Displaying 20 results from an estimated 29 matches for "versionaddendum".
2013 Jun 19
2
sshd didn't run after upgrade to FreeBSD 8.4
The version of sshd in FreeBSD 8.4 is not backward compatible with older
version from 8.3.
OpenSSH_5.4p1 (on FreeBSD 8.3)
OpenSSH_6.1p1 (on FreeBSD 8.4)
# sshd -t
/etc/ssh/sshd_config line 19: Missing argument.
On line 19, there is:
VersionAddendum
It was OK in older versions. It will remove any default text appended to
SSH protocol banner (for example 'FreeBSD-20120901').
On FreeBSD 8.4, there must be some string (any single character)
I was really badly surprised that the machine was re-booted without ssh
access!
I think this...
2017 Jul 19
1
[Bug 2745] New: [PATCH] add support for VersionAddendum to the client
https://bugzilla.mindrot.org/show_bug.cgi?id=2745
Bug ID: 2745
Summary: [PATCH] add support for VersionAddendum to the client
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: Mac OS X
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Repor...
2014 Sep 24
5
[Bug 2281] New: sshd accepts empty arguments in ForceCommand and VersionAddendum
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
Bug ID: 2281
Summary: sshd accepts empty arguments in ForceCommand and
VersionAddendum
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: plautrba at re...
2016 Aug 08
3
ssh(d) identification string in portable (clarification)
Hello all,
We got a report [1], that we miss "p1" suffix in the sshd identification
strings in Fedora. I dig in and found out that it is also missing from
portable usptream since 2004, when you were rewriting version.h header
file with this information.
Debian somehow patched this information back during the time in some
places (ssh_api.c is missing).
It does not look like
2002 Jun 26
1
Full FreeBSD patchset
A non-text attachment was scrubbed...
Name: openssh.diff
Type: text/x-patch
Size: 49208 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020626/8f94fb5b/attachment.bin
2015 Jul 01
0
Announce: OpenSSH 6.9 released
...pen=none; bz#2355
* ssh(1), ssh-add(1), ssh-keygen(1): allow new-format private keys
to be encrypted with AEAD ciphers; bz#2366
* ssh(1): allow ListenAddress, Port and AddressFamily configuration
options to appear in any order; bz#86
* sshd(8): check for and reject missing arguments for VersionAddendum
and ForceCommand; bz#2281
* ssh(1), sshd(8): don't treat unknown certificate extensions as
fatal; bz#2387
* ssh-keygen(1): make stdout and stderr output consistent; bz#2325
* ssh(1): mention missing DISPLAY environment in debug log when X11
forwarding requested; bz#1682
* sshd(...
2003 Nov 13
1
SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE
...he default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
# Note that some of FreeBSD's defaults differ from OpenBSD's, and
# FreeBSD has a few additional options.
#VersionAddendum FreeBSD-20030423
Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#S...
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2020 Jul 18
2
[Bug 3196] New: [Information Disclosure] OpenSSH_7.4p1 Raspbian-10+deb9u7 discloses OS version
https://bugzilla.mindrot.org/show_bug.cgi?id=3196
Bug ID: 3196
Summary: [Information Disclosure] OpenSSH_7.4p1
Raspbian-10+deb9u7 discloses OS version
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Other
Status: NEW
Severity: security
Priority: P5
2023 Jul 07
3
[Bug 3587] New: Would OpenSSH consider adding a switch to hide the specific OpenSSH version number?
https://bugzilla.mindrot.org/show_bug.cgi?id=3587
Bug ID: 3587
Summary: Would OpenSSH consider adding a switch to hide the
specific OpenSSH version number?
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Severity: security
Priority: P5
2015 Jul 01
5
Announce: OpenSSH 6.9 released
...pen=none; bz#2355
* ssh(1), ssh-add(1), ssh-keygen(1): allow new-format private keys
to be encrypted with AEAD ciphers; bz#2366
* ssh(1): allow ListenAddress, Port and AddressFamily configuration
options to appear in any order; bz#86
* sshd(8): check for and reject missing arguments for VersionAddendum
and ForceCommand; bz#2281
* ssh(1), sshd(8): don't treat unknown certificate extensions as
fatal; bz#2387
* ssh-keygen(1): make stdout and stderr output consistent; bz#2325
* ssh(1): mention missing DISPLAY environment in debug log when X11
forwarding requested; bz#1682
* sshd(...
2012 Aug 29
0
Announce: OpenSSH 6.1 released
...sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and h...
2012 Aug 29
0
Announce: OpenSSH 6.1 released
...sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and h...
2015 Jan 30
5
[Bug 2346] New: sshd -T doesn't write all configuration options in valid format
...f openssh
in our distributions I came up with some problems that are also
applicable to upstream so I took time to report them here.
Found issues:
* UsePAM option is written in integer format, instead of yes/no format
* StreamLocalBindMask is not written
* AllowAgentForwarding is not written
* VersionAddendum is written, but even without value which makes it
invalid option when using output again as input sshd_config
* AuthenticationMethods is written even if it is empty which causes
the same problem like the previous option
These issues can be resolved using attached patch. Comments are
welcomed....
2012 Aug 21
5
Call for testing: OpenSSH 6.1
...sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and h...
2006 Dec 14
1
Problems using gssapi authentication from FreeBSD to Linux machines
...e ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-
cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VersionAddendum FreeBSD-20061110
# Add kerberos ticket forwarding
# QAK - 12/13/06
Host *
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
# If this option is set to yes then the remote X11 clients will have
full access
# to the local X11 display. As virtually no X11 client supports the
untrus...
2016 Sep 27
4
[Bug 2618] New: net-misc/openssh-7.2_p2: Terribly slow Interactive Logon
https://bugzilla.mindrot.org/show_bug.cgi?id=2618
Bug ID: 2618
Summary: net-misc/openssh-7.2_p2: Terribly slow Interactive
Logon
Product: Portable OpenSSH
Version: 7.2p2
Hardware: amd64
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: sshd
2020 Sep 26
2
Debian client/workstation pam_mount
...ntMotd no
> #PrintLastLog yes
> #TCPKeepAlive yes
> #PermitUserEnvironment no
> #Compression delayed
> #ClientAliveInterval 0
> #ClientAliveCountMax 3
> #UseDNS no
> #PidFile /var/run/sshd.pid
> #MaxStartups 10:30:100
> #PermitTunnel no
> #ChrootDirectory none
> #VersionAddendum none
>
> # no default banner path
> #Banner none
>
> # Allow client to pass locale environment variables
> AcceptEnv LANG LC_*
>
> # override default of no subsystems
> Subsystem sftp /usr/lib/openssh/sftp-server
>
> # Example of overriding settings on a per-user ba...
2014 Jun 23
2
ListenAdress Exclusion
I was wondering what everyone's thoughts were on a simpler way to exclude
addresses from having listeners on them.
I know a lot of people have multiple subnets, especially larger
corporations.
Some networks are non-route-able, and therefor unsuitable for use with SSH,
aside from communication between other servers on the same subnet.
Given that we may want to exclude those non-route-able
2016 Jun 29
3
SSH Closes Immediately After Opening
...s
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation no
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# default banner path
Banner /etc/banner.txt
# override default of no subsystems
Subsystem sftp /usr/sbin/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
I&...