Displaying 20 results from an estimated 1000 matches similar to: "future of subsystem requests"
2001 Jun 18
2
Patch for changing expired passwords
The primary purpose of the attached patches is for portable OpenSSH to
support changing expired passwords as specified in shadow password files.
To support that, I did a couple enhancements to the base OpenBSD OpenSSH
code. They are:
1. Consolidated the handling of "forced_command" into a do_exec()
function in session.c. These were being handled inconsistently and
allocated
2013 Sep 13
1
openssh (6.2p2), inherit host environment variables to subsystem sftp-server process
Hi,
is there a regular way that a subsystem process (sftpserver
here) inherits environment variables from its parent (sshd)?
Namely LANG and LC_* variables.
In my case it's important to get the variable of hosting
environment and not from client side (AcceptEnv).
Regards
Martin
--
Registered Linux User #87175, http://linuxcounter.net
2002 May 09
0
functions : server_input_channel_req userauth_pubkey
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
I am not sure if this is the correct place to ask these question,
if I am at the wrong place please advise.
I am currently working on some modifications to openssh
which record the users rsa/dsa identity comment file to
a log file when the user logs in (password authentication
is disabled).
The ssh1 portion of the modification works
2023 Jul 05
1
Subsystem sftp invoked even though forced command created
On Mon, 3 Jul 2023, Jochen Bern wrote:
> On 30.06.23 17:56, MCMANUS, MICHAEL P wrote:
> > The actual command is similar to the following (parameters inserted to
> > protect the source):
> > (print ${FQDN} ; print ${Environment} ; cat ${OutFileXML}) | \
> > ssh -Ti ${EmbeddedPrivateKey} \
> > -o HostKeyAlias="${Alias}" \
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly:
http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html
<quote>
The paper concludes that the keystroke timing data observable from
today's SSH implementations reveals a dangerously significant amount of
information about user terminal sessions--enough to locate typed
passwords in the session data stream and reduce the
2023 Jul 03
1
Subsystem sftp invoked even though forced command created
On 30.06.23 17:56, MCMANUS, MICHAEL P wrote:
> The actual command is similar to the following (parameters inserted to protect the source):
> (print ${FQDN} ; print ${Environment} ; cat ${OutFileXML}) | \
> ssh -Ti ${EmbeddedPrivateKey} \
> -o HostKeyAlias="${Alias}" \
> -o
2009 May 18
6
[Bug 1599] New: "ForceCommand internal-sftp" not working as expected
https://bugzilla.mindrot.org/show_bug.cgi?id=1599
Summary: "ForceCommand internal-sftp" not working as expected
Product: Portable OpenSSH
Version: 5.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2001 Nov 29
1
(no subject)
Hi Alexander,
Not sure if this of any help, but we had a similar problem with runaway
SMBDs and what seemed to be oplocks. We are running RH6.2 with 0.7.26 ACLs.
After much messing around and hassling Jeremy, I eventually changed the
kernel from 2.2.19 to 2.2.20 and recompiled everything from scratch. Since
then we have not had one of these rogue processes.
I think Jeremy was right when he
2002 Jul 22
9
[Patch] Improve portability of regression tests
Hello All.
As promised, here is what I needed to do to get the regression tests to
work on AIX & HPUX. It goes into a bit of detail in the hope that others
might be able to get them running on their platforms. I've run these
mods on AIX 4.3.3, HP-UX 11.00, Solaris 8, Redhat 7.3 and OpenBSD 3.0.
The problems I encountered:
* prereqs (pmake, md5sum)
* bad directory owner/mode causing auth
2001 Oct 29
0
signal messages
comments?
allows
% ssh host 'tail -f /var/log/messages | grep bla'
^C
Index: clientloop.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.86
diff -u -r1.86 clientloop.c
--- clientloop.c 24 Oct 2001 19:57:40 -0000 1.86
+++ clientloop.c 29 Oct 2001 19:08:37 -0000
@@ -103,6 +103,8 @@
*/
static
2002 Aug 28
3
SSH ?
