similar to: [Bug 655] sshd_config.5: 'GSSAPICleanupCredentials' -> '...Creds'

In 3.7.1p2, the sshd_config manpage talks about GSSAPICleanupCredentials, while servconf.c uses GSSAPICleanupCreds. Here is a patch: --- openssh-3.7.1p2/servconf.c.orig 2003-12-10 10:43:52.000000000 -0200 +++ openssh-3.7.1p2/servconf.c 2003-12-10 10:44:13.000000000 -0200 @@ -310,10 +310,10 @@ { "afstokenpassing", sUnsupported }, #ifdef GSSAPI {

It looks to me like GSSAPICleanupCredentials doesn't work if UsePrivilegeSeparation is set to "no". Is this a bug, or am I doing something wrong? On a related note, is there a SERVER way to disable GSSAPIDelegateCredentials?

x11-ssh-askpass version 1.0.1 is now available from the following locations: http://www.jmknoble.cx/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH (www.openssh.com) under the X Window System. The important changes since version 1.0 are as follows: - Bugfixes: - If the keyboard or

x11-ssh-askpass version 1.2.4 (code name: Boudin) is now available from the following locations: http://www.poboxc.com/~jmknoble/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH <http://www.openssh.com/> under the X Window System. Significant changes since version 1.2.2 include: - Minor

x11-ssh-askpass version 1.2.4 (code name: Boudin) is now available from the following locations: http://www.poboxc.com/~jmknoble/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH <http://www.openssh.com/> under the X Window System. Significant changes since version 1.2.2 include: - Minor

x11-ssh-askpass version 1.2.1 (code name: Fatoomsh) is now available from the following locations: http://www.jmknoble.cx/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH (www.openssh.com) under the X Window System. The important changes since version 1.2.1 are as follows: - Added a

[See my comments below.] ----- Forwarded message from an x11-ssh-askpass customer ----- Date: Fri, 30 Mar 2001 16:34:28 -0800 Subject: x11-ssh-askpass 1.2.0 To: jmknoble at jmknoble.cx I just installed x11-ssh-askpass 1.2.0 on some systems, and ran into a couple of minor problems: OpenSSH 2.5.2p2 by default is looking for ssh-askpass in /usr/local/libexec, not /usr/local/libexec/openssh. It

http://www.pobox.com/~jmknoble/jmk/x11-ssh-askpass-1999.12.04.tar.gz Changes: 1999-12-05 04:21 jmknoble * Imakefile: Added patch from Markus Friedl to change use of awk (with GNU-specific extensions?) to sed, more likely to be available on various platforms. X11-ssh-askpass is drop-in passphrase dialog for OpenSSH, based solely on the regular X11 libraries (libX11,

The INSTALL file in the current distribution has the passphrase request at http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html maybe this should be changed to http://www.liquidmeme.net/software/x11-ssh-askpass ?? -- Antonino Iannella Santos Ltd 91 King William St ADELAIDE SA 5000 Ph +618 8224 7712 Fax +618 8224 7577 Mobile +61408 800007 Email antonino.iannella at

Damien-- Attached is a patch to contrib/redhat/sshd.init which eliminates the dependency on the success() and failure() functions from initscripts>=4.16. This allows sshd.init to be used for both early and recent releases of Red Hat Linux (i've confirmed it works on both 4.2 and 5.2 as well as 6.2). The patch also removes the 'Requires: initscripts >= 4.16' line from

Makefile.in is not fixed ! in old ssh.h # define SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" in new pathnames.h #define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" but in Makefile.in PATHS=...-DSSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" ----------------------------------------------------------- about patch: - remove unused defines:

Currently, openssh's PAM service name is a compile-time choice. That's fine when one uses one sshd to serve normal shell logins and the like. But this will not work IF sshd is nor run as root (which I don't want it to do), because pam_open_session usually requires access to one's shadow information (for account expiration perhaps?), and there is no way (and need: this sshd is

-- jim knoble | jmknoble at pobox.com > On Apr 30, 2017, at 19:40, Darren Tucker <dtucker at zip.com.au> wrote: > >> On Mon, May 1, 2017 at 12:09 PM, Damien Miller <djm at mindrot.org> wrote: >> >> Hi, >> >> I just deleted SSHv1 support in OpenBSD and portable OpenSSH. There's >> probably a little dead code still to be expunged, but

I've cleaned up Pekka Savola's newly revised sshd.init and additional sshd-functions and modified them to work they way i've been arguing they should work. Compatibility functions are defined in ./contrib/redhat/sshd-functions, which should get installed no matter what release of Red Hat Linux OpenSSH is getting built for, to be consistent across releases. Specific changes from

https://bugzilla.mindrot.org/show_bug.cgi?id=1550 Summary: Move from 3DES to AES-256 for private key encryption Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: ssh-keygen AssignedTo:

this is the proposed gssapi diff against OpenSSH-current (non-portable). note: if this goes in, the old krb5 auth (ssh.com compatible) will be removed. please comment. jakob Index: auth.h =================================================================== RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -u -r1.1.1.2 -r1.3 --- auth.h

https://bugzilla.mindrot.org/show_bug.cgi?id=3558 Bug ID: 3558 Summary: Spelling "yes" as "Yes" in sshd_config has a fatal result Product: Portable OpenSSH Version: 7.2p2 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component:

http://bugzilla.mindrot.org/show_bug.cgi?id=919 Summary: --disable-etc-default-login has no visible feedback Product: Portable OpenSSH Version: -current Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org

The ulimit problem appears to have reared its head again with openssh-1.2.3, under Red Hat Linux 6.1 (kernel-2.2.12, glibc-2.1.2, egcs-1.1.2, openssl-0.9.5, pam-0.68, pwdb-0.60): $ telnet localhost 22 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-1.5-OpenSSH-1.2.3 ^] telnet> quit Connection closed. $ ssh localhost Last login: Wed Mar 29

http://bugzilla.mindrot.org/show_bug.cgi?id=327 ------- Additional Comments From jmknoble at pobox.com 2002-07-02 04:11 ------- Could you please check the error message again? Is it: mm_receive_fd: recvmsg: expected received 1 got nnnnnnnn or is it this: mm_receive_fd: expected type 1 got nnnnnnnn ? Those are two different problems, within a few lines of each other. The exact text