similar to: Bugreport: OpenSSH-1.2.2 Server for Linux (glibc 2.1.2)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Nov 1999, Berend De Schouwer wrote: > RH6.0, Intel, openssh-1.2pre13 > > If I generate /etc/ssh_host_key, it works, if I generate > /root/.ssh/identity it segfaults. Every time. Fixed. There was a buffer overrun in the filename handling. Please try the attached patch. Regards, Damien Miller > # ssh-keygen >

Hi! There is a situation when sshd will crash, but it might be rather hard to reproduce. I'll try to explain the setup :) S/KEY is compiled and installed (taken from http://www.sparc.spb.su/solaris/skey/ ) on Linux box (kernel 2.4.0). Then, OpenSSH 2.3.0p1 is compiled with skey support. It all works fine (patch has been applied too, which fixes skey issue found in November). Now, for the

Hello ! I think a problem was introduced in openssh-2.3.0p1 which is still there in the latest openssh-2.5.2p1. I just noticed it before my vacation and could not send this mail earlier than today. The problem is: You can't use the Rhosts-RSA authentication based on the hosts.equiv file and the host keys. The only possible way to do rhosts-RSA authentication is to allow the usage of the

I believe auth-rhosts.c, function check_rhosts_file(), contains a bug that shows up when doing host-based authentication where the client_user name is not the same as the server_user name. Line 76 reads: strlcpy(userbuf, server_user, sizeof(userbuf)); I believe it should read: strlcpy(userbuf, client_user, sizeof(userbuf)); Otherwise later in the function this test will fail: /* Verify that

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5

In do_authloop() in auth1.c(), the Kerberos 4 and 5 code both allocate, then xfree() the client_user string. The call to do_pam_account() later in the function then tries to use this string, resulting in a corrupt remote user. Finally, before exiting, the function frees client_user again, resulting in a double free and much mess. Patch attached. Cheers, Simon. -- Simon Wilkinson

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable

----- Forwarded message from Telford Tendys <telford@triode.net.au> ----- Delivery-Date: Thu Jan 25 22:22:57 2001 Date: Fri, 26 Jan 2001 16:26:27 +1100 From: Telford Tendys <telford@triode.net.au> To: feedback@vorbis.com Subject: Comments on your code User-Agent: Mutt/1.2.5i Dear Vorbis, I didn't even know about ogg or vorbis until I was at a conference and someone said, ``if

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

A question for the WineLib guru's :) I am using the wine-20011108 build with Mandrake 8.0 and with this version of wine clean compiled and installed I can run several windows programs very successfully :). Then I use winemaker to create a WineLib 'so' file and the compile and link again runs clean. But when I run the resulting 'so' file using this command line: $

Host based authentication does not seem to be working for us after upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at 0.96d). Any time we try to connect from another unix box also running openssh-3.4p1, we get the following error (on the server side) and host based auth fails (it falls back to password prompt). sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

Hi. To compartmentalize things a bit (e.g., to help limit the damage should one of my machines be hacked and my private RSA keys stolen) I use different RSA key pairs on my different client machines. So it occurs to me that it would be nice if ssh could log which key was used when logging in to a particular account that has more than one entry in .ssh/authorized_keys. Right now it simply says

Here are some patches to re-enable support for AIX's authenticate routines. With them, ssh will honor locked & unlocked accounts, record successful and unsuccessful logins, and deny accounts that are prohibited to log in via the network. Tested with AIX 4.3. It also includes a fix for handling SIGCHLD that may be needed for other platforms (HP-UX 10.20, for example). If I get the time

Adrian Baugh wrote: > > Hi, > I'm using the Linux port of OpenSSH 1.2-pre15. > One of my users complained of not being able to log in using password > authentication but being able to log in okay using RSA authentication. > I set up the server in debug mode and got the following for RSA > authentication (usernames, machine names and IPs obfuscated): I think I have found

Thanks! This is in regards to bug 3084, I am trying to find out why samba is crashing. I am using glibc-2.4 with nptl threads. It seems to be a memory or threading issue. Thanks for any help. Running smbd through gdb: Breakpoint 6, charset_name (ch=CH_DISPLAY) at lib/charcnv.c:57 57 const char *ret = NULL; (gdb) Continuing. Substituting charset 'ANSI_X3.4-1968' for

Hi, Is it possible to create Rose Diagrams of wind data (speed & direction) with R?? Best regards, Lars Peters ----- Lars Peters University of Konstanz Limnological Institute D-78457 Konstanz Germany phone: +49 (0)7531 88-2930 fax: +49 (0)7531 88-3533 e-mail: Lars.Peters@Uni-Konstanz.de web: Lars Peters <http://www.uni-konstanz.de/sfb454/tp_eng/A1/doc/peters/peters.html>

https://bugzilla.mindrot.org/show_bug.cgi?id=2064 Bug ID: 2064 Summary: Enable logging of client_user at INFO priority rather than DEBUG2 Classification: Unclassified Product: Portable OpenSSH Version: 5.8p2 Hardware: All OS: All Status: NEW Severity: enhancement

shorewall-docs-html-1.4.10a is missing following files: Banner.htm Shorewall_index_frame.htm seattle_firewall_index.htm Or there should be different index.htm in tar. There might be other missing files but that''s what I found out immidiately when I tried to check local docs. -- Tuomo Soini <tis@foobar.fi> Linux and network services +358 40 5240030 Foobar Oy