search for: sshd_config

https://bugzilla.mindrot.org/show_bug.cgi?id=2190 Bug ID: 2190 Summary: Nagios command check_ssh Product: Portable OpenSSH Version: 6.2p1 Hardware: ix86 OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

...DDR ; then + SKIP_IPV6=yes +fi + # We need to use the keys generated for the regression test because sshd -T # will fail if we're not running with SUDO (no permissions for real keys) or # if we are # running tests on a system that has never had sshd installed @@ -26,6 +31,9 @@ cat > $OBJ/sshd_config.0 <<EOD listenaddress 1.2.3.4:1234 listenaddress 1.2.3.4:5678 +EOD + +[ X${SKIP_IPV6} = Xyes ] || cat > $OBJ/sshd_config.0 <<EOD listenaddress [::1]:1234 listenaddress [::1]:5678 EOD @@ -37,6 +45,9 @@ port 1234 port 5678 listenaddress 1.2.3.4 +EOD + +[ X${SKIP_IPV6} = Xyes...

.... Everything has worked with minimal effort and I appreciate all the work. But, I am having a problem whereby the sshd executable is crashing and I really could use some help on where to look at this in more details. Here is how I start up the sshd for testing. /usr/sbin/sshd -D -ddd -f /etc/ssh/sshd_config -p 65 Then I connect to it with the folloiwng command sshd -vvv admin@<ip addr> -p 65 It connects with no problem. But, when I hit the return key I get a big fat error.. I've attached the debug output at the end of this email. Any advice on where to start debugging this is most appre...

Hello, I have a file which varies depending on which OS/version it''s running. I tried to make a nested source parameter like this, but it didn''t work: source => $operatingsystem ? { Debian => "puppet://myserver.com/files/os/debian/etc/ssh/sshd_config", Gentoo => "puppet://myserver.com/files/os/gentoo/etc/ssh/sshd_config", RedHat => $lsbdistrelease ? { "4" => "puppet://myserver.com/files/os/rhel4/etc/ssh/sshd_config", "5" => "puppet://myserver.com/files/os/...

Hi I am just porting ssh-5.2 to my HPUX system. but while I'm doing it, I accidently found a different handling of the sshd for the SIGHUP signal when it is started with a "./sshd_config" and "/sshd_config". The problem is as following: root at sshpa6# uname -a HP-UX sshpa6 B.11.31 U 9000/800 2404418693 unlimited-user license root at sshpa6# /opt/ssh/sbin/sshd -f ./sshd_config ### ./sshd_config is a relative path root at sshpa6# ps -ef|grep...

Hi, I have this in my sshdconfig module''s init.pp but the service is not getting restarted even though at first connect the file sshd_config is getting modified with the Banner entry. Can someone please help? class sshdconfig { file { "/etc/ssh/sshd_config": path => "/etc/ssh/sshd_config", owner => root, group => root, m...

https://bugzilla.mindrot.org/show_bug.cgi?id=2008 Bug #: 2008 Summary: IPV6 Bind to port 22 failed Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo:

...-34,6 +34,7 @@ declare -a csih_required_commands=( /usr/bin/mv coreutils /usr/bin/rm coreutils /usr/bin/cygpath cygwin + /usr/bin/mkpasswd cygwin /usr/bin/mount cygwin /usr/bin/ps cygwin /usr/bin/setfacl cygwin @@ -59,8 +60,9 @@ PREFIX=/usr SYSCONFDIR=/etc LOCALSTATEDIR=/var +sshd_config_configured=no port_number=22 -privsep_configured=no +strictmodes=yes privsep_used=yes cygwin_value="" user_account= @@ -89,28 +91,8 @@ update_services_file() { # Depends on the above mount _wservices=`cygpath -w "${_services}"` - # Remove sshd 22/port from services...

Hi. I wonder if it would be possible to implement support for a user-specific sshd_config. The primary reason is that I would like the ability to specify that I'm only allowed to login with a key pair, even though the system-wide sshd configuration still allows passwords for other users. Of course, a user-specific sshd_config file should not be able to break the security policy...

