search for: x11_forward

Displaying 18 results from an estimated 18 matches for "x11_forward".

Did you mean: x11forward
2001 Mar 03
0
[PATCH] PrintLastLog option
...Index: servconf.h --- servconf.h.prev +++ servconf.h Thu Feb 22 20:59:45 2001 @@ -52,4 +52,5 @@ * for RhostsRsaAuth */ int print_motd; /* If true, print /etc/motd. */ + int print_lastlog; /* If true, print lastlog */ int check_mail; /* If true, check for new mail. */ int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ Index: servconf.c --- servconf.c.prev +++ servconf.c Thu Feb 22 20:59:45 2001 @@ -56,4 +56,5 @@ initialize_server_options(ServerOptions options->ignore_user_known_hosts = -1; options->print_motd = -1; + options->print_lastlog = -1;...
2004 Feb 27
0
PAM patch for openssh 3.7.1p2
...option to pkgadd. #TEST_DIR=/var/tmp # leave commented out for production build PKGNAME=OpenSSH SYSVINIT_NAME=opensshd MAKE=${MAKE:="make"} SSHDUID=67 # Default privsep uid SSHDGID=67 # Default privsep gid # uncomment these next two as needed #PERMIT_ROOT_LOGIN=no #X11_FORWARDING=yes +#USEPAM=yes # list of system directories we do NOT want to change owner/group/perms # when installing our package SYSTEM_DIR="/etc \ @@ -143,6 +144,9 @@ $FAKE_ROOT/${sysconfdir}/sshd_config [ "${X11_FORWARDING}" = yes ] && \ p...
2001 Jun 05
1
OpenSSH tmp cleanup
Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2003 Mar 07
6
Call for testing for 3.6
We are heading into a lock here. So we need to get people to test their respective platforms if they wish them to be supported out of the tar file. So if you have any patches you need to ensure your platform works speak up. We are looking at a lock on the 17th. I believe I have an AIX/Cray patch and a Tru64 patch sitting in my mailbox that I'll be looking at soon and more than likely
2013 Jan 31
2
OpenSSH NoPty patch
...--- next part -------------- diff -rupN openssh-6.1p1/servconf.c openssh-6.1p1-new/servconf.c --- openssh-6.1p1/servconf.c 2012-07-31 02:22:38.000000000 +0000 +++ openssh-6.1p1-new/servconf.c 2013-01-31 17:12:36.000000000 +0000 @@ -85,6 +85,7 @@ initialize_server_options(ServerOptions options->x11_forwarding = -1; options->x11_display_offset = -1; options->x11_use_localhost = -1; + options->no_pty = -1; options->xauth_location = NULL; options->strict_modes = -1; options->tcp_keep_alive = -1; @@ -201,6 +202,8 @@ fill_default_server_options(ServerOption options->x11_u...
2016 May 03
3
StreamLocal forwarding
On Tue, 3 May 2016, Rogan Dawes wrote: > Hi Damien, > Thanks for the response! > > I tried moving the StreamLocalBindUnlink directive outside of the Match > rule, and it worked. But that doesn't explain why the Match was not > correctly setting the directive: > > This is running on an alternate port with -ddd: > > debug3: checking match for 'User
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)
2002 Jun 28
3
Solaris packaging
Hi Ben, Just a few things on openssh 3.4p1 Solaris package. 1) Solaris naming convention would be OPENssh for package 2) Need to add the "sed" edit of X11Forwarding for ssh_config also 3) I prefer sym links as default (I suppose thats personal) 4) Need to provide "response" file so that dont need interaction to install!! - I do all install via jumpstart scripts etc.
2003 Jan 29
0
[PATCH] features for restricted shell environments
...rding) - channel_add_permitted_opens(host, port); xfree(patterns); goto next_option; } --- auth-pam.c 28 Jan 2003 18:06:51 -0000 1.1.1.2 +++ auth-pam.c 29 Jan 2003 20:39:19 -0000 1.2 @@ -358,7 +360,7 @@ no_port_forwarding_flag &= ~2; no_agent_forwarding_flag &= ~2; no_x11_forwarding_flag &= ~2; - if (!no_port_forwarding_flag && options.allow_tcp_forwarding) + if (!auth_restricted(RESTRICT_TCP, auth_get_user())) channel_permit_all_opens(); #endif } --- auth.c 28 Jan 2003 18:06:51 -0000 1.1.1.2 +++ auth.c 29 Jan 2003 21:26:11 -0000 1.4 @@ -291,6 +293,31 @...
