Displaying 20 results from an estimated 21 matches for "sbanner".
Did you mean:
banner
2002 May 29
2
[PATCH] Add config option disabling drop_connection() behavior
...lowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
- sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
+ sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
+ sCheckMaxStartups, sMaxStartups,
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -353,6 +357,7 @@
{ "protocol", sProtocol },
{ "gatewayports", sGatewayPorts },
{ "subsyste...
2002 Nov 05
2
[PATCH] Add a chroot_users option to sshd
...keys_file == NULL)
options->authorized_keys_file =
_PATH_SSH_USER_PERMITTED_KEYS;
+ if (options->chroot_users == -1)
+ options->chroot_users = 0;
+
/* Turn privilege separation on by default */
if (use_privsep == -1)
use_privsep = 1;
***************
*** 298,304 ****
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
! sUsePrivilegeSeparation,
sDeprecated
} ServerOpCodes;
--- 302,308 ----
sBanner, sVerifyReverseMapping, sHost...
2002 Feb 12
0
[Patch] Xauthority file in /tmp
...ptions->keepalives = -1;
options->log_facility = (SyslogFacility) - 1;
@@ -258,7 +259,7 @@
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
- sBanner, sReverseMappingCheck, sHostbasedAuthentication,
+ sBanner, sReverseMappingCheck, sHostbasedAuthentication, sXAuthorityInTmp,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
sDeprecated
@@ -313,6 +314,7 @@
{ "x1...
2002 Jul 04
4
Chroot patch (v3.4p1)
...orwarding, sCompression,
- sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sAllowUsers, sDenyUsers, sChrootUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
@@ -360,6 +360,7 @@
{ "allowtcpforwarding", sAllowTcpForwarding },
{ "allowusers", sAllowUsers },
{ "denyusers", sDenyUsers },
+ { "chrootusers", sChrootUsers },
{ "allowgroups", sAllow...
2001 Aug 16
4
Idletimeout patch
...options->pam_authentication_via_kbd_int == -1)
options->pam_authentication_via_kbd_int = 0;
+ if (options->idletimeout == -1)
+ options->idletimeout=0;
}
/* Keyword tokens. */
@@ -235,7 +238,8 @@
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
- sClientAliveCountMax, sPAMAuthenticationViaKbdInt
+ sClientAliveCountMax, sPAMAuthenticationViaKbdInt,
+ sIdleTimeout
} ServerOpCodes;
/* Textual representation of the tokens. */
@@ -30...
2001 Dec 04
0
PATCH: log key fingerprint upon successful login
...og_fingerprint = -1;
}
void
@@ -229,6 +230,8 @@
}
if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
+ if (options->log_fingerprint == -1)
+ options->log_fingerprint = 0;
}
/* Keyword tokens. */
@@ -261,6 +264,7 @@
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sLogFingerprint,
sDeprecated
} ServerOpCodes;
@@ -334,6 +338,7 @@
{ "clientalivecountmax", sClientAliveC...
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly
soon.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
2002 Aug 13
1
[PATCH] global port forwarding restriction
...Forwarding, sCompression,
- sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sPermitTcpConnect,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
@@ -364,6 +366,7 @@
{ "compression", sCompression },
{ "keepalive", sKeepAlives },
{ "allowtcpforwarding", sAllowTcpForwarding },
+ { "permittcpconnect", sPermitTcpConnect },
{ "allowusers",...
2002 Jan 23
0
[PATCH] Add multiple AuthorizedKeyFiles options
...ys_files++] = _PATH_SSH_USER_PERMITTED_KEYS2;
}
- if (options->authorized_keys_file == NULL)
- options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
}
/* Keyword tokens. */
@@ -263,7 +258,7 @@
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
- sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sClientAliveCountMax, sAuthorizedKeysFile,
sDeprecated
} ServerOpCodes;
@@ -336,7 +331,7 @@
{ "clientaliveinter...
