search for: sgatewayport

...artups = 1; if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@ -281,7 +284,8 @@ sUseLogin, sAllowTcpForwarding, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, - sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, + sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, + sCheckMaxStartups, sMaxStartups, sBanner, sVerifyReverseMapping, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientA...

Heya, I'm trying to convince my company to use OpenSSH instead of the commercial SSH version. I need a little help: 1. What features does OpenSSH offer over commercial SSH (besides being free and open source of course)? 2. Our lawyers want details on the licensing / patents stuff. I have the high level details from the OpenSSH page. I need the nitty gritty like RSA patent# and

...ess, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, ! sUseLogin, sAllowTcpForwarding, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, --- 211,217 ---- sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, !...

Would anybody happen to have or know of a patch to make /etc/default/login PATH and SUPATH the default openssh path? We have customized paths for each school of engineering (each have their own customized site bin). This is easily controled with /etc/default/login. The --with-default-path option is too rigid. This is Solaris I am talking about. --mike

...rintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sUseChroot, sChrootGroup, sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile, sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups } ServerOpCodes; @@ -236,6 +243,8 @@ { "strictmodes", sStrictModes }, { "permitemptypasswords", sEmptyPasswd }, { "uselogin", sUseLogin }, + { "usechroot", sUseChroot }, + { "chrootgro...

...sX11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, - sUseLogin, sAllowTcpForwarding, sCompression, + sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, @@ -319,6 +322,7 @@ { "xauthlocation", sXAuthLocation }, { "strictmodes", sStrictModes }, { "permitemptypasswords", sEmptyPasswd }, + { "permituserenvironment", sPermitUserEnvironment },...

...11UseLocalhost, sStrictModes, sEmptyPasswd, sKeepAlives, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sAllowUsers, sDenyUsers, sChrootUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sVerifyReverseMapping, sHostbasedAuthentication, @@ -360,6 +360,7 @@ { "allowtcpforwarding", sAllowTcpForwarding }, { "allowusers", sAllowUsers }, { "denyusers", sDenyUsers }, + {...

...TCPKeepAlive, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sAllowUsers, sAllowUsersFixedname, sAllowUsersIpaddr, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sBanner, sUseDNS, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, sGssAuthentication, sGssCleanupCreds, sAcc...

...DenyGroups, SSHCFG_ALL }, - { "ciphers", sCiphers, SSHCFG_GLOBAL }, - { "macs", sMacs, SSHCFG_GLOBAL }, + { "ciphers", sCiphers, SSHCFG_ALL }, + { "macs", sMacs, SSHCFG_ALL }, { "protocol", sProtocol, SSHCFG_GLOBAL }, { "gatewayports", sGatewayPorts, SSHCFG_ALL }, { "subsystem", sSubsystem, SSHCFG_GLOBAL }, @@ -427,7 +427,7 @@ static struct { { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFi...

...= NULL; + options->xauthority_in_tmp = -1; options->strict_modes = -1; options->keepalives = -1; options->log_facility = (SyslogFacility) - 1; @@ -258,7 +259,7 @@ sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, - sBanner, sReverseMappingCheck, sHostbasedAuthentication, + sBanner, sReverseMappingCheck, sHostbasedAuthentication, sXAuthorityInTmp, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKe...

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

...ctModes, sEmptyPasswd, sKeepAlives, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sPermitTcpConnect, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sVerifyReverseMapping, sHostbasedAuthentication, @@ -364,6 +366,7 @@ { "compression", sCompression }, { "keepalive", sKeepAlives }, { "allowtcpforwarding", sAllowTcpForwarding }, + { &q...

...PERMITTED_KEYS; + options->authorized_keys_files[options->num_authorized_keys_files++] = _PATH_SSH_USER_PERMITTED_KEYS2; } - if (options->authorized_keys_file == NULL) - options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; } /* Keyword tokens. */ @@ -263,7 +258,7 @@ sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sReverseMappingCheck, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, - sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, + sClientAliveCountMax, sAuthorizedKeysFile, s...

...sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, + sStrictModes, sEmptyPasswd, sRandomSeedFile, sPrngCommandFile, sKeepAlives, sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile, sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups @@ -237,6 +240,7 @@ { "permitemptypasswords", sEmptyPasswd }, { "uselogin", sUseLogin }, { "randomseed", sRandomSeedFile }, + { "prngcommandfile", sPrngCommandFile }, { "keepalive&quo...

...; } void @@ -210,6 +211,8 @@ options->client_alive_count_max = 3; if (options->pam_authentication_via_kbd_int == -1) options->pam_authentication_via_kbd_int = 0; + if (options->idletimeout == -1) + options->idletimeout=0; } /* Keyword tokens. */ @@ -235,7 +238,8 @@ sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sReverseMappingCheck, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, - sClientAliveCountMax, sPAMAuthenticationViaKbdInt + sClientAliveCountMax, sPAMAuthenticationViaKbdInt, + sIdleTi...

...ups, + sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, + sPortForwarding, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, + sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile, sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups } ServerOpCodes; @@ -227,6 +230,7 @@ { "x11forwarding", sX11Forwarding }, { "x11displayoffset", sX11DisplayOffset }, { "xauthlocation", sXAuthLocation }, + { "portforwarding", sPortForwardi...

...d_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; + if (options->log_key_fingerprint == -1) + options->log_key_fingerprint = 0; } /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ @@ -259,11 +262,11 @@ sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sReverseMappingCheck, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, - sDeprecated + sDeprecated, sLogKeyFingerprin...

...{ + return "UNKNOWN"; +} + +static const char * +fmt_intarg(ServerOpCodes code, int val) +{ + switch (code) { + case sAddressFamily: + return fmt_multistate_int(val, multistate_addressfamily); + case sPermitRootLogin: + return fmt_multistate_int(val, multistate_permitrootlogin); + case sGatewayPorts: + return fmt_multistate_int(val, multistate_gatewayports); + case sCompression: + return fmt_multistate_int(val, multistate_compression); + case sUsePrivilegeSeparation: + return fmt_multistate_int(val, multistate_privsep); + case sProtocol: switch (val) { case SSH_PROTO_1: return &q...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

...; } void @@ -210,6 +211,8 @@ options->client_alive_count_max = 3; if (options->pam_authentication_via_kbd_int == -1) options->pam_authentication_via_kbd_int = 0; + if (options->idletimeout == -1) + options->idletimeout=0; } /* Keyword tokens. */ @@ -235,7 +238,8 @@ sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sBanner, sReverseMappingCheck, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, - sClientAliveCountMax, sPAMAuthenticationViaKbdInt + sClientAliveCountMax, sPAMAuthenticationViaKbdInt, + sIdleTi...