Displaying 20 results from an estimated 500 matches similar to: "[PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH"
2000 Oct 07
0
OpenSSH changes for BSD/OS
The following are patches against openssh 2.1.1p4 to add
support for the BSD_AUTH authentication mechanisms. It allows the
use of non-challenge/response style mechanisms (which styles are
allowed my be limited by appropriate auth-ssh entries in login.conf).
The patches also add support for calling setusercontext for the
appropriate class when called with a command (so that the PATH, limits,
2001 Mar 29
3
Patches for OpenSSH 2.5.2p2: evaluate /etc/default/login, makefiles manpages
Dear developers of OpenSSH,
first of all I want to thank you for your excellent work on OpenSSH!
I have compiled OpenSSH 2.5.2p2 on Sun Solaris 2.6 and Sun Solaris 8
and discovered some problems.
The first is that OpenSSH doesn't evaluate the file /etc/default/login
which contains some flags and parameters for the login process.
On important parameter is the default value for PATH.
As we
2001 Feb 16
1
OpenSSH 2.3.0p1 port to BSDI BSD/OS
BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's
authentication library. However, BSDI's patches have several
problems:
1. They don't run the approval phase, so they can allow users to login
who aren't supposed to be able to.
2. They don't patch configure to automatically detect the BSDI auth
system, so they're not ready to use in a general portable
2001 Jun 21
1
pw_expire/pw_change in current portable openssh CVS bombs
The references to pw_expire and pw_change in pwcopy() in misc.c cause
compilation errors at least on solaris. How about doing a memcpy of the
whole structure and only explicitly setting those that need xstrdup?
That would work on openbsd and everywhere else.
- Dave Dykstra
--- misc.c.O Thu Jun 21 11:35:28 2001
+++ misc.c Thu Jun 21 11:36:09 2001
@@ -125,14 +125,10 @@
{
struct passwd *copy =
2006 Apr 23
0
Configuration Warnings OpenSSH 4.3p2
I don't know enough about this to know if these warnings mean that
I can't build it or not.
Also, since I'm e-mailing anyway, how can I tell what options were
compiled into my exiting ssh:
My system is freeBSD 4.11.
PC% ssh -V
OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
PC%
so that I can do the same thing with the newer version. I don't
want to
2006 Feb 06
1
Compile warning report of openssh 4.3p1 on Intel Macs
Hi.
I was compiling openssh 4.3p1 on Apple's iMac Core Duo computer and
came across following warnings.
configure: WARNING: net/if.h: present but cannot be compiled
configure: WARNING: net/if.h: check for missing prerequisite
headers?
configure: WARNING: net/if.h: see the Autoconf documentation
configure: WARNING: net/if.h: section "Present But Cannot Be
Compiled"
2002 Jun 25
0
[Bug 298] New: sshd fails to set user context, preventing all logins, also setgroups is failing
http://bugzilla.mindrot.org/show_bug.cgi?id=298
Summary: sshd fails to set user context, preventing all logins,
also setgroups is failing
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: BSDI
Status: NEW
Severity: major
Priority: P2
Component: sshd
2006 Mar 21
1
OpenSSH4.3p2 vs FreeBSD-6.0Rel
If this is a new problem, please contact me and I will
get you further information.
- Brian
checking login_cap.h usability... no
checking login_cap.h presence... yes
configure: WARNING: login_cap.h: present but cannot be compiled
configure: WARNING: login_cap.h: check for missing prerequisite headers?
configure: WARNING: login_cap.h: see the Autoconf documentation
configure: WARNING:
2006 Feb 22
1
warning about net/if_tap.h & login_cap.h
Hi
I've encountered this:
configure: WARNING: net/if_tap.h: present but cannot be compiled
configure: WARNING: net/if_tap.h: check for missing prerequisite headers?
configure: WARNING: net/if_tap.h: see the Autoconf documentation
configure: WARNING: net/if_tap.h: section "Present But Cannot Be Compiled"
configure: WARNING: net/if_tap.h: proceeding with the
2006 May 03
1
BUG: opens all interfaces.
