Displaying 20 results from an estimated 251 matches for "servconf".
2016 May 03
3
StreamLocal forwarding
...g command still doesn't show streamlocalbindunlink set:
>
> sshd -T -C "user=sshvpn,host=196.209.244.243,addr=196.209.244.243" | grep -i
> stream
> streamlocalbindmask 0177
> allowstreamlocalforwarding yes
oh, that's a bug in the config dump support.
diff --git a/servconf.c b/servconf.c
index 6111c5a..2094c48 100644
--- a/servconf.c
+++ b/servconf.c
@@ -2293,6 +2293,7 @@ dump_config(ServerOptions *o)
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding);
dump_cfg_fmtint(sAllowStre...
2002 Dec 05
1
patch to add a PAMServiceName config option
...an using __progname or having it
hardwired to SSHD_PAM_SERVICE at compile time. I expect this to be useful
if one wants to run multiple instances of sshd using different PAM
configurations.
With this patch SSHD_PAM_SERVICE is not used in auth-pam.c so I moved the
definition out of auth-pam.h into servconf.h. Effectively
SSHD_PAM_SERVICE now merely supplies the default service name. I'm not
convinced that servconf.h is the correct place for it.
==========pam-service.diff follows==========
diff -ru openssh-3.5p1.orig/auth-pam.c openssh-3.5p1/auth-pam.c
--- openssh-3.5p1.orig/auth-pam.c Sun Jul...
2010 Mar 18
3
problem of adding a new option of sshd
Dear all,
I want to add a new option "newoption" to the sshd server, I have just add some codes in servconf.h and
servconf.c like the other options. But it seems that the "newoption" can not be enable,when i set
the "newoption" to "yes" in sshd_config file. I have add a debug message in main function of sshd.c
....
debug("main sshd %d",options->newoption);
......
2001 Aug 16
4
Idletimeout patch
...ytti.uku.fi> - Bugfixes
+Jani Jaakkola <jjaakkol at cs.helsinki.fi> - IdleTimeOut
Jim Knoble <jmknoble at jmknoble.cx> - Many patches
Jonchen (email unknown) - the original author of PAM support of SSH
Juergen Keil <jk at tools.de> - scp bugfixing
diff -ru openssh-2.9p2.orig/servconf.c openssh-2.9p2/servconf.c
--- openssh-2.9p2.orig/servconf.c Wed Apr 25 15:44:15 2001
+++ openssh-2.9p2/servconf.c Wed Aug 15 22:10:23 2001
@@ -102,6 +102,7 @@
options->client_alive_interval = -1;
options->client_alive_count_max = -1;
options->pam_authentication_via_kbd_int = -1;
+ o...
2014 Jun 06
1
Patch: Ciphers, MACs and KexAlgorithms on Match
...hers, MACs and KexAlgorithms available in
Match blocks. Now I can reach a -current machine with some Android
terminal app without changing the default ciphers for all clients:
Match Address 192.168.1.2
Ciphers aes128-cbc
MACs hmac-sha1
KexAlgorithms diffie-hellman-group-exchange-sha1
Index: servconf.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/servconf.c,v
retrieving revision 1.249
diff -u -p -u -r1.249 servconf.c
--- servconf.c 29 Jan 2014 06:18:35 -0000 1.249
+++ servconf.c 6 Jun 2014 08:04:06 -0000
@@ -399,8 +399,8 @@ static struct {...
2002 Nov 24
1
[PATCH] PamServiceNameAppend
...r, &conv, &__pamh);
+ strlcpy(buf, SSHD_PAM_SERVICE, sizeof(buf));
+ strlcat(buf, options.pam_service_name_append, sizeof(buf));
+ pam_retval = pam_start(buf, user, &conv, &__pamh);
if (pam_retval != PAM_SUCCESS)
fatal("PAM initialisation failed[%d]: %.200s",
Index: servconf.c
===================================================================
RCS file: /cvs/openssh/servconf.c,v
retrieving revision 1.97
diff -u -w -u -w -b -p -r1.97 servconf.c
--- servconf.c 5 Sep 2002 04:35:15 -0000 1.97
+++ servconf.c 24 Nov 2002 18:43:41 -0000
@@ -57,6 +57,9 @@ initialize_server_opt...
