search for: rexec_flag

...it.mindrot.org/openssh.git/commit/?id=03e3de416ed7c34faeb692967737be4a7bbe2eb5) had the effect of breaking use with xinetd. This is due to a combination of two things. Firstly, sshd no longer exempts inetd mode from the absolute-path check: - if (rexeced_flag || inetd_flag) - rexec_flag = 0; - if (!test_flag && !do_dump_cfg && rexec_flag && !path_absolute(av[0])) - fatal("sshd re-exec requires execution with an absolute path"); + if (!test_flag && !do_dump_cfg && !path_absolute(av[0])) + fata...

This patch series consists of minor fixes and cleanups I made during update to openssh V_4_6 branch. openssh/auth-pam.c | 9 ++++----- openssh/auth2.c | 2 -- openssh/readconf.c | 7 ++++--- openssh/servconf.c | 14 ++++++++------ openssh/sftp-server.c | 9 ++++++--- openssh/sshd.c | 2 +- 6 files changed, 23 insertions(+), 20 deletions(-) -- ldv

...al anything obvious. Have I mis-configured something? I wonder if there is a problem with privilege seperation - I wasn't expecting to see so many processes running as root. There is this code in sshd.c - But I cannot guess at its purpose: "sshd.c" line 1195 of 2021: ... if (rexec_flag) { rexec_argv = xmalloc(sizeof(char *) * (rexec_argc + 2)); for (i = 0; i < rexec_argc; i++) { debug("rexec_argv[%d]='%s'", i, saved_argv[i]); rexec_argv[i] = saved_argv[i]; }...

We've run into an interesting dilemma regarding last log information and ssh 4.2p1. In 3.8, we didn't see this problem, but now has cropped up in 4.2. When a user logs in, sshd seems to call 'last' to get the last log information. 'last' then opens the /var/log/wtmp file and processes the information. On some systems, this file can be quite large, and we're seeing

...ffer_get_key_dsa(buffer, key->dsa); + break; + default: + fatal("%s: unsupported key type (%s)", __func__, + key_type(key)); + } + + return key; +} diff --git a/sshd.c b/sshd.c index c8d71f8..f458860 100644 --- a/sshd.c +++ b/sshd.c @@ -175,6 +175,7 @@ int rexeced_flag = 0; int rexec_flag = 1; int rexec_argc = 0; char **rexec_argv; +int num_rexec_recvd_host_keys = 0; /* * The sockets that the server is listening; this is used in the SIGHUP @@ -898,6 +899,7 @@ usage(void) static void send_rexec_state(int fd, Buffer *conf) { + int i, num_host_keys; Buffer m; debug3(&qu...

Hi All. For various reasons, we're currently looking at extending (or even overhauling) the config parser used for sshd_config. Right now the syntax I'm looking at is a cumulative "Match" keyword that matches when all of the specified criteria are met. This would be similar the the Host directive used in ssh_config, although it's still limiting (eg you can't easily