Displaying 20 results from an estimated 20000 matches similar to: "[Bug 440] Protocol 1 server key generated at start up even when P1 not used"
2004 Feb 10
1
[Bug 440] Protocol 1 server key generated at start up even when P1 not used
http://bugzilla.mindrot.org/show_bug.cgi?id=440
------- Additional Comments From dtucker at zip.com.au 2004-02-10 18:07 -------
Took a quick look at this.
I can confirm that when running in inetd ("-i -o Protocol=1,2") the SSHv1
ephemeral keys are still generated for v2 connects, and that with the patch it's
not.
The patch, however, seems to break SSHv1 connections in inetd
2003 May 15
1
[Bug 440] Protocol 1 server key generated at start up even when P1 not used
http://bugzilla.mindrot.org/show_bug.cgi?id=440
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From djm at mindrot.org 2003-05-15 21:16
2002 Nov 21
1
[Bug 440] Protocol 1 server key generated at start up even when P1 not used
http://bugzilla.mindrot.org/show_bug.cgi?id=440
------- Additional Comments From markus at openbsd.org 2002-11-21 20:21 -------
when does this happen? i don't see this with version 3.5
(or 2.5.1)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Nov 20
0
[Bug 440] New: Protocol 1 server key generated at start up even when P1 not used
http://bugzilla.mindrot.org/show_bug.cgi?id=440
Summary: Protocol 1 server key generated at start up even when P1
not used
Product: Portable OpenSSH
Version: older versions
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Build system
2004 May 11
0
FW: FW: found bug in 3.8.p1 ?
fyi
-----Original Message-----
From: Darren Tucker [mailto:dtucker at zip.com.au]
Sent: May 10, 2004 9:43 PM
To: Walczak, Stanislaw
Subject: Re: FW: found bug in 3.8.p1 ?
Please don't send bug reports to my personal email address. Use the
mailing list (openssh-unix-dev at mindrot.org), that's what it's there for.
Walczak, Stanislaw wrote:
[...]
>>ian.c.campbell: debug1:
2002 Nov 01
0
[Bug 423] New: Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
Summary: Workaround for pw change in privsep mode (3.5.p1)
Product: Portable OpenSSH
Version: 3.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2011 Aug 17
1
openssh-unix-dev Digest, Vol 100, Issue 3
Works on my netbsd tinkerbox.
NetBSD 5.0.2 NetBSD 5.0.2 (GENERIC)
It uses rlimit.
Privsep sandbox style: rlimit
I also get warnings during make.
fmt_scaled.c: In function 'scan_scaled':
fmt_scaled.c:84: warning: array subscript has type 'char'
fmt_scaled.c:111: warning: array subscript has type 'char'
fmt_scaled.c:155: warning: array subscript has type 'char'
2002 Jun 22
2
AIX Package build update.
Hello All,
I've updated the AIX package builder (contrib/aix/buildbff.sh). The
changes are below. Please review and commit if OK.
First, a question: Does anyone want SRC (System Resource Controller)
support in the packages? I don't use it but I've been sent an example of
how do do it without modifying sshd itself.
Onto the changes:
* Supports PrivSep. Postinstall will create
2002 Jul 01
0
Memory allocation gone awry with OpenSSH 3.(3,4)p1
Hello,
I have recently upgraded from an older version of OpenSSH to the
newer 3.3p1 (first) and now to 3.4p1 - because of the discovered
vulnerabilities. The default setting for these versions is to use
privilege separation, and this seems to trigger some weird bug with my
systems, causing sshd to consume memory until it barfs.
Details:
1. OpenSSH 3.3p1, privsep on, compression on:
2004 Jun 29
0
Debian bug #236814: sshd+PAM: MOTD isn't printed when privsep=no
Hi.
If sshd is configured to use PAM and UsePrivilegeSeparation=no or you
are logging is as root, any messages returned by PAM session modules are
not displayed to the user. (Even when the config file has privsep=yes,
logging in as root disables privsep anyway since there's no point, so it
behaves the same way as privsep=no).
I think I've figured out why: when privsep=no,
2003 May 12
0
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |serg at bspb.ru
------- Additional Comments From dtucker at zip.com.au 2003-05-13 09:55 -------
*** Bug 562 has been marked as a
2003 Jan 29
1
Privsep question: can the slave's child make monitor calls?
Hi all.
I have a question regarding privsep. Firstly, the following is my
understanding of what happens when privsep is enabled:
The sshd daemon is running as root listing on 22(a). When a connection
is accepted, a child is forked to handle the connection, this child
becomes the monitor(b). The monitor forks the pre-auth privsep
slave(c), which sheds it privs and hides in its chroot jail.
2006 Aug 23
0
OpenSSH survey results
Hi all.
For those that didn't know it, the OpenSSH portable team has been
collecting survey data about the platforms that it runs and the options
that it is built with. Partitipation is entirely voluntary and is as
simple as running "make send-survey" after building (see the INSTALL
file for details and caveats). I've used the data to answer a couple
of questions on this list
2003 Nov 25
2
zlib/openssl/openssh for Solaris
Darren,
I went to install zlib/openssl and openssh on one of my Sun
Servers(Solaris 2.7) and they would not install. Is there a website
where I can get Sun versions of these products?
Thanks,
Lou
-----Original Message-----
From: Darren Tucker [mailto:dtucker at zip.com.au]
Sent: Saturday, November 22, 2003 9:35 PM
To: Pacelli, Louis M, ALABS
Cc: OpenSSH Devel List
Subject: Re: zlib missing when
2003 Nov 13
0
[PATCH] Make PAM chauthtok_conv function into tty_conv
Hi All.
Attached is a patch that converts pam_chauthtok_conv into a generic
pam_tty_conv, which is used rather than null_conv for do_pam_session.
This allows, for example, display of messages from PAM session modules.
The accumulation of PAM messages into loginmsg won't help until there is
a way to collect loginmsg from the monitor (see, eg, the patches for bug
#463). This is because the
2006 Feb 12
1
sshd double-logging
Hi all.
As Corinna pointed out, there are some cases where sshd will log some
authentications twice when privsep=yes.
This can happen on any platform although it seems most obvious on the
ones that don't do post-auth privsep. It also occurs when sshd logs
to stderr (eg running under daemontools) or when you have a /dev/log in
the privsep chroot.
The patch below attempts to solve this for
2002 Nov 01
3
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
------- Additional Comments From michael_steffens at hp.com 2002-11-02 02:40 -------
Created an attachment (id=162)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=162&action=view)
Patch: Workaround for pw change in privsep mode (3.5.p1)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are
2009 Apr 03
0
mkae test fails on 5.3.p1
make tests fails:
run test login-timeout.sh ...
ssh: connect to host 127.0.0.1 port 4242: Connection refused
ssh connect after login grace timeout failed without privsep
failed connect after login grace timeout
make[1]: *** [t-exec] Error 1
make[1]: Leaving directory `/data/openssh-5.2p1.works/regress'
make: *** [tests] Error 2
any clues?
thanks
tedc
2003 Aug 24
12
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |627
nThis| |
Status|NEW |ASSIGNED
------- Additional
2002 Dec 21
6
[PATCH] PAM chauthtok + Privsep
Hello All.
Attached is an update to my previous patch to make do_pam_chauthtok and
privsep play nicely together.
First, a question: does anybody care about these or the password
expiration patches?
Anyway, the "PRIVSEP(do_pam_hauthtok())" has been moved to just after
the pty has been allocated but before it's made the controlling tty.
This allows the child running chauthtok to