search for: ssh_proto_1

...to simply write the pidfile after the signal handlers are setup. Here's the patch. Rob --- sshd.c.orig Fri Jun 22 11:16:41 2001 +++ sshd.c Fri Jun 22 11:18:32 2001 @@ -857,6 +857,19 @@ if (!num_listen_socks) fatal("Cannot bind any address."); + if (options.protocol & SSH_PROTO_1) + generate_ephemeral_server_key(); + + /* Arrange to restart on SIGHUP. The handler needs listen_sock. */ + signal(SIGHUP, sighup_handler); + + signal(SIGTERM, sigterm_handler); + signal(SIGQUIT, sigterm_handler); + + /* Arrange SIGCHLD to be caught. */ + signal(SIGCHLD, main_sigchld_hand...

...uffer_len(&command) > 0) { + fprintf(stderr,"-N option works only with protocol version 2 and w/out a command\n"); + usage(); + /* NOT REACHED */ + } + + /* Cannot fork to background if no command. + Command not needed for protocol 2 & -N + */ + if ((options.protocol & SSH_PROTO_1) && !(options.protocol & SSH_PROTO_2) && + fork_after_authentication_flag && buffer_len(&command) == 0) + fatal("Cannot fork into background without a command to execute."); + /* check if RSA support exists */ if ((options.protocol & SSH_PROTO_...

OpenSSH still has this feature, SSH-1.2.27 no longer has it. Admittedly it can be useful sometimes, even though I'd prefer this to be done using a trivial shell wrapper, which would be the UNIX way of doing things. Not being able to call OpenSSH's ssh by another name (say ``ssh1'') can get in the way when having to maintain two versions of ssh in parallel because the ``ssh ->

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

Hello all, sshd configuration file options change from one release to another. If you forget updating sshd_config, sshd will not start. This is especially painful for update scripts etc. where you can't do e.g. 'sshd -p 2022' to see if it's okay. May I suggest some option, e.g. sshd -t, which would test config files and other obvious issues and return an errorcode if something

Hi, The name of the identity file defaults to what fill_default_options() in readconf.c does: SSH_PROTO_1: "~/%.100s", _PATH_SSH_CLIENT_IDENTITY SSH_PROTO_2: "~/%.100s", _PATH_SSH_CLIENT_ID_RSA "~/%.100s", _PATH_SSH_CLIENT_ID_DSA Identity files are always expanded by tilde_expand_filename() which gets the name of the home directory from getpwuid(my_uid)->pw_dir...

...ignal system call in Linux might fail if there is any pending signal for the process. It returns ERESTARTNOINTR. The following code in openssh sshd.c:main(): /* Mark that the key has been used (it was "given" to the child). */ if ((options.protocol & SSH_PROTO_1) && key_used == 0) { /* Schedule server key regeneration alarm. */ signal(SIGALRM, key_regeneration_alarm); alarm(options.key_regeneration_time); key_used = 1; } might cause a...

...ct 30 09:47:44 2002 @@ -275,7 +275,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX:z:")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -421,6 +421,9 @@ exit(1); } break; + case 'z': + options.time_out = atoi(optarg); + break; case 'l': options.user = optarg; break; --- sshconnect.c Wed Sep 18 22:05:04 2002 +++ ../openssh-3.5p1.modlwc/sshconnect.c Wed Oct 30 09:50:37 2002 @@ -236,10...

...EY_ECDSA: + sensitive_data.have_ssh2_key = 1; + break; + } + debug("private host key: #%d type %d %s", i, key->type, + key_type(key)); } - debug("private host key: #%d type %d %s", i, key->type, - key_type(key)); } + if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { logit("Disabling protocol version 1. Could not load host key"); options.protocol &= ~SSH_PROTO_1;

...ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" + while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvxz:" "ACD:F:I:KL:MNO:PR:S:TVw:XY")) != -1) { switch (opt) { + case 'z': + pid_file = optarg; + break; case '1': options.protocol = SSH_PROTO_1; break; @@ -833,6 +860,9 @@ if (options.control_path != NULL && muxserver_sock != -1) unlink(options.control_path); + if (pid_file) + unlink(pid_file); + /* * Send SIGHUP to proxy command if used. We don't wait() in * case it hangs and instead rely on init to reap th...

