Displaying 19 results from an estimated 19 matches for "sshds".
Did you mean:
sshd
2019 Feb 04
3
Signing KRLs?
Hi!
While reading through PROTOCOL.krl I came across "5. KRL signature sections".
If my understanding is correct - and that's basically what I would like to
get knocked down for if appropriate ;) - this is a way for SSHDs to ensure
they only accept KRLs signed by a trusted CA.
However, I cannot seem to find a way to actually _sign_ a KRL with ssh-keygen?
The aforementioned PROTOCOL.krl says that KRL_SECTION_SIGNATURE is optional in
the file structure, so am I right to assume that ssh-keygen simply does not
impleme...
2003 Apr 06
1
[Bug 537] Identification should depend on port number
...Version: 3.5p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: bugzilla.mindrot.org at tange.dk
I run 2 completely seperate sshds on different ports. The sshds are used for different
purposes and therefore use different configurations. Normally people will only connect to
one of the the 2 sshds, but a few people need to connect to both. This makes sshd
complain that the identifcations has changed - even though it has not....
2005 Dec 10
2
known_hosts and multiple hosts through a NAT router
The .ssh/known_hosts table cannot handle reaching different sshd
servers behind a NAT router. The machines are selected by having
the SSHDs respond to differnt ports.
A second request would be to allow known_hosts checking solely on
the dns name, wildcarding the IP address. This would be useful
to avoid continuously warning the user every time you connect
to a machine with a changing IP address (e.g. dynamic-ip DSL home machine).
With...
2002 Aug 07
2
so called hang-on-exit bug
>
> Yes, you can "police" these things as a sysadmin. How? Use
> /usr/proc/bin/ptree, ps, lsof and what not to find all sshd
> processes and their associated ptys - the sshds that have no
> children processes but whose master pty's slave pty still has
> processes associated with said pty, those are the sshds that must be
> killed in order to clean up (or you could kill -HUP the background
> processes).
sure, that's real practical. I just log on to e...
2002 Aug 07
0
Subject: RE: so called hang-on-exit bug
...gt; > Subject: Re: so called hang-on-exit bug
> >
> >
> > >
> > > Yes, you can "police" these things as a sysadmin. How? Use
> > > /usr/proc/bin/ptree, ps, lsof and what not to find all sshd
> > > processes and their associated ptys - the sshds that have no
> > > children processes but whose master pty's slave pty still has
> > > processes associated with said pty, those are the sshds that must be
> > > killed in order to clean up (or you could kill -HUP the background
> > > processes).
> >
&g...
2008 Aug 22
0
Enhance Match Blocks to Test Server Port.
Hi,
We'd like sshd to listen on port 22 with PasswordAuthentication = no and
port 2222 with PasswordAuthentication = yes. At the moment, it seems
the only way to do this is to run two sshds, one per port.
Since Match blocks already allow PasswordAuthentication to be set, if
the Match keyword itself allowed testing of the server port to which the
incoming connection was made then we could do
PasswordAuthentication no
...
Match ServerPort 2222
PasswordAuthentication y...
2005 Jun 09
1
need good wrapper
I'm having trouble with the rsync wrapper's I've found online:
rsync_wrapper[8458]: SSH_ORIGINAL_COMMAND environment variable
apparently not set
rsync: connection unexpectedly closed (0 bytes read so far)
rsync error: error in rsync protocol data stream (code 12) at io.c(189)
I'm not sure if this is a problem of incompatibility between my RHES3
and the wrappers I've found or
2017 Oct 11
0
Hybrid drives SSHD on Gluster peers
anybody use them on Gluster?
They seem to be almost the same cost as spinning metal these days. In
fact I was trying to get some 2.5 inch 2TB drives on a vendor and all
they had was the firecuda SSHDs or the really expensive "Enterprise"
variety.
Our use case would be for VM hosting (Rep2 + Arb). I'm not sure how the
SSD cache would pan out with the shards.
I've googled and the various responses are all over the map, but the
responses range from "can't hurt but pr...
2005 Jan 12
1
sshd runs with -R flag?
Hi All,
Sorry to interrupt, but I recently downloaded and installed a
pre-compiled package of OpenSSH 3.9p1 for Solaris.
