Displaying 20 results from an estimated 8000 matches similar to: "openssh-2.0beta ssh_config Protocol parsing error."
2002 Mar 07
1
OpenSSH Security Advisory (adv.channelalloc) (fwd)
whoops, not announce.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
---------- Forwarded message ----------
Date: Thu, 7 Mar 2002 16:59:38 +0200 (EET)
From: Pekka Savola <pekkas at netcore.fi>
To: Markus Friedl <markus at
2000 May 25
1
AllowHosts support in sshd missing.
Hello all,
I just noticed that AllowHosts feature of SSH Inc's sshd isn't there in
OpenSSH yet.
Has anyone been working on this? Am I the only one that seems to miss
this feature?
AllowUsers and AllowGroups is a very nice feature though :)
--
Pekka Savola "Tell me of difficulties surmounted,
Pekka.Savola at netcore.fi not those you stumble over and
2000 Oct 30
2
RhostsAuthentication + nondefault port doesn't work?
Hello all,
It seems that RhostsAuthentication does not work on non-default port no
matter what when connecting from OpenSSH (2.1.1, 2.2.0 tried) either with
protocol 1 or protocol 2 (shouldn't work either..).
_However_ when connecting with SSH.COM Ltd's ssh, RhostsAuthentication
works just fine!
Checking the port number of ssh client you can see that OpenSSH doesn't
assign
2000 May 11
3
OpenSSH-2.1: FROM in 'w' empty?
Hello all,
I wonder if this is an oversight/bug/feature, but here it goes.
It seems that in OpenSSH 2.1, 'w' (or who) command may print out something
like this:
----
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
pekkas ttyp1 - 3:10am 0.00s 0.08s 0.03s w
----
2.0beta1 was the one I used before, and that printed FROM field properly.
Now,
2001 Apr 12
1
ssh's readconf.c debug() goes to /dev/null
Hi,
Related to:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c.diff?r1=1.100&r2=1.101
It'd appear that logging in readconf.c:
---
debug("Applying options for %.100s", arg);
debug("Reading configuration data %.200s", filename);
---
Goes to /dev/null.
This is caused by the fact, that in ssh.c there is:
---
/*
* Initialize
2001 Feb 18
1
OpenSSH 2.3.0p1 protocol 2 problem with AIX
Hi,
Connecting from RHL7 with OpenSSH 2.3.0p1 or 2.5.0p1 to OpenSSH 2.3.0p1 on
AIX 4.3.1. Protocol 2 doesn't work if you specify 'Ciphers
rijndael128-cbc' or Ciphers 'aes128-cbc'.
sshd -d -d -d on the server shows _nothing_ about these connections.
I'm not sure if rijndael has been left out from sshd somehow, but
shouldn't the error message be a little more
2000 Jun 09
2
openssh-2.1.1p1 RH62 compile failure
Hello all,
Compiling 2.1.1p1 on my RedHat Linux 6.2 w/ 2.2.16 kernel seems to cause
errors from the start..
----
gcc -O2 -m486 -fno-strength-reduce -Wall -DETCDIR=\"/etc/ssh\" -DSSH_PROGRAM=\"/usr/bin/ssh\" -DSSH_ASKPASS_DEFAULT=\"/usr/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c -o bsd-base64.o bsd-base64.c
In file included from defines.h:261,
from
2001 Feb 21
1
OpenSSL + OpenSSH version problems
Hello all,
OpenSSL 0.9.5a and 0.9.6 are incompatible, causing weird errors.
I'd like to get a check for this in the RPMs.
However, now I want to make sure whether anyone has experienced problems
with RHL 0.9.5a OpenSSL libs vs. the 0.9.5a ones provided at openbsd.org?
Ie: is it enough to check like '= 0.9.5a' or do you have to check '=
0.9.5a-xyz'.
--
Pekka Savola
2000 Sep 27
4
Irix: PRNG initialization failed
Hello all,
I tried OpenSSH versions 2.1.1p4, 2.2.0p1 and the latest snapshot briefly
on 64-bit Irix 6.5.7f an 6.5.9m.
Both times, no matter what I do, I'll get 'PRNG initialization failed
-- exiting'. This happens with ssh-keygen (the keys aren't even generated
yet, ssh binary etc.)
It's clear that Irix etc. don't have a proper entropy pool like *BSD and
Linux do, but
2000 Oct 02
3
still sftp-server problems with Irix?
Hello all,
Using 20000930 snapshot on Irix 6.5.9m.
SFTP connections with SSH 2.3.0 (Windows) die right out. Similar
configuration and the same version works fine in Red Hat Linux 6.2.
