similar to: Clarification of error message due to /etc/hosts.allow problems

WARNING TO ALL - I just got what appears to be an infected Word document attachment via the list. The apparently forged headers look suspicious, too. Procmail Security daemon wrote: > > REPORT: Trapped poisoned Microsoft attachment > REPORT: Macro Scanner score: 129 > STATUS: Message quarantined in /var/spool/mail/security, not delivered to recipient. > > Headers from

Hey all, I installed OpenSSH on a redhat 6.0 box using the 1.2.2 i386 rpms, and I can't connect to it from other machines. I edited the sshd_config file and changed the ListenAddress from 0.0.0.0 to the machine's IP number. The error I have been getting at first confused me, so I checked out the code, and found the function in the sshconnect.c file. The strange thing is that sometimes

Just compiled the SRPM for 3.3p1 on my Immunix 6.2 box (Redhat 6.2 + Stackguard compiler), fired up the server, and tried to connect to it. No joy. In the spec file I changed the following options: # Is this build for RHL 6.x? %define build6x 1 # Disable IPv6 (avoids DNS hangs on some glibc versions) %define noip6 1 This appears in the system log: Jun 24 16:11:51 johnh sshd[27774]: fatal:

Here is a patch to implement a handy new feature proposed by John Hardin <johnh at aproposretail.com>. This is his description of the feature: New option for OpenSSH: Delay before exit. Command line option: -S delay Config file option: sleep {delay} Purpose: Wait the specified number of seconds after last traffic before dropping the connection and exiting. If ports are forwarded, this

Has anybody here implemented OpenSSL+OpenSSH on SCO Open Server 5.0.5? Please contact me off-list. Thanks! -- John Hardin Internal Systems Administrator Apropos Retail Management Systems, Inc. <johnh at aproposretail.com>

Quick question: ssh client and server 2.5.2p2, RSA authentication. Should the user be prompted to change their password if it's expired? -- John Hardin <johnh at aproposretail.com> Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192

Can somebody install an attachment filter on the listserv? Please? -- John Hardin <johnh at aproposretail.com> Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192 ----------------------------------------------------------------------- "Rather than form a

So I'm working from home today, and for the first time I've tried running Evolution over a forwarded X11 connection. Even though work has a T1 and I have 640k at home, and ssh is compressing, it's ... rather slow. So I fire off lbxproxy and try to run an xterm to see if it works. No dice, authentication denied. Does anybody have any experience with this? Is it possible to run

I use fetchmail+ssh (soon to be openssh) to retrieve mail for several accounts. The setup for this forwards a couple of local ports to the mail server POP and IMAP ports, then sleeps. Nothing fancy. If the first poll has a lot of messages, enough that it extends beyond the end of the sleep, then when it completes ssh sees no activity on the forwarded ports and exits. This prevents subsequent

Renaud Guerin <renaudg at hexanet.fr> writes: >I'm running OpenSSH 1.2.2. with OpenSSL 0.9.4 on Linux 2.2.14 >(Mandrake 7.0) They were recompiled from source RPMS with gcc 2.95.2 >When I try to connect to localhost, I get >SSH Version OpenSSH-1.2.2, protocol version 1.5. >Compiled with SSL. >debug: Reading configuration data /etc/ssh/ssh_config >debug: Applying

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

Just to bring everyone up to date, could we get a report on the status of support for the 2.x protocol? The home page says "next major release" - is that 1.3 or 2.0? And is there any feel for when it'll be generally available? -- John Hardin Internal Systems Administrator Apropos Retail Management Systems, Inc. <johnh at aproposretail.com>

I am working on a proxy which can be hosted on a single IP address and dispatch requests to different backends depending on which hostname the client used to connect to this IP address. Currently such a proxy can be build to support HTTP, HTTPS, SMTP, and DNS. However SSH support is impossible due to the ssh client not sending the information such a proxy would need. I am not the first to want

Hi, I am behind a firewall which does not permit connections to port 22, so I run my ssh server on port 23. :-) Unfortunately, the stupid firewall prints a few lines of junk when you make a connection to port 23 before actually starting the connection. This confuses ssh. Attached is an (ugly) patch against openssh-1.2pre15 which makes it ignore a configurable number of lines while looking for

Hi. I don't do much with routers any more but recently I was configuring a Cisco via SSH when my session disconnected while pasting large amounts of text. I'm told this is common. I've had this patch for a while but I've not been able to test it. If anyone is regularly experiencing this kind of issue could you please tell me if the attached patch helps? (The buffer size limit

Hello, I am testing ssh with occasional network disconnection between server and client during these days. I found ssh sometimes hangs if the disconnection happens after the connection is established but before ssh_exchange_identification completes. The ssh configuration files show that both client and server alive options are set. In /etc/ssh/ssh_config: # Send keepalive messages to the server.

Hi List, I have a szenario where I need to reach a host on the internet from a "firewalled" network but there is a HTTPS-proxy runnnig. As some people know you can tunnel all TCP-connections through this proxy because it can't decide if someone is really doing SSL or just Telnet to port 443 (or use SSH in our case). So I've written a patch for ssh to make it send the CONNECT

I mentioned this problem in a previous post (in November). This time I'm including a patch. Version: OpenSSH_2.3.0p1 Keywords: setsockopt keepalive hang masquerade interactive Symptom: For protocol 2, socket options (especially keepalive) are not being properly set for OpenSSH_2.3.0p1, even when request in the config files. Furthermore (for either protocol), keepalive is only set for

https://bugzilla.mindrot.org/show_bug.cgi?id=2732 Bug ID: 2732 Summary: select() is not called properly in ssh_exchange_identification() Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Other Status: NEW Severity: major Priority: P5 Component: ssh

Hi, I must access several hosts through reverse masquerading gateways which are visible on the Internet under a single IP address, with different ports (2, 22, 222, 2222 etc..) forwarding to port 22 of various internal ssh servers, each with its own hostkey. This setup totally confuses the openssh client because it does not store the port numbers in the known_hosts* file, and thus falsely