similar to: AIX openssh patches

Hi there, everybody; As promised, here's the new version for my chroot patch. It applies cleanly over OpenSSH 2.1.1p4, and I'm attaching 2 versions: - openssh-2.1.1p4-chroot.patch-wc, is the chroot patch plus a "--with-chroot" patch for the "configure" script. - openssh-2.1.1p4-chroot.patch, is the same without the "--with-chroot" part. Have fun,

Hi there, everyone; Attached to this mail is the 2.2.0p1 version of my chroot patch. For those of you interested, my usual warning: This is NOT plug&pray. You'll have to build a whole binaries/libs/conf files tree within the new root. (it's just like the "classic" anonymous ftp behaviour) Configure with "configure --with-chroot" to use. Regards; RC --

Okay, I sent this a while back, and the current source still exhibits all the previous errors. Is there a chance this can be fixed? Even fixing the check for dn_expand in resolv.so would help ... Tony >Date: Tue, 10 Apr 2001 15:29:39 -0700 >To: "jeremy@valinux.com" <jeremy@valinux.com>, samba@samba.org >From: Anthony Brock <abrock@georgefox.edu> >Subject: Re:

Hi there, everyone; I've had a few requests for an updated version of my chroot patch. (the version found in contrib is outdated) So, here it goes, updated to 2.3.0p1; "chroot.diff" is a plain diff for session.c (apply, compile and go). "chroot+configure.diff" is the same patch, plus an option to "configure" for enabling/disabling chroot support (./configure

Hi! I've noticed that openssh always does a do_setpag() if compiled with AFS-support no matter which authentication method is used. Maybe I'm missing something but shouldn't it only get a pag, if AFS-token-passing is used? If password authentication is used, an AFS-pam-module (or the authenticate function on AIX) will do the job, otherwise, no token can be obtained and therefore no

Dear OpenSSH developers, Hi, taking the liberty of sending this to your mailing list in the hope someone will be able to help. The KTH version of Kerberos 4 was the only one I was able to find. In case you don't want to look at all the stuff below, the situation is briefly that I am trying to compile openssh with kerberos 4 support, which it apparently has. However, it can't find krb.h,

Hello, appended is a patch that makes it possible to use PAM both for password authentication and TIS (i.e. s/key or opie or any other interactive challenge/response scheme). I have developed this starting from the patch at http://www.debian.org/Bugs/db/61/61906.html on Debian with openssh-2.1.1p4-3. After configuring ssh with --with-pam-tis, there are two PAM services, "sshd" and

Attached is a very small patch that allows the ssh clients to use the socks5 library. It should work with socks4 but is untested. Tested on linux only configure --with-socks configure --with-socks5 Also included is a configure option to disable scp statistics --disable-scp-stats modified files openssh-2.9.9p2/acconfig.h openssh-2.9.9p2/channels.c openssh-2.9.9p2/configure.in

> Winton-- > > Excellent! Absolutely wonderful. > > I'm wondering which apps/encapsulators support 4A? This gets me > around > the DNS leakage problem quite nicely. > > Incidentally, we do need SOCKS5 support -- if for no other > reason, the > fact that there's *operating system* level support in OSX for SOCKS5 > redirection. So

For some reasons the afs tokenforwarding stuff has changed siginificantly from v 2.9p2 to 2.9.9p2. This makes it impossible to use public key authenticication in a standart AFS environment. I don't know the reasons for these changes. In any case attached is a patch which restores the old behaviour. Regards Serge -- Serge Droz Paul Scherrer Institut mailto:serge.droz at

The primary purpose of the attached patches is for portable OpenSSH to support changing expired passwords as specified in shadow password files. To support that, I did a couple enhancements to the base OpenBSD OpenSSH code. They are: 1. Consolidated the handling of "forced_command" into a do_exec() function in session.c. These were being handled inconsistently and allocated

Hi, We at BalaBit IT Security Ltd developed a patch against openssh 2.3.0p1 to support TIS authserv authentication. TIS authserv uses a simple protocol, and supports CryptoCard, SKey, password etc. authentication. The commercial versions of SSH support this protocol, OpenSSH implemented SKey on its own using the protocol primitives originally invented for TIS authentication. Our patch is an

http://bugzilla.mindrot.org/show_bug.cgi?id=118 Summary: Implement TIS (protocol 1) via PAM Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: fcusack at

Since I use the Dante SOCKS library (instead of the NEC libraries), I decided to hack support for them into OpenSSH. Here is the results. Thanks, David $NetBSD$ --- configure.in.orig Wed Dec 29 08:37:01 1999 +++ configure.in Wed Dec 29 08:37:25 1999 @@ -334,6 +341,20 @@ AC_MSG_WARN([*** Disabling lastlog support *** ]) AC_DEFINE(DISABLE_LASTLOG) fi + +dnl Compile with dante SOCKS library

Here are some patches to re-enable support for AIX's authenticate routines. With them, ssh will honor locked & unlocked accounts, record successful and unsuccessful logins, and deny accounts that are prohibited to log in via the network. Tested with AIX 4.3. It also includes a fix for handling SIGCHLD that may be needed for other platforms (HP-UX 10.20, for example). If I get the time

I've been trying to cut down the size of openssh so I can run it on my Nokia 770. One thing which helps a fair amount (and will help even more when I get '-ffunction-sections -fdata-sections --gc-sections' working) is to have the option of compiling out privilege separation... Is it worth me tidying this up and trying to make it apply properly to the OpenBSD version? Does the openbsd

please test Olaf Kirch's patch. it looks fine to me, but i don't to K5. i'd like to see this in the next release. thx -m -------------- next part -------------- --- openssh-3.4p1/auth-krb5.c.krb Sun Jun 9 21:41:48 2002 +++ openssh-3.4p1/auth-krb5.c Tue Jul 23 15:15:43 2002 @@ -73,18 +73,17 @@ * from the ticket */ int -auth_krb5(Authctxt *authctxt, krb5_data *auth, char

Unfortunately, the login.c changes after pre-19 have exposed some more NetBSD-centric problems concerning the lack of several fields in struct utmp. Here's another set of patches to fix NetBSD compiling (although they may also help some other UNIXes as well). Thanks, David --- configure.in.orig Mon Dec 27 09:09:05 1999 +++ configure.in Mon Dec 27 09:13:39 1999 @@ -264,6 +264,16 @@

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5