This is probably related to 'sftp' thread 7-10 days ago.
The error messages captured in debug mode:
---
debug1: server_input_channel_open: ctype session rchan 1 win 100000 max 8192
debug1: open session
2000 Oct 14
1
Key exchange/selection badly broken in SNAP1014?
Hello all,
It seems the overhaul on key exchange/selection broke it badly. I haven't
managed to use any other encryption method than 3des and blowfish when
connecting to SNAP -> SNAP. SNAP -> 2.2.0p1 will use arcfour
etc. quite cleanly.
How SNAP -> SNAP looks like:
---
debug: Local version string SSH-2.0-OpenSSH_2.2.0p2
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug:
2000 Sep 30
2
RHL OpenSSH upgrade: _new_ sshd is not started
Hello all,
A few days ago I noticed that the following seems to happen when upgradign
OpenSSH on Linux-based (/etc/rc.d/init.d/sshd) based systems:
- sshd is restarted with 'sshd restart'; however sshd serving in port 22
is not replaced.
- you have to kill the old one (netstat -ltp | grep :ssh ; kill
...) first, then restart sshd.
- This might happen only when performing the upgrade
2001 Feb 24
1
scp user@host1 user@host2 broken?
Hello all,
Is it just me or is 'scp user at host1 user at host2' broken (if the server asks
you for the password)?
1) [password required]
>From OpenSSH 2.5.1p1 -> OpenSSH 2.5.1p1 -> OpenSSH 2.3.0, I get like:
> scp pekkas at xxx:~/*.patch psavola at yyy:~/temp/
psavola at xxx's password:
You have no controlling tty. Cannot read passphrase.
lost connection
2)
2001 Mar 05
2
--with-ipv4-default and sshd IPv4/6 dual bind hack
Hello all,
I just found a bug a nice bug that can be turned into a real feature on
systems (usually Linux) that are built with --with-ipv4-default.
If you enable IPv6 in kernel, and enable both listenaddress 0.0.0.0 and
::, sshd will error out 'address family not supported'.
However, you can work around this error by starting sshd with 'sshd -4 -6'.
As far as man page is
2000 Sep 27
2
PATCH: OpenSSH RPM spec file problems
Hello all,
There are two issues in OpenSSH RPM Red Hat spec file (against 2.2.0p1):
1. /etc/rc.d/init.d/sshd uses 'success' and 'failure'. These don't work
in Red Hat 5.2; else the spec file is fine. Initscripts requirement (for
the one in RH60) added.
2. If you're upgrading over SSH ltd's ssh-server, the server will be
stopped and sshd removed from chkconfig
2001 May 01
1
connecting to non-responding hosts: 1 hr timeout (fwd)
Hello all,
If you try to make a TCP connection to a host, and the host is down,
timeouts can be as long as an hour. This is not specific to ssh, or OS.
Is this a scenario worth working around, e.g. with a timer when
connecting or the like?
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems.
2002 Apr 18
3
privsep no user fatal message
Hello,
I updated the latest snapshot as RPM's to two of my systems. Basic stuff
seems to be working ok.
Privilege separation failed though, possibly because I didn't populate
/var/empty with PAM entries. Privsep might be a bit raw in any case, at
least for the portable.
FWIW, I came across error message 'sshd: no user' and had to scratch my
head a bit to figure out what it
2001 Oct 20
8
Recent openssl is required for OPENSSL_free [Re: Please test snapshots for 3.0 release] (fwd)
No response yet, so resending.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
---------- Forwarded message ----------
Date: Fri, 12 Oct 2001 09:44:54 +0300 (EEST)
From: Pekka Savola <pekkas at netcore.fi>
To: Damien Miller
2000 Jul 19
1
UseLogin yes and 'w': IP address used
Hello all,
I just noticed that if I enable UseLogin, IP address will be shown in 'w'
when logging on. If UseLogin is disabled, the hostname will be used.
I tested this on 2.1.1p2 and p4, on home-grown Redhat Linux 6.2.
Anyone else notice this? Is this an issue with OpenSSH or login?
--
Pekka Savola "Tell me of difficulties surmounted,
Pekka.Savola at
2001 Feb 21
1
sshd -t to test configuration file syntax?
Hello all,
sshd configuration file options change from one release to another.
If you forget updating sshd_config, sshd will not start.
This is especially painful for update scripts etc. where you can't do e.g.
'sshd -p 2022' to see if it's okay.
May I suggest some option, e.g. sshd -t, which would test config files and
other obvious issues and return an errorcode if something