...options->cipher = SSH_CIPHER_NOT_SET; /* options->ciphers, default set in myproposals.h */ /* options->macs, default set in myproposals.h */ + /* options->pkalgorithms, default set in myproposals.h */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2|SSH_PROTO_1_PREFERRED; if (options->num_identity_files == 0) { *** ../../openssh-2.5.1p2/readconf.h Wed Feb 14 22:02:00 2001 --- readconf.h Tue Mar 6 23:58:08 2001 *************** *** 69,74 **** --- 69,75 ---- int cipher; /* Cipher to use. */ char *ciphers; /* SSH2...

...quot; @@ -272,7 +272,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XY")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TuVw:XY")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -523,6 +523,9 @@ case 'F': config = optarg; break; + case 'u': + options.checkey = 1; + break; default: usage(); } --- orig/openssh-4.6p1/readconf.c 2007-02-19 06:12:54.000000000 -0500 +++ openssh-4.6p1/readconf.c 2007-05-10 11:31:54.924404248 -0400 @@...

...t;); exit(1); } @@ -320,7 +321,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVXH:")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -530,6 +531,9 @@ break; case 'F': config = optarg; + break; + case 'H': + options.https_proxy = optarg; break; default: usage(); diff --unified --recursive openssh-2.9.9p2.orig/sshconnect.c openssh-2.9.9p2.httpsproxy/sshconnect.c --- openssh-2.9...

Heya, I'm trying to convince my company to use OpenSSH instead of the commercial SSH version. I need a little help: 1. What features does OpenSSH offer over commercial SSH (besides being free and open source of course)? 2. Our lawyers want details on the licensing / patents stuff. I have the high level details from the OpenSSH page. I need the nitty gritty like RSA patent# and

...ded ports.\n"); @@ -312,7 +313,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:S:TVX")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -487,7 +488,13 @@ add_remote_forward(&options, fwd_port, buf, fwd_host_port); break; - + case 'S': + options.sleep = atoi(optarg); + if (options.sleep < 0) { + fprintf(stderr, "Bad delay value '%s'\n", optarg); + exit(1); + } +...

...15,6 +15,7 @@ RCSID("$OpenBSD: servconf.c,v 1.50 2000/07/22 09:14:36 markus Exp $"); #include "ssh.h" +#include "entropy.h" #include "servconf.h" #include "xmalloc.h" #include "compat.h" @@ -162,6 +163,8 @@ options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->gateway_ports == -1) options->gateway_ports = 0; + if (ssh_prng_command_file == NULL) + ssh_prng_command_file = xstrdup(SSH_PRNG_COMMAND_FILE); if (options->max_startups == -1) options->max_startups = 10; if (options->max_startups_rate == -1) @@...

...+297,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) { + "AB:CD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -568,6 +568,9 @@ main(int ac, char **av) case 'F': config = optarg; break; + case 'B': + options.bind_port = optarg; + break; default: usage(); } diff -rupN openssh-5.8p2//ssh_config.0 openssh-5.8p2-srcport//ssh_config.0 --- openssh-5.8p2//ssh_config.0...

...ded ports.\n"); @@ -320,7 +321,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:S:TVX")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -495,7 +496,13 @@ add_remote_forward(&options, fwd_port, buf, fwd_host_port); break; - + case 'S': + options.sleep = atoi(optarg); + if (options.sleep < 0) { + fprintf(stderr, "Bad delay value '%s'\n", optarg); + exit(1); + } +...

...mit_empty_passwd = 0; if (options->use_login == -1) options->use_login = 0; + if (options->use_chroot == -1) + options->use_chroot = 0; + if (options->chroot_group == -1) + options->chroot_group = 0; if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->gateway_ports == -1) @@ -189,6 +195,7 @@ sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sUseChroot, sChrootGroup...

...Apr 22 10:13:55 2002 @@ -312,7 +312,7 @@ again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { + "1246ab:c:e:d:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -522,6 +522,9 @@ break; case 'F': config = optarg; + break; + case 'd': + options.password_from_fd = atoi(optarg); break; default: usage(); diff -bur openssh-3.1p1.org/sshconnect2.c openssh-3.1p1/sshconnect2.c --- openssh-3.1p1.org/sshconnect2.c Tue Fe...