...SSH module. But I need to modify to include support for FreeBSD and AIX. On top of that, I need to include some conditionals in there that (for example) if (/etc/file1 contains string abc) ; then install sshd-config-x & ssh-config-x elsif (/etc/file1 contains string xyz); then install sshd_config-y & ssh_config-y else install sshd_config-z and ssh_config-z. So I''ve got multiple conditions; one for operating systems one for configurations based on the contents of other files. Here is my current init.pp I''ve come up with from the Pro Puppet book. Is this a good star...

The sshd_config tweaks were executed even if the old file was still in place. Fix that. Also disable sshd user creation. It's not used on Cygwin. --- contrib/cygwin/ssh-host-config | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/contrib/cygwin/ssh-host-config b/contrib/...

Hi, After extensively looking into puppet + augeas for managing the AllowGroups in sshd_config, I came to the conclusion that it won''t work as I expected :( So I''m sharing my thoughts here. The main objective is allowing multiple groups per-node, depending on what the security team wants. Since I want this to be dynamic, I created a define in a class: class ssh::server::c...

Hi , I have two problems when i went through a) the man page of sshd_config and b) the comments quoted in sshd_config file itself. They are given below. a) >From the man page of sshd_config: "If UsePAM is enabled, you will not be able to run sshd(8) as a non-privileged user." I changed the permission of the hostkeys to a non-privileged user and tried to r...

--On Friday, May 08, 2015 01:23:57 PM -0400 m.roth at 5-cent.us wrote: > I would *strongly* recommend editing your /etc/ssh/sshd_config, and > comment or delete the fallback, and replace it, like: ># Protocol 2,1 > Protocol 2 > > That way, it won't even try. While forcing protocol 2 on the server is not a bad idea, it won't help here. Remember, that's a client-side debug message that the OP was seeing....

I''m a newbie and I might be missing something... but let me try to explain what I want to accomplish and how I would like to do it. I''m installing ssh by using the saz::ssh <https://github.com/saz/puppet-ssh>module. This module provision the sshd_config file with the ssh configuration. I need to tune the sshd_config file, so I have a module, say patxi::scstack that includes ssh and tries to overwrite the sshd_config by defining this file again: class scstack_ssh { include ssh file { "/etc/ssh/sshd_config": content => te...

Hi everyone, For the last several releases (perhaps with the release of openssh 9?), upgrading each version of openssh started wiping the current sshd_config and replacing it with the default config, at least on OpenSUSE 15.4 via zypper/yast. I was thinking of ways to mitigate this and thought I'd move the config to sshd_config.d/ in the hopes that it will be then called by the main config. However, two issues exist here, and I'm not sure how...

...-5,6 +5,7 @@ libexecdir=@libexecdir@ mandir=@mandir@ sysconfdir=@sysconfdir@ +examplesdir=@examplesdir@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ @@ -137,16 +138,16 @@ $(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_LOCATION} ; \ fi - if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \ - $(INSTALL) -d $(sysconfdir); \ - $(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \ - $(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \ + if [ ! -f $(examplesdir)/ssh_config -a ! -f $(examplesdir)/sshd_config ]; then \ + $(INSTALL) -d $(examplesdir); \ + $(INSTALL) -...

...pennock at globnix.org> wrote: [...] > ssh_config(5) describes for `HostKeyAlgorithms` that: > } The list of available key types may also be obtained using "ssh -Q key" > > Running `ssh -Q key`, the output does not include these proposed > replacements. > > Only in sshd_config(5): > rsa-sha2-512-cert-v01 at openssh.com > rsa-sha2-256-cert-v01 at openssh.com > rsa-sha2-512 > rsa-sha2-256 Those are "sign only" algorithms that use the same RSA keys but with a stronger signature algorithms. It looks like the advice in sshd_config(5) is not acc...

The following patch reformats sshd_config in sections. - Add section breaks to help finding visual cues. - Indent standard text to column 8 (position of tab) and leave configuration examples to the left. - Add new example: how to restrict root login only inside local LAN. Hope you find the changes helpful. The patch is against: CV...

It seems the syntax for AllowUsers in sshd_config is not the same that is given in man sshd_config and in several documentation on the web. (http://www.openssh.com/cgi-bin/man.cgi?query=sshd_config) e.g. AllowUsers root does work. AllowUsers root username does not work. If I try to login as root I get "User root from <hostname> n...