Displaying 20 results from an estimated 8000 matches similar to: "[Bug 1089] StrictModes needs runtime granularity"
2015 Nov 18
0
[Bug 1089] StrictModes needs runtime granularity
https://bugzilla.mindrot.org/show_bug.cgi?id=1089
cab at bongalow.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cab at bongalow.net
--
You are receiving this mail because:
You are watching the assignee of the bug.
2008 Oct 24
7
[Bug 1532] New: SSH ignoring "StrictModes no"
https://bugzilla.mindrot.org/show_bug.cgi?id=1532
Summary: SSH ignoring "StrictModes no"
Product: Portable OpenSSH
Version: 5.1p1
Platform: ix86
URL: http://www.networksecurityarchive.org/html/Secure-Shel
l/2005-08/msg00058.html
OS/Version: Linux
Status: NEW
Severity: normal
2005 Feb 28
1
[Bug 988] sshd StrictModes check failed with fs acl
http://bugzilla.mindrot.org/show_bug.cgi?id=988
Summary: sshd StrictModes check failed with fs acl
Product: Portable OpenSSH
Version: 3.9p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: coil93
2003 Jul 09
3
OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes
Greetings,
I have compiled OpenSSH-3.6.1p2 on SCO 3.2v4.2 and
the following problem occurs:
I am unable to login as root using when strictmode is set to yes.
output of debug:
Failed none for root from 192.168.1.1 port 1199 ssh2
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method publickey
debug1:
2015 Nov 18
0
[Bug 2498] New: Allow StrictModes to be controlled by Match
https://bugzilla.mindrot.org/show_bug.cgi?id=2498
Bug ID: 2498
Summary: Allow StrictModes to be controlled by Match
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2002 Mar 21
0
StrictModes yes fails in some cases on AIX
today I've got a strange error on a AIX 4.3 box (OpenSSH 3.1p1)
secure_filename() fails with
"realpath /users/fmohr/.ssh/authorized_keys failed: Permission denied"
in a (realy special) case:
- /users/fmohr/ is mounted by the automounter
- the directory is exported via a dfs/nfs gateway
- StrictModes is set to yes
it works if the mounted directory is directly exported
via nfs or
2014 May 15
1
[patch/cygwin] contrib/cygwin/ssh-host-config
Hi,
would you mind to apply the below patch? It fixes Cygwin's
ssh-host-config script in various ways:
- Remove old code to remove the "sshd/22" entry from /etc/services.
This code fixes a problem which only existed in installations which
are more than 10 years old.
- Handle the StrictMode setting interactively.
- Fix regular expressions looking for white spaces.
- Make the
2017 May 07
4
[Bug 2713] New: Please provide a StrictModes-like setting (command line parameter) for ssh (client)
https://bugzilla.mindrot.org/show_bug.cgi?id=2713
Bug ID: 2713
Summary: Please provide a StrictModes-like setting (command
line parameter) for ssh (client)
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: Other
Status: NEW
Severity: enhancement
Priority: P5
2003 Jul 10
0
[Bug 615] OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes
http://bugzilla.mindrot.org/show_bug.cgi?id=615
Summary: OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: ix86
OS/Version: other
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2003 Jul 29
6
[Bug 615] OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes (broken dirname in libgen)
http://bugzilla.mindrot.org/show_bug.cgi?id=615
vikashb at comparexafrica.co.za changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|OpenSSH 3.6.1p2 ON SCO |OpenSSH 3.6.1p2 ON SCO
|3.2v4.2 + STRICTMODES -->yes|3.2v4.2 + STRICTMODES -->yes
|
2008 Jul 15
2
Risk of StrictMode (but read only)
Is there a risk associated with having authorized_keys files set to readable but "StrictMode no"?
I am thinking particularly in the case of having public keys all centralized in a directory in /etc or something.
Is it really a potential hack vector if someone can read a public key, or is the only real danger if they were writable?
---
Don Hoover
dxh at yahoo.com
2002 Feb 20
1
Is there a way to tell the sshd to ignore the security check on t he user's home permissions?
Is there a way to tell the sshd to ignore the security check on the user's
home permissions?
debug3: secure_filename: checking '/ftpdata/pxdata/pold/data/.ssh'
debug3: secure_filename: checking '/ftpdata/pxdata/pold/data'
Authentication refused: bad ownership or modes for directory
/ftpdata/pxdata/fold/data
debug1: restore_uid
debug2: userauth_pubkey: authenticated 0 pkalg
2006 Jan 19
3
ownership of authorized_keys
Hi,
I would like to make it impossible for users to change the
contents of the authorized_keys-file.
I just found out about the sshd_config setting:
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
But even in that case that file has to be owned by the user,
unless I set ``StrictModes no'' which would allow other
nastyness. I would like to request that that file could also be
owned by
2000 Apr 09
2
Password Login Failing... (Not sure this went through)
Appologise if this did make it to the list but I just subscribed and
didn't see it come back...
I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything
seems to be working (not quite smooth sailing - I had to resort to
precompiled RPM for OpenSSL). I did however get it "working." I
generated a host key as root and then changed back to joe-user. I created
a key for
2004 Jan 21
2
PAM auth stage rejection not working
Hi,
I have an auth module for PAM that I wrote a few years ago called
pam_vsd.so. The idea is that a user must have a certain privilege
before they can successfully authenticate. Without the privilege the
PAM module will return PAM_PERM_DENIED.
However I find that in OpenSSH 3.7.1p2, I can easily subvert this check
simply by hitting return 3 times on connection i.e.
[nick at localhost
2016 Jun 14
1
timestamp granularity
Apple File System Guide is released.
https://developer.apple.com/library/prerelease/content/documentation/FileManagement/Conceptual/APFS_Guide/GeneralCharacteristics/GeneralCharacteristics.html
>Nanosecond Timestamp Granularity
>
>APFS supports 1 nanosecond timestamp granularity, which improves
>upon the 1 second timestamp granularity of HFS+.
>Compatibility
>
>You can share
2007 Apr 18
0
[PATCH 5/21] i386 Pnp byte granularity
The one remaining caller of set_limit, the PnP BIOS code, calls into the PnP
BIOS, passing kernel parameters in and out. These parameteres may be passed
from arbitrary kernel virtual memory, so they deserve strict protection to
stop a bad BIOS from smashing beyond the object size.
Unfortunately, the use of set_limit was badly botching this by setting
the limit in terms of pages, when it really
2007 Apr 18
0
[PATCH 5/21] i386 Pnp byte granularity
The one remaining caller of set_limit, the PnP BIOS code, calls into the PnP
BIOS, passing kernel parameters in and out. These parameteres may be passed
from arbitrary kernel virtual memory, so they deserve strict protection to
stop a bad BIOS from smashing beyond the object size.
Unfortunately, the use of set_limit was badly botching this by setting
the limit in terms of pages, when it really
2006 Apr 07
0
"action pass random determ/netrand reclassify --value--": granularity problems
Hi all!
I''m trying to do proportional marking of real-time traffic to indicate link congestion, and for that, I wish to use the DSMARK filter to mark from, say EF to 0xcc. (an unused DSCP value)
By proportional, I mean, if congestion on the egress link is, say 38%, then I shall remark 38 packets of every 100 leaving eth0.
I already wrote some scripts, and I can measure the overload
2006 Apr 11
1
HTB statistics granularity
Hi,
I am running HTB and using the following command to get rate and pps statistics:
tc -s class show dev eth0
However what I am seeing is that if I run the command over and over again, I see the sent bytes and sent packets increment however the rate and pps have the following issues:
1. The rate and pps values only seem to update after every 15 seconds
2. They do not show until about after