2002 Feb 12
0
[Patch] Xauthority file in /tmp
...removal of this code. Scott. -------------- next part -------------- diff -r --unified openssh-3.0.2p1.orig/servconf.c openssh-3.0.2p1/servconf.c --- openssh-3.0.2p1.orig/servconf.c Wed Nov 14 00:03:15 2001 +++ openssh-3.0.2p1/servconf.c Tue Feb 12 14:21:14 2002 @@ -64,6 +64,7 @@ options->x11_forwarding = -1; options->x11_display_offset = -1; options->xauth_location = NULL; + options->xauthority_in_tmp = -1; options->strict_modes = -1; options->keepalives = -1; options->log_facility = (SyslogFacility) - 1; @@ -258,7 +259,7 @@ sAllowUsers, sDenyUsers, sAllowGroups,...
2007 May 16
2
Disabling ForceCommand in a Match block
Hello, I am trying to force a command for all users *except* for users in the "wheel" group. My idea was to do the following in sshd_config: ForceCommand /usr/bin/validate-ssh-command Match Group wheel ForceCommand But obviously this doesn't work, because ForceCommand requires an argument. I couldn't find a way to achieve what I want. I wrote a patch that adds a
2002 Jul 15
10
Patch: Solaris packages don't create privsep user or group
Hi. Solaris packages created by buildpkg.sh don't create privsep user or group and sshd won't start until they are created (or privsep is disabled): ## Executing postinstall script. starting /usr/local/sbin/sshd... Privilege separation user sshd does not exist /etc/init.d/opensshd: Error 255 starting /usr/local/sbin/sshd... bailing. The attached patch (against -cvs) ports the relevant
2000 Aug 13
1
Patches for openssh port forwarding
...host name to connect to. */ host = packet_get_string(&host_len); diff -u -r openssh-2.1.1p4/servconf.c openssh-2.1.1p4-jhchanges/servconf.c --- openssh-2.1.1p4/servconf.c Sat Jul 15 07:14:17 2000 +++ openssh-2.1.1p4-jhchanges/servconf.c Sun Aug 13 00:06:25 2000 @@ -45,6 +45,7 @@ options->x11_forwarding = -1; options->x11_display_offset = -1; options->xauth_location = NULL; + options->port_forwarding = -1; options->strict_modes = -1; options->keepalives = -1; options->log_facility = (SyslogFacility) - 1; @@ -116,6 +117,8 @@ if (options->xauth_location == NULL)...
2001 Nov 20
3
problem with AFS token forwarding
Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in
2016 Jun 02
2
MaxDisplays configuration option
...int); diff -Naur openssh-portable/servconf.c openssh-portable-maxdisplays/servconf.c --- openssh-portable/servconf.c 2016-06-01 21:14:01.820052926 -0400 +++ openssh-portable-maxdisplays/servconf.c 2016-06-01 21:14:22.976053858 -0400 @@ -96,6 +96,7 @@ options->print_lastlog = -1; options->x11_forwarding = -1; options->x11_display_offset = -1; + options->max_displays = -1; options->x11_use_localhost = -1; options->permit_tty = -1; options->permit_user_rc = -1; @@ -327,6 +328,8 @@ options->max_authtries = DEFAULT_AUTH_FAIL_MAX; if (options->max_sessions == -1)...
2004 Apr 30
0
buildpkg.sh enhancements
...,6 +11,8 @@ # Options for building the package # You can create a config.local with your customized options # +REMOVE_FAKE_ROOT_WHEN_DONE=yes +# # uncommenting TEST_DIR and using # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty # and @@ -27,6 +29,22 @@ #PERMIT_ROOT_LOGIN=no #X11_FORWARDING=yes #USR_LOCAL_IS_SYMLINK=yes +# System V init run levels +SYSVINITSTART=S98 +SYSVINITSTOPT=K30 +# We will source these if they exist +POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh +POST_PROTOTYPE_EDITS=./pkg_post_prototype_edit.sh +# We'll be one level deeper looking for these +...
2000 Aug 23
1
Protocol 2 remote forwarding patch
...ges/servconf.c Mon Aug 21 20:48:09 2000 @@ -19,6 +19,9 @@ #include "xmalloc.h" #include "compat.h" +/* Jarno: import */ +extern int allow_port_forwarding; + /* add listen address */ void add_listen_addr(ServerOptions *options, char *addr); @@ -45,6 +48,7 @@ options->x11_forwarding = -1; options->x11_display_offset = -1; options->xauth_location = NULL; + allow_port_forwarding = -1; options->strict_modes = -1; options->keepalives = -1; options->log_facility = (SyslogFacility) - 1; @@ -116,6 +120,8 @@ if (options->xauth_location == NULL) opti...