand /usr/local/libexec/ssh-ldap-wrapper returned status 1 debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 1000/1000 (e=0/0) ... Any suggestions,...

...et OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f debug1: Reading configuration data /etc/opt/ssh-3.0/ssh_config debug1: Applying options for * debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 0 geteuid 0 anon 1 debug1: Connecting to target [10.0.0.253] port 22. debug1: temporarily_use_uid: 0/3 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 0/3 (e=0) debug1: restore_uid debug1: Connection established. debug1: read PEM private ke...

...168.247.63 port 34762 ssh2 debug1: userauth-request for user dummy service ssh-connection method publickey debug1: attempt 1 failures 1 debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 203/1 (e=0/0) debug1: trying public key file /home/dummy/.ssh/authorized_keys debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 203/1 (e=0/0) debug1: trying public key file /home/dummy/.ssh/authorized_keys2 debug1: restore_uid: 0/0 Failed publickey for dummy from 192.168.247.63 port 34762 ssh2 debug1: userauth-request for user dummy service ssh-connection method publickey debug1: attempt 2...

...23:15 aixserver01 authpriv:debug sshd[467118]: debug1: temporarily_use_uid: 150302/100513 (e=0/0) Dec 3 11:23:15 aixserver01 authpriv:debug sshd[467118]: debug1: trying public key file /home/users/robertobouza/.ssh/authorized_keys Dec 3 11:23:15 aixserver01 authpriv:debug sshd[467118]: debug1: restore_uid: 0/0 Dec 3 11:23:15 aixserver01 authpriv:debug sshd[467118]: debug1: temporarily_use_uid: 150302/100513 (e=0/0) Dec 3 11:23:15 aixserver01 authpriv:debug sshd[467118]: debug1: trying public key file /home/users/robertobouza/.ssh/authorized_keys2 Dec 3 11:23:15 aixserver01 authpriv:debug sshd[4...

...ient: [root at autoserver /]# /opt/OBSDssh/bin/ssh -vv firewall OpenSSH_2.9.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f debug1: Reading configuration data /etc/ssh_config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 0 geteuid 0 anon 1 debug1: Connecting to firewall [x.y.z.t] port 22. debug1: temporarily_use_uid: 0/1 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 0/1 (e=0) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type DSA debug1:...