similar to: [Bug 1502] New: Incompatible declaration of AuthctxtV2.success

Folks, During testing, we found a couple of issues with openssh3.0.2p1: 1. In userauth_finish() in auth2.c (as well as in do_authloop in auth1.c), the foll. check: if (authctxt->failures++ > AUTH_FAIL_MAX) is never satisfied and thus packet_disconnect() never gets called. I suspect the code just drops out of the dispatch_run function list instead. This should be an == instead of >.

The way things are now, input_userauth_request() calls the authmethod, and then does a bunch of checks, like the special case for root. If an authmethod requires a challenge-response conversation, these checks are skipped, unless they are duplicated by the authmethod. For example, in auth2-chall.c, some of the code is duplicated (logging, sending the reply), but the root special case is skipped.

Hi everybody, I got a strange error message when I used the openssh. When I run it with debug mode, like this: # /usr/local/sbin/sshd -d I can open the session via ssh command. However, when I run with daemon mode, the ssh client was closed down and threw out the following message: debug1: dispatch_run:dispatch done debug1: Authentication succeeded (keyboard-interactive). debug1: channel 0:

https://bugzilla.mindrot.org/show_bug.cgi?id=1501 Summary: p_read, p_send not intialized Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org

I'm using OpenSSH-2.9.9p2 on Solaris 8 sparc64. 2.9p2 worked fine, but 2.9.9p2+ is giving me trouble with one thing - sshd segfaults if I try to connect and execute a command, such as "ssh machine ls". Otherwise it works great. sshd will fork, and the child process segfaults. CVS snapshot does the same thing. I've narrowed this down somewhat. It will only happen if you use

I have been trying to compile OpenSSH_4.7p1 for OS/390 and got really stuck. IBM released a build of v3.8.1p1 several years ago, but I do not know whether anyone else has ever managed to compile it for OS/390 or OS/z. The first problem is that the build apparently performs ssh transport exchange using EBCDIC character encoding instead of ASCII (which breaks RFC 4253) and I am not sure how to do

Hi, OpenSSH coredump was seen on our customer's side causing ssh login slow and manual command not workable. We need help to identify the root cause. Thanks!! >> Background: 1) server info: # uname -a SunOS owtnmncccm0cnmo 5.10 Generic_125100-10 sun4v sparc SUNW,Netra-CP3060 bash-3.00# /usr/local/bin/ssh -v OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 bash-3.00# cat

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

The variable local_user was allocated by xstrdup and is not freed or pointed to in this branch. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sshconnect.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/sshconnect.c

Hi Peter, I need this small patch to get udev to compile against the latest klibc. I'm not sure if this is the right thing to do, but it fixes the compile. thanks mh -- Martin Hicks Wild Open Source Inc. mort@wildopensource.com 613-266-2296 # This is a BitKeeper generated patch for the following project: # Project Name: The kernel C library # This patch format is

http://bugzilla.mindrot.org/show_bug.cgi?id=74 Summary: Use of sig_atomic_t breaks SunOS4 compile Product: Portable OpenSSH Version: -current Platform: Other OS/Version: SunOS Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

on FreeBSD, gcc complains that %d is used for sig_atomic_t Casting to (int) as a solution ? Index: serverloop.c =================================================================== RCS file: /cvs/openssh/serverloop.c,v retrieving revision 1.172 diff -u -p -r1.172 serverloop.c --- serverloop.c 2 Dec 2012 22:50:55 -0000 1.172 +++ serverloop.c 4 Dec 2012 11:46:33 -0000 @@ -708,7 +708,7 @@

On Mon, 23 Feb 2015, Tom G. Christensen wrote: > On 19/02/15 23:21, Damien Miller wrote: > > Snapshot releases for portable OpenSSH are available from > > http://www.mindrot.org/openssh_snap/ > > > > I tried building openssh-SNAP-20150224.tar.gz on Solaris 2.6, 7, 8 and 9. > All failed because they do not have <sys/queue.h>. > Here's how it looks on

Hi, 1. I think you should apply the attached patch to openssh-2.9p1, otherwise ssh-keyscan on linux boxes with glibc-2.1 will experience enormous timeout delays. 2. Is there a program like ssh-keyscan for the Version2 (dsa and rsa) keys?? regards Peter Breitenlohner <peb at mppmu.mpg.de> -------------- next part -------------- diff -ur openssh-2.9p1.orig/ssh-keyscan.c

https://bugzilla.mindrot.org/show_bug.cgi?id=2642 Bug ID: 2642 Summary: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status:

On Fri, Feb 23, 2018 at 05:01:00PM +1100, Darren Tucker wrote: > You could try this patch which defers resetting the "tried" flag on the > pubkeys until the list of authentication methods changes. I don't have > a server with this behaviour so I'm not sure if it helps (and I'm not > sure it's the right thing to do anyway). I think this is a better way to

In the current implementation, ssh always uses the hostname supplied by the user directly for the SSHFP DNS record lookup. This causes problems when using the domain search path, e.g. I have "search example.com" in my resolv.conf and then do a "ssh host", I will connect to host.example.com, but ssh will query the DNS for an SSHFP record of "host.", not

https://bugzilla.mindrot.org/show_bug.cgi?id=1213 --- Comment #3 from aab at purdue.edu 2010-11-23 12:00:50 EST --- Created attachment 1961 --> https://bugzilla.mindrot.org/attachment.cgi?id=1961 One attempt at getting the rsa key from a remote server that was having a number of problems. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving

Greetings list, I just upgraded my main file server, and copied over a dump of my LDAP database, samba conf files, tdbs, etc. Everything fired up OK and runs, except: -Some users (perhaps 5 or 6 out of 125) can't log in, getting the "domain unavailable" message -I can't rejoin them to the domain - the process appears to succeed, but doesn't -One of the machine accounts

Hi All. While working on something I noticed core dumps from sshd. They don't seem to be related to what I was working on. It's from the process forked to run the shell. Just after the fork, fatal_remove_all_cleanups() is called, which looks like: fatal_remove_all_cleanups(void) { struct fatal_cleanup *cu, *next_cu; for (cu = fatal_cleanups; cu; cu = next_cu) {