search for: useprivilegedports

Hi. Does anyone use UsePrivilegedPort or have ssh(1) setuid, and if so for what use case? ssh(1) has had code in it to support installing setuid root since approximately forever, however OpenBSD has not shipped it in that configuration since 2002 (and I suspect these days no vendor does). As far as I can tell, all of the reasons for this no longer apply: - setuid root was needed to bind to a

On 6 July 2018 at 17:24, Gert Doering <gert at greenie.muc.de>wrote: [...] > I think we have one customer connection where their firewall admin > thinks "it is more secure that way" - read, we can't ssh in if we come > from high ports. > > OTOH, thanks for the pointer with ProxyCommand - it's a very specific > niche problem with a viable workaround, so I

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #16 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #4 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:10 EST --- Retarget unresolved

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2130 --- Comment #12 from Damien Miller <djm at mindrot.org> --- Retarget to openssh-6.4 -- You are

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au Status|NEW |ASSIGNED Assignee|openssh-bugs at

Changes since OpenSSH 6.4 ========================= This is a feature-focused release. New features: * ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange method is the default when both the client and server support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a

I tried setting rhost and rhostrsa authentication to no in /etc/ssh/ssh_config. That didn't work. When I added "UsePrivilegedPorts no" to /etc/ssh/ssh_config, it gave me a syntax error. I tried using ssh -P hostname, which locked up on authenticating to host. Someone I know who uses openssh on an Alpha Linux host has the same problem, but the ports are different even for him (1024-65535). To get openssh to work on a Sp...

The openSSH ssh command appears to not use a source privileged port (no matter what the options/configs) if the target port isn't a privileged port. For example: ssh -p 22222 foo.ucla.edu would never try to connect from a privileged port. Even with useprivilegedport=yes. This disallows .shosts RSA host authentication without a password. This breaks compatability with ssh-1.2.27 and

Hi, there is a tiny bug in readconf.c: options->use_privileged_port is always set to 0 regardless of whether -P is specified or not. This has the effect that RhostsAuthentication is disabled even if "RhostsAuthentication yes" is specified. The (trivial) patch is appended below. Martin ======================================================================== Martin Siegert Academic

http://bugzilla.mindrot.org/show_bug.cgi?id=357 Summary: SSH does not handle "Protocol" option in ~/.ssh/options properly Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

Hi there, I have a need to have scp pass the -P option to ssh to "bypass" the packetfilters that doesn't allow connections to return to arbitary "priviledged" ports, ie. ports <1024. See attached context sensitive diffs against 2.2.0p1 to please integrate. Thanx Hendrik Visage -------------- next part -------------- *** 1.1 2000/10/11 13:31:45 --- scp.c 2000/10/11

I have a problem I can not identify. Two firewalls with OpenBSD 2.8 sshd version OpenSSH_2.3.0 I do a ssh root at 195.84.181.91 -v SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to 195.84.181.91 [195.84.181.91] port 22. debug: Allocated

Hi, i have written a patch for openSSH 5.8p2 which allows the user to set the local source port. The patch is as follows: diff -rupN openssh-5.8p2//readconf.c openssh-5.8p2-srcport//readconf.c --- openssh-5.8p2//readconf.c 2010-11-20 04:19:38.000000000 +0000 +++ openssh-5.8p2-srcport//readconf.c 2011-07-17 20:57:52.385044096 +0100 @@ -125,7 +125,7 @@ typedef enum { oGlobalKnownHostsFile2,

The attached patch adds an option (off by default to preserve current behavior) to set a timeout on the select() statement that waits for input in clientloop.c. This fixes a timeout issue for me (explained below) and probably also fixes the timeouts mentioned in last month's thread "Idle time out". The patch is also available by http from:

Hi, OpenSSH 6.6 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a small release mostly to fix some minor but annoying bugs in openssh-6.5. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable

The latest changes (replacing strtok with strsep) in OpenSSH's readconf.c broke many ~/.ssh/config files. Actually those which uses more than one whitespace character to separate keyword and value. For instance my ~/.ssh/config file reads: | BatchMode no | Compression yes | CompressionLevel 3 | FallBackToRsh no | UsePrivilegedPort no | ForwardX11

Apologies if this is a FAQ; I couldn't find an answer on openssh.com or the mailing list archive.... Commercial SSH (I looked at 1.2.30) allocates privileged ports by counting /downwards/ from 1023, so that it will obtain a socket with (roughly speaking) the highest available privileged port number. This also appears to be the behaviour of rsh et al: (from sshconnect.c; whitespace elided)

Hi, and another feature request that I got from a debian user and that I think should be included in openssh. Thanks. |Unlike the 'old' ssh (Package: ssh; Version: 1.2.26-1.2)'s scp |openssh's scp does not support the -L option which according to |old ssh's manpage does the following: |> -L Use non privileged port. With this you cannot use |>

Anyone, HELP!!!!!!!!!!!!!! I currently installed openssh-2.9p2 on SunOS 5.7 and 5.8. From the very moment that start to ssh out I get "Rhosts Authentication disabled ;the originating ip will not be trusted". I 've put "Useprivileged yes " in the ssh_config file, but then the ssh complains that there is a bad config line. Can some one tell me what is going on and how can I