similar to: Is it securely: `hostname`:10 ?

I'd been hoping to move all of our site to ssh protocol 2 whilst we are still small enough to do this without serious pain, however the lack of authentication and connection forwarding is making that difficult at present. I see the current (2.2.0p1) code base does not have the code on either client or server side for ssh2 to handle tunneled connections or authentication agent. Is this

I'm sure there is a rationale for binding the ssh client to a priviledged port. (Which?) However there are several drawbacks to this: o It breaks firewall rules that assume that user connections start at port > 1024 or > 32768. o It breaks monitoring software using the same assumptions. o Every suid program is a separate evil (caused by the flawed security model in most unices). I

Long ago, when I wrote the ssh config file on my desktop box, ssh (which might have been the non-openssh one) took 3 possible values for the StrictHostKeyChecking option - yes, no & ask. Today, when I attempted to connect to a new machine, with no DNS entries (so using IP address) from my desktop box, ssh (now 2.3.0p1) SEGVed. Looks like there is some subtle interaction between having an

Is there any more docs on this other then the blurb on beta.redhat.com? I got a spare non-critical victim err... test machine I want to try this on and have all the RPMS, but would really like to chew on a little more detail before I leap. Regards, Henri -- "People die." --The Cynic's Book of Wisdom

Hello, I moved my ssh servers to openssh and installed: openssh-1.2.1pre25 via .rpm My problem is that X11 forwarding doesn't work. -/etc/ssh/sshd_config X11Forwarding yes X11DisplayOffset 10 I start sshd with defaul port and can connect to the server and then: $ xosview X11 connection rejected because of wrong authentication. X connection to servername.de:10.0 broken (explicit kill or

The openssl rpm needs to be installed on the system *before* the openssh-server rpm is installed. This is because the openssh-server's post script does the host key generation. As it is now, the command rpm -U openss* intended to install openssh* and openssl* will report that the host key generation failed. Fix: change PreReq: openssh chkconfig >= 0.9 to PreReq: openssh chkconfig

Hi, I don't know if this is the approriate place to post it. But it really annoying me. My ssh connection times out every 10 minutes or so and I want it to keep open for like 3 hours so that I don't have to relogin. However, I cannot find an option to change this!! In the Secure SSH we have a option called IdelTimeout to deal with this but OpenSSH seems to totally ignore this option. Can

I have looked into the spec file for the openssh rpm. In the %preun stanza, I noticed that the currently running sshd is stopped only when removing the package. On the other hand, it is theoretically possible that a new version of openssh may install files which would make the old sshd misbehave. So I think, it is better to stop sshd every time the package is upgraded. Also, the %post stanza

Hi, I''m a long ext3 user (rpmfind.net). I propagated ext3 on some of our server box (W3C webservers are ext3 based too now). I might be tempted of testing out your kernel RPMs but unavailability or the source RPM and the SMP version are definite showstoppers. Please provide them. In the meantime I will stick to my own set of kernel ext3 RPMs at ftp://rpmfind.net/pub/veillard/ext3/

Jim Knobel said: >Paul, i think you misunderstand. The OpenSSH RPMs are not provided by >Red Hat. They're built by Damien Miller (who also coordinates the >non-BSD port of OpenSSH) and are available in the same location you >downloaded the OpenSSH source from. I just figured this out. I apologize, I am new to Red Hat and I just don't think to grab an RPM when I need to

Debian GNU/Linux 2.2 (potato), openssh-2.2.0p1 Configured with: --prefix=/usr/local/openssh --enable-gnome-askpass --with-tcp-wrappers --with-ipv4-default --with-ipaddr-display My goal here is to, as root, forward a local privileged port over an ssh tunnel to another host using a normal user's login, i.e.: root:# ssh -2 -l jamesb -i ~jamesb/.ssh/id_dsa -L 26:localhost:25 remotehost So far,

As an experiment I set up Challenge/response authentication on a Linux system with PAM using a pam_opie module (this module works fine with console logins and su). I can log into the box using the opie password, *but* it does not give me the challenge - which can make things a little tricky :-) I can well believe this might be a fault in the PAM pam_opie module I am using, so has anyone got

Hello! I'm using i868 (Pentium III) machine running Windows 2000 and running Linux, installed on dedicated partition, in parallel via VMWare. Linux config is RedHat 7.0 (kernel ) As I'm pretty new to Linux, I'd like to know exact procedure how to install ext3 filesystem support (also which packages do I need). My kernel config is as follows: kernel-headers-2.2.14-5.0

This appears to be rather poorly supported compared to the rsa key equivalent... The man page implies that ~/.ssh/authorized_keys & ~/.ssh/authorized_keys2 are similar format. In fact the code will only read DSA keys from the ~/.ssh/authorized_keys2 file - the options entries are not supported, and putting options in causes key recognition to fail. I guess ideally the key reader needs

Hi, I just started testing ext3 and perhaps I missed some docs explaining how to convert system partition other than /, like /usr for example . As I have 2 Linux versions on my test machine, I managed to convert /usr by entering the mount -o journal=NNN command from the second OS, but I don't like it. Any suggestions or docs to look at? Thanks in advance Vieri

Fellow riders of the bleeding edge of ext3 technology, I've been playing with ext3 on my workstation. For the most part it has worked very well, but right now I have a non-functional system. I've got patches out the wazoo on this kernel - 2.2.18 + Alan's 2.2.19pre13 + ext3-0.0.6a + i2c-2.5.5 + lm_sensors-2.5.5 + udf-0.9.3. Here is the output I get: EXT3-fs: WARNING: recovery

I've currently got a couple of boxes which obtain their IP address via DHCP, and as a consequence do not have a mapping in /etc/hosts for their own IP/name... but helpfully (!) they have their name mapping to 127.0.0.1 This breaks X authentication... - openssh (and also ssh) makes an apparently valid xauth entry, but all attempts to start clients gives "X11 connection rejected

I managed to install 0.5d today. Got all 3 of my mounts converted (even '/' though it was a pain in the ass). Now on boot, I see: mounted /dev/hda1 on / EXT3-fs: mounted filesystem with ordered data mode and the exact same thing for /dev/hda3 and /dev/hdb1. they all come up and appear to be working. so is this normal? Or did I manage to screw up somewhere? -- Douglas J. Hunley (Linux User

Hello, I downloaded yesterday the Red Hat 6.2 RPMs for openssl and openssh from one of the official mirrors. I could install them on a stock Red Hat 6.2 box because rpm -Uvh says (quoting from memory...): cannot install because there is dependency conflict between this rpm (openssh core) and the version of rpm and rpmlib that you are using...... In other words, the rpm packages generated

Started with buffer.c v1.19. Reversing change works for me in linux-2.4.6. Loaded 16705 symbols from /lib/modules/2.4.6-pre3/System.map. Symbols match kernel version 2.4.6. Loaded 256 symbols from 12 modules. Linux version 2.4.6-pre3 (root@home1) (gcc version 2.95.3 20010315 (release)) #2 Wed Jun 13 19:53:28 EDT 2001 ----- SNIP ------- VFS: Disk change detected on device ide1(22,64) Assertion