Displaying 20 results from an estimated 200 matches similar to: "Problems with Port Forwarding and Password auth"
2001 Nov 29
1
locking ? problems (follow up to: strange problems)
Hi all, Jeremy,
after trying to add kernel oplocks = no I got the same errors as describes
in my last post.
(samba working, but some folders not accessible, even not from commandline
unix, can't kill smbd processes......)
This is what happens in the log file:
any ideas ?
[2001/11/29 16:13:00, 1] smbd/service.c:make_connection(610)
pc08ust (10.21.1.8) connect to service exchangejg99 as
2001 Nov 29
1
(no subject)
Hi Alexander,
Not sure if this of any help, but we had a similar problem with runaway
SMBDs and what seemed to be oplocks. We are running RH6.2 with 0.7.26 ACLs.
After much messing around and hassling Jeremy, I eventually changed the
kernel from 2.2.19 to 2.2.20 and recompiled everything from scratch. Since
then we have not had one of these rogue processes.
I think Jeremy was right when he
2001 Nov 20
0
Patch: 3.0.1p1: rename a conflicting variable
These patches are against 3.0.1p1. I need them because I have a local mod
which needs access to the ServerOptions struct named ``options'', hence the
rename.
--- auth-rsa.c.orig Mon Nov 19 16:54:01 2001
+++ auth-rsa.c Mon Nov 19 16:56:18 2001
@@ -180,8 +180,7 @@
* user really has the corresponding private key.
*/
while (fgets(line, sizeof(line), f)) {
- char *cp;
- char
2001 Dec 04
0
PATCH: log key fingerprint upon successful login
This patch is against 3.0.2p1. It produces output like the first line in the
example below for both v1 and v2 logins. Logging is turned on by sticking
``LogFingerprint yes'' in sshd_conf. It would be nice if something like this
would make it into OpenSSH.
Dec 4 14:21:09 lizzy.bugworks.com sshd[7774]: [ID 800047 auth.info] Found
matching RSA1 key:
2001 Aug 15
0
[ossh patch] principal name/patterns in authorized_keys2
As you know, revoking RSA/DSA keys in an SSH environment requires
editing all authorized_keys and authorized_keys2 files that reference
those public keys. This is, well, difficult at best but certainly very
obnoxious, particularly in a large environment.
SSH key management is difficult. This patch simplifies key management
wherever GSS-API/Kerberos is used and is general enough to be used with
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
Hi All.
Attached is another patch that attempts to do pam_chauthtok() via SSH2
keyboard-interactive authentication. It now passes the results from the
authentication thread back to the monitor (based on a suggestion from
djm).
Because of this, it doesn't call do_pam_account twice and consequently
now works on AIX 5.2, which the previous version didn't. I haven't tested
it on any
2003 May 12
0
Patch logging comment field of authorized key being used
In order to comply with our internal security guidelines, we created a
patch on top of openssh-3.6.1p2. With that patch, if sshd sets up a
session based on key authentication, it logs to syslog which one of the
keys in authorized_keys or authorized_keys2 is actually being used. The
patch logs the key comment (typically the key owner's email address) as
well as the name of the file containing
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful
in an environment where users do not have a regular shell login.
It allows you to selectively disable certain features on a
system-wide level for users with a certain shell; it also allows
you to control and audit TCP forwarding in more detail.
Our system is an email server with a menu for the login shell;
we selectively allow port
2002 Jan 24
1
PATCH: krb4/krb5/... names/patterns in auth_keys entries
This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and
other principal names in authorized_keys entries.
It's a sort of replacement for .klogin and .k5login, but it's much more
general than .k*login as it applies to any authentication mechanism
where a name is associated with the ssh client and it supports name
patterns and all the normal authorized_keys entry options
2002 Jul 04
1
[PATCH]: Remove HAVE_CYGWIN in favor of NO_IPPORT_RESERVED_CONCEPT
Hi,
I've sent that patch once already but it seems more or less forgotten
in the tumultuous days of the latest vulnerability.
It adds a new define NO_IPPORT_RESERVED_CONCEPT which can be defined
on platforms not supporting the concept of "privileged" ports only
accessible by privileged users but which allow everyone to use these
ports.