I have a FTP server behind my firewall. Thanks to Tom
it works. Next I would like protect the username and
password. With out a firewall. I would just create a
SSH user on the firewall and connect. I think the
easiest way is to do this is to forward port 22 to my
ftp server.
Is there a way to have the firewall handle the ssh
session and forward the rest of the packet to the ftp
server. This
2001 Jun 05
1
OpenSSH tmp cleanup
Hi,
I noticed that Markus has fixed the temporary file cleanup problems in
OpenSSH cvs. What files need patching for this ? I only noticed
changes in: session.c, channels.h and channels.c.
-Jarno
--
Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2001 Oct 16
1
Defeating Timing Attacks Patch for OpenSSH 2.9.9p2 and 2.9p2
Hello,
In response to the timing analysis attacks presented by Dawn Song et.
al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html
we
at Silicon Defense developed a patch for openssh to avoid such
measures.
Timing Analysis Evasion changes were developed by C. Jason Coit and Roel
Jonkman of Silicon Defense.
These changes cause SSH to send packets unless request not to,
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
Hello,
appended is a patch that makes it possible to use PAM both for
password authentication and TIS (i.e. s/key or opie or any other
interactive challenge/response scheme). I have developed this starting
from the patch at http://www.debian.org/Bugs/db/61/61906.html on
Debian with openssh-2.1.1p4-3. After configuring ssh with
--with-pam-tis, there are two PAM services, "sshd" and
2000 Aug 15
0
Experimental -R support patch for openssh client
Hi !
Here's an experimental patch for openssh-2.1.1p4 to add support
(to openssh client) for -R (protocol 2).
So if you have access to a commercial ssh2 server (that allows port
forwardings) could you test this patch.
(Note the openssh server doesn't have support for -R with protocol 2 so
testing with openssh server won't do much good).
To test remember to use -o "Protocol
2001 May 23
1
[PATCH]: Drop the use of `check_nt_auth'.
Hi,
the following patch removes some of the Cygwin specific code from
OpenSSH.
Since Cygwin is able to change the user context on NT/W2K even without
a password since the new Cygwin version 1.3.2, there's no need anymore
to allow changing the user context only if the sshd user is the same
user as the one which logs in or when a password is given.
For that reason the whole function
2008 Mar 13
11
Testing wanted: OpenSSH 4.8
Hi,
We are preparing to make the release of OpenSSH 4.8 soon, so we would
greatly appreciate testing of snapshot releases in as many environments
and on as many operating systems as possible.
The highlights of this release are:
* Added chroot(2) support for sshd(8), controlled by a new option
"ChrootDirectory". Please refer to sshd_config(5) for details, and
please use this
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
Hi,
the following patch fixes a potential security hole in the Cygwin
version of sshd.
If you're logging in to a Cygwin sshd with version 2 protocol using an
arbitrary user name which is not in /etc/passwd, the forked sshd which
is handling this connection crashes with a segmentation violation. The
client side encounters an immediate disconnect ("Connection reset by
peer").
2000 Jul 12
1
Problems with Port Forwarding and Password auth
Secure FTP through SecureFX 1.8B3: issues (Using OpenSSH 2.1.1p2)
I downloaded the latest SecureFX because it now claims support for OpenSSH. I'm
like cool, now I'll finally be able to secure my ftp on my gateway.
First off, I really like the new configure. Everything went ok, I could ssh into
the box just fine. Unfortunately ftp didn't work work through SecureFX. I would
get
2000 Aug 23
1
Protocol 2 remote forwarding patch
Hi !
Here's a patch to add remote port forwarding support (protocol 2) for
openssh. I have tried to test that it works like it should but a more
thorough testing is needed. This patch adds both client/server support.
The patch should be applied to openssh-2.1.1p4 source tree.
Also included is a PortForwarding sshd_config option, new ./configure
option --disable-forwarding that should make it