Summary: the newish fourth forwarding argument does not correctly
specify the interface on the remote machine for a tunnel in -R
On OpenSSH_4.3p2 OpenSSL 0.9.7g 11 Apr 2005,
on Kanotix 2.9 kernel 2.6.16.2
and Cygwin 1.5.19(0.150/4/2)
and (old) FreeBSD 4.6-RELEASE
sshd_config file:
AllowTcpForwarding yes
GatewayPorts yes
Set up a forwarding tunnel:
From a Kanotix box inside my firewall:
2006 Mar 16
1
OpenSSH Configure Output
Per instructions in configure output (if you want all the configure
output, I shall be happy to send it):
PC% grep -n WARN Config.log
42:configure: WARNING: net/if_tap.h: present but cannot be compiled
43:configure: WARNING: net/if_tap.h: check for missing prerequisite headers?
44:configure: WARNING: net/if_tap.h: see the Autoconf documentation
45:configure: WARNING: net/if_tap.h:
2000 Jan 19
3
AIX openssh patches
I have a few patches for AIX. The patchfile is attached below. The patch
has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25,
with openssl-0.94, using RSAref.
1) authenticate support - this function allows the system to determine
authentification. Whatever the system allows for login, authenticate
will too. It doesn't matter whether it is AFS, DFS, SecureID, local.
2001 Jun 03
3
Handling of password & account expirations
Hello,
There has been an annoyance with OpenSSH that has been bugging me
lately. It pays no attention to pw_change and pw_expire fields from the
passwd file for users by default. Thus even if the admin has set a
user's account to expire 5 days ago they can still login. So one might
say, just add 'UseLogin yes' and all of your problems will be solved.
This of course is not a good
2007 Nov 30
2
what's the equivalent to sendmail's Timeout.queuewarn in POSTFIX
Hi,
I am ruunig postfix and MailScanner as a Mailgw on Centos 4.5. I want to
know what is default warntime in Postfix?
I.e - *what's the equivalent to sendmail's Timeout.queuewarn in POSTFIX ?
.
ANY IDEAS? ***
--
Thank you
Indunil Jayasooriya
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2001 Feb 26
0
Problems with OpenSSH 2.5.1p1 on Solaris 8
Hi,
I'm not subscribed, so keep me in cc. And thanks for having mailing-list
open for posting.
I had a couple of problems with OpenSSH on Solaris 8/MU3 + recent patches.
1) When I tried to use scp from any other host, sshd on Solaris host
crashed with SIGSEGV. Here's the stack trace:
core 'core.sshd.7637' of 7637: ./sshd -d -d -d
fefb393c strncpy (ffbee074, 5, 7, 0,
2003 Jun 24
20
[Bug 601] configure script doesen't setup preprocessor flags properly
http://bugzilla.mindrot.org/show_bug.cgi?id=601
Summary: configure script doesen't setup preprocessor flags
properly
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: Build system
AssignedTo:
2003 Nov 11
1
AIX KRB5CCNAME problem
I believe there is a bug in how AIX handles the KRB5CCNAME environment
variable. The symptom occurs when a root user restarts sshd while they
have KRB5CCNAME set; all of the resulting client connections will inherit
the same KRB5CCNAME variable. This can occur if the admin uses 'ksu' or
some other kerberized method of obtaining root privileges.
Investigating this problem, I stumbled
2002 Nov 26
0
[Bug 446] New: $LOGIN not set by openssh under AIX
http://bugzilla.mindrot.org/show_bug.cgi?id=446
Summary: $LOGIN not set by openssh under AIX
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: mii at
2001 Oct 26
2
problems building on solaris 2.6
Using the latest cvs sources, the compilation of ssh.c fails.
The 'struct rlimit rlim;' line is being expanded by cpp into
'struct rlimit64 rlim;' and there is no struct rlimit64 defined.
In order to get the struct rlimit64 to be included when the
#include <sys/resource.h>
is used, it appears to need the _LARGEFILE64_SOURCE symbol defined OR
it needs the '#if
2000 Sep 04
1
trivial patch to post overridden command into env
I am not 100% positive of the security implications of this, but I
really can't see any potential for harm.
If this patch is applied (I coded it against the now-current
openssh-2.2.0p1), then if (a) the authorized_keys entry has
command="whatever" to force a specific command, and also (b) the
invoker specified some command on their ssh cmdline, then the
invoked command will be