2001 Aug 20
1
Idletimeout patch, third attempt
...options->pam_authentication_via_kbd_int == -1)
options->pam_authentication_via_kbd_int = 0;
+ if (options->idletimeout == -1)
+ options->idletimeout=0;
}
/* Keyword tokens. */
@@ -235,7 +238,8 @@
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
- sClientAliveCountMax, sPAMAuthenticationViaKbdInt
+ sClientAliveCountMax, sPAMAuthenticationViaKbdInt,
+ sIdleTimeout
} ServerOpCodes;
/* Textual representation of the tokens. */
@@ -30...
2002 Jan 29
2
Key fingerprint logging
...== -1)
+ options->log_key_fingerprint = 0;
}
/* Keyword tokens. */
typedef enum {
sBadOption, /* == unknown option */
@@ -259,11 +262,11 @@
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
- sDeprecated
+ sDeprecated, sLogKeyFingerprint
} ServerOpCodes;
/* Textual representation of the tokens. */
static st...
2002 Mar 28
1
[PATCH] Feature addition: user access control per auth method
...deny_groups = 0;
+ options->num_pkey_allow_users = 0;
+ options->num_pkey_deny_users = 0;
+ options->num_pkey_allow_groups = 0;
+ options->num_pkey_deny_groups = 0;
options->ciphers = NULL;
options->macs = NULL;
options->protocol = SSH_PROTO_UNKNOWN;
@@ -267,7 +271,8 @@
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
- sDeprecated
+ sDeprecated, sPubkeyAllowUsers, sPubkeyDenyUsers,
+ sPubkeyAllowGroups, sPubkeyDenyGroups
} ServerOpCodes;...
2018 Dec 10
2
[PATCH] cleanup of global variables server/client_version_string in sshconnect.c
In sshconnect.c there are two global variables for server_version_string
client_version_string.
These are used just in a few functions and can easily be passed as
parameters.
Also, there is a strange construct, where their memory is allocated to
the global pointers, then copies of these pointers are assigned to the
kex structure. The kex_free finally frees them via cleanup of the kex
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2005 Jan 20
0
AllowUsers - proposal for useful variations on the theme
..., sDenyUsers, sAllowGroups, sDenyGroups,
+ sAllowUsers, sAllowUsersFixedname, sAllowUsersIpaddr, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
sMaxStartups, sMaxAuthTries,
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
sUsePrivilegeSeparation,
@@ -347,16 +348,18 @@
{ "permitemptypasswords",...
2002 Jan 26
7
[PATCH] Added NoDelay config option and nodelay subsystem option
...= NULL;
+ options->nodelay = -1;
}
void
@@ -229,6 +230,8 @@
}
if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
+ if (options->nodelay == -1)
+ options->nodelay = 0;
}
/* Keyword tokens. */
@@ -261,6 +264,7 @@
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sNoDelay,
sDeprecated
} ServerOpCodes;
@@ -334,6 +338,7 @@
{ "clientalivecountmax", sClientAliveCountMax...
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly:
http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html
<quote>
The paper concludes that the keystroke timing data observable from
today's SSH implementations reveals a dangerously significant amount of
information about user terminal sessions--enough to locate typed
passwords in the session data stream and reduce the
2003 Aug 10
9
updated gssapi diff
...n == -1)
+ options->gss_authentication = 0;
+ if (options->gss_cleanup_creds == -1)
+ options->gss_cleanup_creds = 1;
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
@@ -239,6 +248,7 @@
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sGssAuthentication, sGssCleanupCreds,
sUsePrivilegeSeparation,
sDeprecated, sUnsupported
} ServerOpCodes;
@@ -277,6 +287,13 @@
{...
2006 Nov 15
11
OpenSSH Certkey (PKI)
...- sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
- sMaxStartups, sMaxAuthTries,
+ sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sCAKeyFile,
+ sGatewayPorts, sCertkeyAuthentication, sPubkeyAuthentication, sXAuthLocation,
+ sSubsystem, sMaxStartups, sMaxAuthTries,
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -282,6 +288,7 @@
u_int flags;
} keywords[] = {
{ "port", sPort, SSHCFG_GLOBAL },
+ { "cakeyfile", sCAKeyFile,...