search for: syslog_level_debug1

...{ "FATAL", SYSLOG_LEVEL_FATAL }, { "ERROR", SYSLOG_LEVEL_ERROR }, { "INFO", SYSLOG_LEVEL_INFO }, { "VERBOSE", SYSLOG_LEVEL_VERBOSE }, { "DEBUG", SYSLOG_LEVEL_DEBUG1 }, { "DEBUG1", SYSLOG_LEVEL_DEBUG1 }, { "DEBUG2", SYSLOG_LEVEL_DEBUG2 }, { "DEBUG3", SYSLOG_LEVEL_DEBUG3 }, { NULL, 0 } The priorities specified, say, in sshd_config will use the SYSLOG_LEVEL...

...00 jd (OpenSSH/j/5_log.h 1.1 644) +++ 2_9_p2_w_gss_krb5_named_keys.6(w)/log.h Thu, 05 Jul 2001 18:41:32 -0400 willian (OpenSSH/j/5_log.h 1.1 644) @@ -39,6 +39,7 @@ SYSLOG_LEVEL_QUIET, SYSLOG_LEVEL_FATAL, SYSLOG_LEVEL_ERROR, + SYSLOG_LEVEL_NOTICE, SYSLOG_LEVEL_INFO, SYSLOG_LEVEL_VERBOSE, SYSLOG_LEVEL_DEBUG1, @@ -58,6 +59,7 @@ /* Output a message to syslog or stderr */ void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2))); void error(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void notice(const char *fmt,...) __attribute__((format(printf, 1, 2))); void l...

...sh-3.5p1-orig/sftp-server.c openssh-3.5p1/sftp-server.c --- openssh-3.5p1-orig/sftp-server.c 2002-12-18 10:10:13.000000000 -0500 +++ openssh-3.5p1/sftp-server.c 2002-12-18 10:42:50.000000000 -0500 @@ -1021,7 +1021,7 @@ handle_init(); #ifdef DEBUG_SFTP_SERVER - log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); + log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0,NULL); #endif in = dup(STDIN_FILENO); diff -urN openssh-3.5p1-orig/sftp.c openssh-3.5p1/sftp.c --- openssh-3.5p1-orig/sftp.c 2002-12-18 10:10:13.000000000 -0500 +++ openssh-3.5p1/sftp.c...

...setgid failed for %u\", (u_int)pw->pw_gid ); + + permanently_set_uid(pw); + +} +#endif /* CHROOT */ + static int errno_to_portable(int unixerrno) { @@ -1028,15 +1081,19 @@ int in, out, max; ssize_t len, olen, set_size; +#ifdef DEBUG_SFTP_SERVER + log_init(\"sftp-server\", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); +#endif + +#ifdef CHROOT + chroot_init(); +#endif + /* XXX should use getopt */ __progname = ssh_get_progname(av[0]); handle_init(); -#ifdef DEBUG_SFTP_SERVER - log_init(\"sftp-server\", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); -#endif - in = d...

...ri = LOG_ERR; - break; case SYSLOG_LEVEL_FATAL: ! txt = "fatal"; pri = LOG_ERR; break; case SYSLOG_LEVEL_INFO: case SYSLOG_LEVEL_VERBOSE: pri = LOG_INFO; break; case SYSLOG_LEVEL_DEBUG1: ! txt = "debug1"; pri = LOG_DEBUG; break; ! case SYSLOG_LEVEL_DEBUG2: ! txt = "debug2"; pri = LOG_DEBUG; break; case SYSLOG_LEVEL_DEBUG3: ! txt = "debug3...

...'t chroot to user directory %s: %s",user_dir, strerror(errno)); + + setenv("HOME", new_root, 1); + break; + } + new_root += 2; + } +} +#endif /* CHROOT */ + int main(int ac, char **av) { @@ -1022,6 +1054,13 @@ #ifdef DEBUG_SFTP_SERVER log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); #endif + +#ifdef CHROOT + chroot_init(); +#endif /* CHROOT */ + + if (setuid(getuid()) != 0) + fatal("Couldn't drop privileges: %s", strerror(errno)); in = dup(STDIN_FILENO); out = dup(STDOUT_FILENO); -- manfred heubach edv und neue medien Hindenb...

...4.0.so...done. Reading symbols from /usr/platform/SUNW,Ultra-30/lib/libc_psr.so.1...done. Reading symbols from /usr/lib/nss_files.so.1...done. #0 0xef4a5400 in strlen () (gdb) where #0 0xef4a5400 in strlen () #1 0xef4dc7e4 in _doprnt () #2 0xef4e5c88 in vsnprintf () #3 0x42bfc in do_log (level=SYSLOG_LEVEL_DEBUG1, fmt=0xb9e28 "using hostkeyalias: %s", args=0xefffe510) at log.c:385 #4 0x42574 in debug (fmt=0xb9e28 "using hostkeyalias: %s") at log.c:159 #5 0x20c04 in check_host_key (host=0x5a "", hostaddr=0xf3560, host_key=0xffaa8, readonly=0, user_hostfile=0x81 "&...