This patch removes some Cygwin dependencies
2000 Jul 05
1
Openssh-2.1.1p2 BUG? X11 forwarding no longer works
BUG: X11 forwarding no longer works in Openssh-2.1.1p2.
I think this is due to the wrong sense of the test
in session.c:1372
session_x11_req(Session *s)
{
if (!no_port_forwarding_flag) {
debug("X11 forwarding disabled in user configuration
file.");
return 0;
}
It should be
session_x11_req(Session *s)
{
if
2000 Oct 04
1
openssh 2.2.0p1 and F-secure SSH ftp
Howdy,
I'm sorry if this is a FAQ but I couldn't reach the openssh.com
website so I can't check.
Is it possible to use F-Secure SSH FTP 4.1 (client) with
the openssh2.2.0p1 server? In the documentation I read that
sftp is still on the todo list but "SecureFX (secure ftp)" is
supported. Apparently this means there are different ways to
do ftp with ssh? In that case which
2001 Jul 20
1
big packets?
I apologize if I'm missing the obvious, but does anyone know what causes
sshd: channel 0: rcvd big packet 32281, maxpack 16384
The immediate cause seems to be van dyke's windows sftp client. The
larger question would seem to be why it's using larger packets than
openssh wants to accept. (client is SecureFX 3.3, server is openssh
2.9p2)
--
Mike Stone
2002 Jan 29
2
Key fingerprint logging
Hello there!
I have made a patch against OpenSSH 3.0.2p1 which allows the fingerprint of
the accepted key to be printed in the log message. It works with SSH1-RSA and
SSH2 pubkey (DSA+RSA) authentication.
This feature is controllable by the LogKeyFingerprint config option (turned
off by default).
Michal Kara
-------------- next part --------------
diff -u5
2002 Dec 08
1
Password expiry related clarification in OpenSSH3.5p1
fyi (i'm behind in following the passord expire efforts).
----- Forwarded message from Logu <logsnaath at gmx.net> -----
Date: Sat, 7 Dec 2002 02:42:52 +0530
From: "Logu" <logsnaath at gmx.net>
To: <stevesk at cvs.openbsd.org>
Cc: <kumaresh_ind at gmx.net>
Subject: Password expiry related clarification in OpenSSH3.5p1
Hello Stevesk,
We are using
2009 Oct 21
1
Patch to fix dynamic -R forwarding when not root
Hi!
Sorry if this has already been reported or even fixed, I didn't search
very thoroughly. Here's a patch to make dynamic -R remote port
allocation work even when not connecting as root. Without the patch I
got that "Server has disabled port forwarding." message visible in the
patch.
OpenSSH version I'm using is openssh-5.2p1, compiled from official
source package,
2000 Aug 13
1
Patches for openssh port forwarding
Hi !
I hacked together a couple of patches for Openssh 2.1.1p4 port forwarding.
It is a one patch file that does the following two things:
First:
If the server is configured not to allow port forwardings it sends
SSH_SMSG_FAILURE (protocol 1) while openssh client expects SSH_SMSG_SUCCESS.
When the client gets the failure it exists with protocol error message.
This patch will accept both failure
2001 Apr 06
0
sftp-server configuration error
Hi,
I do tech support for Van Dyke Technologies, and I've run into an
interesting problem with the sftp-server under some redhat linux
boxes. Two separate customers reported that they were having problems
using sftp with SecureFX and OpenSSH. Upon further investigation, the
sshd_config file on the redhat box had an incorrect path for the
sftp-server in it.
The problem is that if the path
2001 Jul 05
1
Patch to workaround host key size mismatch bug in old SSH sshd
Below is a patch against the current OpenBSD OpenSSH CVS to workaround a
behavior I have observed when converting from SSH 1.2.27 to OpenSSH while
using the same old RSA1 host key for protocol 1. In several cases I saw
that old SSH sshd reported a host key size of 1024 bits when OpenSSH saw it
as 1023 bits. Without the patch, when OpenSSH's ssh client connects to an
old SSH sshd it warns
2003 Jul 09
0
[PATCH] Add expired password handling for AIX.
Hi All.
Attached is a patch which adds AIX native password expiry support to
sshd. It will only apply to -current and is a subset of the patch I have
been working on in the last few months (see bug #14 [1]). It contains
code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported
by many others (see [2] for a full list).
It adds a do_tty_change_password function that execs