search for: stuge

On Mon, 10 Apr 2023 at 07:07, Peter Stuge <peter at stuge.se> wrote: > > Brian Candler wrote: > > > What's odd is that the length is *always* 1231976033 (which is > > > 0x496E7661 or "Inva" in ASCII). One thing that can cause this is if the libc writes to stderr (ie fd 2) on some classes of erro...

Well, SSHFP is supposed to only be used on DNSSEC-enabled domains. On Sat, Feb 23, 2019 at 9:59 PM Peter Stuge <peter at stuge.se> wrote: > > Yegor Ievlev wrote: > > It would make more sense to treat SSHFP records in the same way as > > known_hosts > > I disagree with that - known_hosts is nominally a client-local configuration. > > I think it's a very bad idea to hav...

...g time here if the process has already taken a long time to provide faster auth method iteration. I believe that a better solution is to set some arbitrary (probably configurable) timeout and, in case when we spend more time than that value, avoid doubling it. On Wed, Jun 28, 2023 at 2:04?PM Peter Stuge <peter at stuge.se> wrote: > > Dmitry Belyavskiy wrote: > > May I ask you to explain whether I am wrong in my conclusions? > > I guess it's not clear what problem you are trying to solve. > > > //Peter > _______________________________________________ > op...

http://bugzilla.mindrot.org/show_bug.cgi?id=540 stuge-openssh-unix-dev at cdy.org changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|sshd [priv] has PPID 1 and |sshd [priv] doesn't give |is killed by ^C in terminal |sh...

Hello, i am using SFTP with CHROOT. I want to allow my users that they can upload and download with the sftp server, but they should never do an MKDIR! Is it possible to restrict commands and how can i do this? i only found material of modifing the source...and that is not the best way for me. regards Sonja Meyer sonne_meyer at yahoo.de

On Fri, Jan 23, 2015 at 10:50 AM, Peter Stuge <peter at stuge.se> wrote: > John Olsson M wrote: >> it looks like OpenSSH does not cache and copy the authentication password > .. >> So I am wondering if there is any reason for doing like this? > > Data hygiene is one. Also, in my opinion as more of an admin than a...

Picking up on a couple really old threads (e.g. http://osdir.com/ml/ietf.secsh/2001-09/msg00003.html ) I've finally gotten around to this. The EXTPROC support on Linux is missing, but you can find kernel patches for that here http://lkml.org/lkml/2010/6/11/403 I've also fixed up the netkit telnet / telnetd code to work with EXTPROC / LINEMODE on Linux, those patches are here

Nico Kadel-Garcia wrote: > in places where I do not want OpenSSH server's tendency ro let > people with access look around the rest of the filesystem. If you want users to be able to use *only* SFTP then set a ChrootDirectory and ForceCommand internal-sftp in a Match for the user in sshd_config. //Peter

On Fri, Sep 18, 2015 at 7:07 PM, Peter Stuge <peter at stuge.se> wrote: > Fabiano Fid?ncio wrote: >> A few possible solutions for this would involve a way to support more >> than one agent, talking to both (the local one and the spice one), >> merging then their responses and returning it to any application who >...

On Mon, 2011-04-25 at 22:05 +0200, Maik Zumstrull wrote: > Package: linux-image-2.6.39-rc4-686-pae > Version: 2.6.39~rc4-1~experimental.1 > Severity: normal > Tags: experimental > > By simply stressing the system with some I/O, I can make it crash within > seconds. I''m not setting a higher severity because the bug is in an > experimental file system in an

> Date: Sat, 19 May 2012 03:10:03 +0200 > From: Peter Stuge <peter at stuge.se> > To: openssh-unix-dev at mindrot.org > Subject: Re: Syslog via UDP for chrooted environments > Message-ID: <20120519011003.30837.qmail at stuge.se> > Content-Type: text/plain; charset=us-ascii > > Matt Warner wrote: >> I've written code t...

On Tue, May 5, 2020 at 4:31 AM Peter Stuge <peter at stuge.se> wrote: > > Matthieu Hautreux wrote: > > The change proposed by Cyril in sftp is a very pragmatic approach to > > deal with parallelism at the file transfer level. It leverages the > > already existing sftp protocol and its capability to write/read f...

>>> TL;DR: please try the patch out and report if it causes "Did not receive >>> identification string" log messages. I believe it does not. Aw crap. My homegrown anti-dos tool for ssh looks for either DNRIS or if logging is verbose enough a connection that didn't result in a login. I give the attacker a few tries and whitelist any successful candidate so I

http://bugzilla.mindrot.org/show_bug.cgi?id=536 Summary: no access to tty on Linux 2.0 Product: Portable OpenSSH Version: 3.6p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: jfeise at

http://bugzilla.mindrot.org/show_bug.cgi?id=318 ------- Additional Comments From dtucker at zip.com.au 2003-05-04 19:12 ------- Does anyone see any problems with the patch id #186? It seems OK to me. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hi, I am using on sshd version OpenSSH_3.6.1p2. I am facing some very vauge problem when i run sshd server and try to connect to it. When I run sshd in debug mode [ ./sshd -ddd] I am able to connect to it and every thing functions very well, but when i run it as [./sshd] and try to connect it the connection hangs creating defunct process. The entries in process table are 25571 ? S

I've expressed several concerns with enabling UpdateHostKeys by default, none of which were even commented on, so this topic seems to not be in any way open for discussion, but I'll still add one more thing here. Peter Stuge wrote: > Subject: Re: UpdateHostkeys now enabled by default > Date: Mon, 5 Oct 2020 11:22:29 +0000 .. > I do not disagree with progressive key management, we clearly need to > roll keys now and then, and I'm also not against some automation, but > I don't think that it should...

Hi. I upgraded my main build host and the clang -Werror builds started failing. This is because clang 10's -Wimplicit-fallthrough doesn't understand /* FALLTHROUGH */ but rather requires __attribute__((fallthrough)): clang -Wall -O2 [...] -Wimplicit-fallthrough [...] -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DHAVE_CONFIG_H -c /openbsd-compat/base64.c

On Mon, 4 Jan 2016, Peter Stuge wrote: > Hi Kaleb, > > Kaleb Himes wrote: > > OpenSSH port Location: https://github.com/kaleb-himes/openssh-portable.git > > I'm afraid this repository is too messy to be useful. :\ > > You need to use the features offered by git to preserve commit ids if > any...

On Sunday 27 November 2016 13:49:17 Peter Stuge wrote: > Gene Heskett wrote: > > > On pi, in same shell as above, start the GUI application > > > > So the monitor is plugged into the droid, but the keyboard & mouse > > are plugged into the pi? > > No; X11 is a remote windowing protocol. Monitor, keyboard...