2002 Jul 04
4
Chroot patch (v3.4p1)
...first step (IMO).
It applies clean with 'patch -l'.
Also attached is a shell script that helps to build a chrooted home dir on
a RedHat 7.2 box.
(I would appreciate some feedback from a core developer as to whether
this looks to be a useful approach or not.)
--- openssh-3.4p1.vanilla/servconf.c Mon Jun 24 23:22:04 2002
+++ openssh-3.4p1/servconf.c Wed Jul 3 11:23:26 2002
@@ -292,7 +292,7 @@
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
sStrictModes, sEmptyPasswd, sKeepAlives,
sUseLogin, sAllowTcpForwarding, sCompression,
- sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups...
2001 Mar 02
0
Patch for system-wide default environment
...be removed if this
more general patch is accepted.
Thanks,
Adam Tilghman, UC San Diego
--
Adam Tilghman | Systems Support / Academic Computing | +1 858 822 0711
agt at ucsd.edu | University of California, San Diego | fax +1 858 534 7018
--- cut here ---
diff -r -c openssh-2.5.1p1/servconf.c openssh-2.5.1p1-1/servconf.c
*** openssh-2.5.1p1/servconf.c Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.c Thu Mar 1 15:45:03 2001
***************
*** 81,86 ****
--- 81,87 ----
options->challenge_reponse_authentication = -1;
options->permit_empty_passwd = -1;
options-&g...
2003 Mar 02
0
[RFC][PATCH] Require S/KEY before other authentication methods.
...ctive authentication succeeded");
+ options.challenge_response_authentication_first = 0;
+ options.kbd_interactive_authentication = options.pam_authentication_via_kbd_int;
+ options.challenge_response_authentication = 0;
+ authenticated = 0;
+ }
}
if (!authctxt->valid)
Index: servconf.c
===================================================================
RCS file: /cvs/openssh/servconf.c,v
retrieving revision 1.98
diff -u -p -r1.98 servconf.c
--- servconf.c 24 Feb 2003 01:04:34 -0000 1.98
+++ servconf.c 1 Mar 2003 17:37:42 -0000
@@ -100,6 +100,7 @@ initialize_server_options(Serve...
2002 Sep 16
2
privsep versus compression
...#39;m unable to get Kerberos4 authentication working with openssh-3.4p1.
I'm getting a message that privsep is not available on my platform (Irix
6.5.15) and another message stating that compression and privsep are
mutually exclusive. But, ssh decided to turn off compression, I think
because of servconf.c. I think it would be more usefull to have
compression enabled and disable privsep as the encryption is almost
useless when data is not compressed first. I think compression should
never be disabled otherwise kerberos will be also efectively disabled.
Any opinions?
Below I'm just showing t...
2001 Mar 14
1
/etc/default/login patch?
Would anybody happen to have or know of a patch to make /etc/default/login
PATH and SUPATH the default openssh path? We have customized paths for each
school of engineering (each have their own customized site bin). This is
easily controled with /etc/default/login. The --with-default-path option
is too rigid. This is Solaris I am talking about.
--mike
2014 Sep 17
5
[Bug 2278] New: 'configure --disable-lastlog' should mark PrintLastLog as unsupported in servconf.c
https://bugzilla.mindrot.org/show_bug.cgi?id=2278
Bug ID: 2278
Summary: 'configure --disable-lastlog' should mark PrintLastLog
as unsupported in servconf.c
Product: Portable OpenSSH
Version: 6.6p1
Hardware: All
OS: Solaris
Status: NEW
Severity: minor
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: brent.paulson...
2010 Mar 31
2
[Bug 1748] New: getcwd being called with invalid argument in servconf.c
https://bugzilla.mindrot.org/show_bug.cgi?id=1748
Summary: getcwd being called with invalid argument in
servconf.c
Product: Portable OpenSSH
Version: 5.4p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: critical
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: dan.mitt...