After installation everything seems to work well, but I notice that all
of the child sshd daemons are running with a flag '-R' i.e.
sh-3.00# ps -ef | grep sshd
root 475 1 0 13:45:23 ? 0:00 /usr/local/sbin/sshd -4
root 643 475 0 14:10:55 ?
2007 Jan 30
3
[Bug 1279] Address- and/or port-specific HostKeys support
http://bugzilla.mindrot.org/show_bug.cgi?id=1279
Summary: Address- and/or port-specific HostKeys support
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy:
1999 Dec 04
2
confusion over RSAref vul w/OpenSS[HL]
Howdy,
The string of notices on BugTraq about RSAref being vulnerable to
overflows has me concerned. After trying to sort through all the
messages, I can't figure out whether I need to update OpenSSL (a
check of their website indicates no new patches), OpenSSH, both, or
neither. I am aware there is no known exploit for it yet.
I could be a bad boy and just run all
2016 Dec 22
4
[Bug 2648] New: allow max connections config
https://bugzilla.mindrot.org/show_bug.cgi?id=2648
Bug ID: 2648
Summary: allow max connections config
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
Hi,
I found a small issue with DNSSEC validation of SSHFP lookups. (For reference
I used OpenSSH 6.8p1 on FreeBSD 10.1).
The issues is that when DNSSEC valiation fails, ssh displays a confusing
message to the user. When DNSSEC validation of a SSHFP record fails, ssh
presents the user with
"Matching host key fingerprint found in DNS.
"Are you sure you want to continue connecting
2023 Jul 20
3
Ten second intermittent delay on login
Hi, folks,
We're experiencing an odd ten-second delay intermittently when logging
into any of our Linux boxes which authenticate against LDAP. Here's where
it happens:
Jul 13 11:54:23 console2 sshd[1853]: debug1: temporarily_use_uid: <my
uid\gid> (e=0/0)
Jul 13 11:54:35 console2 sshd[1853]: debug1: trying public key file <my key
file>
My assumption is there's
2008 Oct 23
6
ChrootDirectory on a per key basis
...s public key, but keep
rest of the users file accessible only with another, supposedly more
secure key.
I found a way to do this by running a separate sshd on a different
port with 'ChrootDirectory /some-dir' and 'ForceCommand internal-sftp'
configuration variables, but running two sshds is rather inelegent. Is
there a way to force this kind of configuration to only some keys? If
not, could the Match keyword be extended to match only certain keys,
or even better, could a 'chrootdir' option be added to the Authorized
keys format?
Teemu
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote:
> Date: Mon, 24 Jun 2002 15:00:10 -0600
> From: Theo de Raadt <deraadt at cvs.openbsd.org>
> Subject: Upcoming OpenSSH vulnerability
> To: bugtraq at securityfocus.com
> Cc: announce at openbsd.org
> Cc: dsi at iss.net
> Cc: misc at openbsd.org
>
> There is an upcoming OpenSSH vulnerability that
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote:
> Date: Mon, 24 Jun 2002 15:00:10 -0600
> From: Theo de Raadt <deraadt at cvs.openbsd.org>
> Subject: Upcoming OpenSSH vulnerability
> To: bugtraq at securityfocus.com
> Cc: announce at openbsd.org
> Cc: dsi at iss.net
> Cc: misc at openbsd.org
>
> There is an upcoming OpenSSH vulnerability that
2023 Aug 03
12
[Bug 3598] New: Dead lock of sshd and Defunct of sshd
https://bugzilla.mindrot.org/show_bug.cgi?id=3598
Bug ID: 3598
Summary: Dead lock of sshd and Defunct of sshd
Product: Portable OpenSSH
Version: 9.1p1
Hardware: ix86
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
2018 Sep 06
4
Some wishes regarding revoked keys
Hello.
I am trying to play through the following test scenario about
certificate revocation on Ubuntu 18.04, which has OpenSSH of this version:
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017
1. A CA key is created
ssh-keygen -t ed25519 -f ca
2. The CA public key is added to ~/.ssh/authorized_keys on some server:
cert-authority ssh-ed25519 AAAA...e ca at yoga
3. A user key is created on a