..."LOCAL5", SYSLOG_FACILITY_LOCAL5 }, { "LOCAL6", SYSLOG_FACILITY_LOCAL6 }, { "LOCAL7", SYSLOG_FACILITY_LOCAL7 }, - { NULL, 0 } + { NULL, (SyslogFacility)0 } }; static struct { @@ -85,7 +85,7 @@ { "DEBUG1", SYSLOG_LEVEL_DEBUG1 }, { "DEBUG2", SYSLOG_LEVEL_DEBUG2 }, { "DEBUG3", SYSLOG_LEVEL_DEBUG3 }, - { NULL, 0 } + { NULL, (LogLevel)0 } }; static void do_log(LogLevel level, const char *fmt, va_list args); --- openssh-snap/readconf.c Thu Oct 4 02:39:39 20...

...r; --- log.h.orig Tue Jun 4 17:51:55 2002 +++ log.h Tue Jun 4 17:52:03 2002 @@ -33,7 +33,7 @@ SYSLOG_FACILITY_LOCAL5, SYSLOG_FACILITY_LOCAL6, SYSLOG_FACILITY_LOCAL7, - SYSLOG_FACILITY_NOT_SET = -1, + SYSLOG_FACILITY_NOT_SET = -1 } SyslogFacility; typedef enum { @@ -45,7 +45,7 @@ SYSLOG_LEVEL_DEBUG1, SYSLOG_LEVEL_DEBUG2, SYSLOG_LEVEL_DEBUG3, - SYSLOG_LEVEL_NOT_SET = -1, + SYSLOG_LEVEL_NOT_SET = -1 } LogLevel; void log_init(char *, LogLevel, SyslogFacility, int);

...BUG_SFTP-SERVER + log_init("sftp-server", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); +#endif + +#ifdef CHROOT + chroot_init(); +#endif + /* XXX should use getopt */ __progname = get_progname(av[0]); handle_init(); -#ifdef DEBUG_SFTP_SERVER - log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); -#endif - in = dup(STDIN_FILENO); out = dup(STDOUT_FILENO);

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

...f DEBUG_SFTP-SERVER + log_init("sftp-server", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); +#endif + +#ifdef CHROOT + chroot_init(); +#endif __progname = get_progname(av[0]); handle_init(); -#ifdef DEBUG_SFTP_SERVER - log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); -#endif - in = dup(STDIN_FILENO); out = dup(STDOUT_FILENO);

I'm working on setting up a semi-trusted sftp service, and to get it working, I need chroot capability. I've taken the /./ wuftpd magic token code from contrib/chroot.diff and put it into the sftp server. The main problem is that privileges have been dropped by the time the subsystem is exec'ed, so my patch requires that sftp-server be setuid root. Not ideal, I know, but I drop all

...s at mindrot.org Reporter: kircherlike at outlook.com We noticed that the sshd.c file contained such a code snippet: ... for (i = 0; i < options.num_host_key_files; i++) { int ll = options.host_key_file_userprovided[i] ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_DEBUG1; if (options.host_key_files[i] == NULL) continue; if ((r = sshkey_load_private(options.host_key_files[i], "", &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) do_log2(ll, "...

...getpwuid(cuid)) == NULL) { + cuname = NULL; + } else { + cuname = upw->pw_name; + } + + /* Initialize the parent process ID. */ + ppid = getppid(); + + /* Initialize the logfile, loglevel dependent on DEBUG compile-time setting. */ #ifdef DEBUG_SFTP_SERVER log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); +#else + log_init("sftp-server", SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0); #endif + /* Log session start. */ + log("(%d/%d/%s) SFTP session started.", ppid, cuid, CUNAME); + in = dup(STDIN_FILENO); out = dup(STDOUT_FILENO); @@ -1073,6 +1129...

...][1]) + timeout = atoi(&argv[argno][1]); + else { + if (++argno >= argc) + usage(); + timeout = atoi(argv[argno]); + } + if (timeout <= 0) + usage(); + goto double_break; + case 'v': + if (!debug_flag) { + debug_flag = 1; + log_level = SYSLOG_LEVEL_DEBUG1; + } + else if (log_level < SYSLOG_LEVEL_DEBUG3) + log_level++; + else + fatal("Too high debugging level."); + break; + default: + if (*--(argv[argno]) != '-') + fatal("Please separate options T and v from any other options."); + goto t...

...+ + /* Initialize the logfile. */ + log_init("sftp-server", SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0); + + /* Log session start. */ + log("(%d/%d/%s) SFTP session started.", ppid, cuid, CUNAME); + #endif + #ifdef DEBUG_SFTP_SERVER log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); #endif *************** *** 1087,1092 **** --- 1292,1300 ---- if (select(max+1, rset, wset, NULL, NULL) < 0) { if (errno == EINTR) continue; + #ifdef SFTP_LOGGING + log("(%d/%d/%s) SFTP session closing (%s).", ppid, cuid, CUNAME, "Sele...

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

...{ case 'b': bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr); @@ -1156,6 +1295,9 @@ case 'U': reader_id = optarg; break; + case 's': + sign_host_key = 1; + break; case 'v': if (log_level == SYSLOG_LEVEL_INFO) log_level = SYSLOG_LEVEL_DEBUG1; @@ -1221,6 +1363,8 @@ printf("Can only have one of -p and -c.\n"); usage(); } + if (sign_host_key) + do_sign_host_key(pw); if (delete_host || hash_hosts || find_host) do_known_hosts(pw, rr_hostname); if (print_fingerprint || print_bubblebabble) Index: ssh_config.5 =======...