search for: spermitrootlogin

It eventually gets where I want it ... doesn't work, but at least its set right ... but why is it done 12 times? Note, I just added fprintf(stderr) messages to the case statements in the read_conf() section of servconf.c ... ./sshd -d sPermitRootLogin triggered as yes sIgnoreRhosts triggered as yes sIgnoreRhosts triggered as no sIgnoreRhosts triggered as yes sIgnoreRhosts triggered as yes sIgnoreRhosts triggered as no sIgnoreRhosts triggered as no sIgnoreRhosts triggered as no sIgnoreRhosts triggered as no sIgnoreRhosts triggered as no sIgnoreRh...

...options(ServerOption typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, + sPAMAuthenticationViaKbdInt, sPAMServiceNameAppend, /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, @@ -312,6 +319,7 @@ static struct { } keywords[] = { /* Portable-specific options */ { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + { "PAMServiceNameAppend", sPAMServiceNameAppend }, /* Standard Options */ { "port",...

...*/ if (options->protocol == SSH_PROTO_UNKNOWN) @@ -276,6 +281,7 @@ sBadOption, /* == unknown option */ /* Portable-specific options */ sPAMAuthenticationViaKbdInt, + sPAMServiceName, /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, @@ -312,6 +318,7 @@ } keywords[] = { /* Portable-specific options */ { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + { "PAMServiceName", sPAMServiceName }, /* Standard Options */ { "port", sPort }, { "hostkey&q...

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

...entication == -1) + options->rsa_host_other_authentication = 0; if (options->dsa_authentication == -1) options->dsa_authentication = 1; #ifdef KRB4 *************** *** 170,175 **** --- 173,179 ---- sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, + sRSAHostOtherAuthentication, #ifdef KRB4 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, #endif *************** *** 205,210 **** --- 209,215 ---- { "rhostsaut...

...;, sKeepAlives }, { "allowusers", sAllowUsers }, { "denyusers", sDenyUsers }, @@ -406,6 +410,10 @@ arg = strdelim(&cp); break; + case sPrngCommandFile: + charptr = &ssh_prng_command_file; /* globally def in ssh.h */ + goto parse_filename; + case sPermitRootLogin: intptr = &options->permit_root_login; arg = strdelim(&cp); diff -ur openssh-SNAP-20000823.orig/ssh.1 openssh-SNAP-20000823.new/ssh.1 --- openssh-SNAP-20000823.orig/ssh.1 Fri Aug 18 05:59:06 2000 +++ openssh-SNAP-20000823.new/ssh.1 Fri Aug 25 14:43:55 2000 @@ -826,6 +826,12 @@ ....

...t(int val, const struct multistate *m) { - if (code == sAddressFamily) { - switch (val) { - case AF_INET: - return "inet"; - case AF_INET6: - return "inet6"; - case AF_UNSPEC: - return "any"; - default: - return "UNKNOWN"; - } - } - if (code == sPermitRootLogin) { - switch (val) { - case PERMIT_NO_PASSWD: - return "without-password"; - case PERMIT_FORCED_ONLY: - return "forced-commands-only"; - case PERMIT_YES: - return "yes"; - } + u_int i; + + if (val == -1) + return "unset"; + for (i = 0; m[i].key !=...

...ssions, o->max_sessions); dump_cfg_int(sClientAliveInterval, o->client_alive_interval); dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); +#ifdef USE_SCTP + dump_cfg_int(sListenViaSCTP, o->listen_via_sctp); +#endif /* formatted integer arguments */ dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); diff --git a/servconf.h b/servconf.h index 752d1c5..77bb49e 100644 --- a/servconf.h +++ b/servconf.h @@ -183,6 +183,8 @@ typedef struct { u_int num_auth_methods; char *auth_methods[MAX_AUTH_METHODS]; + + int listen_via_sctp; } ServerOptions; /* Inform...

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

...->num_host_key_files == 0) { @@ -258,9 +249,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -294,9 +282,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, - /* Standa...

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of

...->num_host_key_files == 0) { @@ -271,9 +262,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -307,9 +295,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, - /* Standa...

...->num_host_key_files == 0) { @@ -271,9 +262,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -307,9 +295,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, - /* Standa...