2000 Aug 11
1
OpenSSH Questions
Heya,
I'm trying to convince my company to use OpenSSH instead of the commercial SSH version. I need a little help:
1. What features does OpenSSH offer over commercial SSH (besides being free and open source of course)?
2. Our lawyers want details on the licensing / patents stuff. I have the high level details from the OpenSSH page. I need the nitty gritty like RSA patent# and
2020 Mar 11
6
[PATCH 0/1] *** SUBJECT HERE ***
...nt's IP address in its environment. It could
then block the originating host, possibly after a predefined number of
such events in a certain interval, by reconfiguring the system's firewall
or similar means.
Comments welcome.
Thomas Koeller (1):
sshd: Added authentication failure hook
servconf.c | 6 ++++++
servconf.h | 1 +
sshd.c | 19 +++++++++++++++++++
sshd_config | 3 +++
sshd_config.5 | 11 +++++++++++
5 files changed, 40 insertions(+)
--
2.24.1
2002 Jan 23
0
[PATCH] Add multiple AuthorizedKeyFiles options
...user_key_allowed2(pw, key, file);
- xfree(file);
+ /* Iterate over all authorized_keys_files */
+ while ( (file = authorized_keys_file(pw, authfileno++) ) != NULL) {
+ success = user_key_allowed2(pw, key, file);
+ xfree(file);
+ if (success)
+ return success;
+ }
return success;
}
Index: servconf.c
===================================================================
RCS file: /cvs/openssh/servconf.c,v
retrieving revision 1.74
diff -u -r1.74 servconf.c
--- servconf.c 22 Jan 2002 12:35:12 -0000 1.74
+++ servconf.c 23 Jan 2002 11:11:29 -0000
@@ -107,8 +107,7 @@
options->reverse_mapping_che...
2002 Jun 25
2
Linux 2.2 + borken mmap() round 1
...-1, 0);
- if (address == MAP_FAILED)
- fatal("mmap(%lu): %s", (u_long)size, strerror(errno));
#else
- fatal("%s: UsePrivilegeSeparation=yes not supported",
+ fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
__func__);
#endif
Index: servconf.c
===================================================================
RCS file: /var/cvs/openssh/servconf.c,v
retrieving revision 1.92
diff -u -r1.92 servconf.c
--- servconf.c 23 Jun 2002 21:29:24 -0000 1.92
+++ servconf.c 25 Jun 2002 00:16:12 -0000
@@ -257,7 +257,7 @@
if (use_privsep == -1)
u...
2007 Mar 22
1
ChallengeResponseAuthentication defaults to no?
Hello,
I have just installed OpenSSH 4.6p1 and it appears that ChallengeResponseAuthentication is not allowed unless I explicitly set it to "yes" in the sshd_config file. I am using the same config file as I did with 4.5p1 where it was allowed by default. Also, this is OpenSSH package from sunfreeware, but I believe that both versions were compiled with the same options.
Is this the
2002 Feb 12
0
[Patch] Xauthority file in /tmp
...h put xauthority in /tmp), with a few minor modification,
including security improvements for removing the files in /tmp, which
I believe were what lead (at least in part) to the original removal
of this code.
Scott.
-------------- next part --------------
diff -r --unified openssh-3.0.2p1.orig/servconf.c openssh-3.0.2p1/servconf.c
--- openssh-3.0.2p1.orig/servconf.c Wed Nov 14 00:03:15 2001
+++ openssh-3.0.2p1/servconf.c Tue Feb 12 14:21:14 2002
@@ -64,6 +64,7 @@
options->x11_forwarding = -1;
options->x11_display_offset = -1;
options->xauth_location = NULL;
+ options->xauthority...
2001 Mar 13
0
[PATCH] openssh 2.5.1p2 TIS authserv support
...o sshconnect1.o sshconnect2.o log-client.o readconf.o clientloop.o
-SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o dh.o sshpty.o log-server.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o
+SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o dh.o sshpty.o log-server.o sshlogin.o loginrec.o servconf.o serverl...