similar to: Protocol 2 remote forwarding patch

Hi all, I'm very new in this list, as looking for codes to plug up the lack of functionality of "Protocol 2 Remote Forwardig". Fortunately, I could find it in MARC's archive. Mr. Jarno Huuskonen posted the codes in Sept, last year, and I tried applying it to my FreeBSD box environment. I couldn't apply an original patch, of course, for incompatibility of virsion. The

Hi ! Here's an experimental patch for openssh-2.1.1p4 to add support (to openssh client) for -R (protocol 2). So if you have access to a commercial ssh2 server (that allows port forwardings) could you test this patch. (Note the openssh server doesn't have support for -R with protocol 2 so testing with openssh server won't do much good). To test remember to use -o "Protocol

Hi ! I hacked together a couple of patches for Openssh 2.1.1p4 port forwarding. It is a one patch file that does the following two things: First: If the server is configured not to allow port forwardings it sends SSH_SMSG_FAILURE (protocol 1) while openssh client expects SSH_SMSG_SUCCESS. When the client gets the failure it exists with protocol error message. This patch will accept both failure

Hello ! Like Edmund EVANS reported openssh-2.1.1p4 won't fork to background when using protocol 2. I managed to hack a little patch that might work ... What is the -N command line option supposed to do ? I gather it should work only with protocol2 and without any command to run on the server (and with some port forwardings ??) Anyway in the patch I put some code to check that -N is used

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

Hi ! I think that the configure option --with-ipaddr-display doesn't set the IPADDR_IN_DISPLAY define in config.h Here's a small patch to configure.in that should enable the feature (after running autoconf again). -Jarno --- openssh-2.1.1p4-orig/configure.in Sat Jul 15 07:59:14 2000 +++ openssh-2.1.1p4/configure.in Mon Aug 7 08:18:15 2000 @@ -1026,7 +1026,7 @@

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

FINALLY, it's here. You can now tell SSH which address to bind to for every single port forwarding option! This patch allows you to pass the following as ssh command line options: ssh -L 192.168.1.55:1234:localhost:80 -R ::11:22:aa:bb/80/localhost/80 etc. Or as normal config file options: LocalForward ::11:22:33/1234 localhost/80 RemoteForward 1.2.3.4:80 localhost:80 It will also

I've just finished compiling OpenSSH version 2.1.1p4 for Red Hat Linux 6.2 (i386) with recent patches, using OpenSSL version 0.9.5a, which was compiled to use RSAREF. There are a couple of issues I noticed immediately: 1. The ssh-agent program can only store RSA keys, not DSA keys. 2. Only ssh-add knows to invoke ssh-askpass (if it is not attached to a tty and DISPLAY is set).

Hello, Does anyone know how to get the username of the user (already authenticated and logged in) who is sending data to a forwarded tunnel from the channel_input_port_open function in channels.c?? I've tried numerous things, and all I can get is the IP address that is sending the data and where it is going to be sent to. All I want is the username or the UID Here is the chain of events that

Hello, in the BSD Authentication system the login script can request environment variables to be set/unset. The call to auth_close() in auth-passwd.c does change the current environment, but those changes are lost for the child environment. It would be really useful to add some kind of mechanism to get those changes into the child environment. I've added two possible solutions. Both

I've attached a patch to OpenSSH 3.0.2p1 that will allow the client side of local port forwarding to be bound to a single address. For my purposes, binding to 127.0.0.1 or (via GatewayPorts) all addresses would not work. I overloaded the "-b local_host" option so that it's address will be used when "-L port:remote_host:remote_port" is also specified. Today is the first

Hi, the attached patch implements adding and canceling of remote port forwardings by communicating with a running ssh client via a control socket. Thus, one can do this: ssh -MNfS ~/.ssh/ctl remotehost and then: ssh -S ~/.ssh/ctl -O add-rforward 2000:forward:80 localhost to add a new remote forwarding or ssh -S ~/.ssh/ctl -O cancel-rforward localhost:2000 localhost to remove it. The

http://bugzilla.mindrot.org/show_bug.cgi?id=1012 Summary: Trouble creating remote port forwarding to ssh.com 2.4.0 server. Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Keywords: patch Severity: normal Priority: P2 Component: ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=993 Summary: adding and removing forwardings via the control connection Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2 Component: ssh

I have the following line in the sshd_config file: GatewayPorts no If I launch the ssh client as this: ssh -l user host -R 9000:otherHost:25 the port forwarding is successful! :-( As you can see, the 'netstat -na' command shows the Secure Shell daemon listening to the port 9000. Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address

Hello, appended is a patch that makes it possible to use PAM both for password authentication and TIS (i.e. s/key or opie or any other interactive challenge/response scheme). I have developed this starting from the patch at http://www.debian.org/Bugs/db/61/61906.html on Debian with openssh-2.1.1p4-3. After configuring ssh with --with-pam-tis, there are two PAM services, "sshd" and

Precedence: bulk Hi folks, It seemed to me that it would be useful to be able to control access to my server with the /etc/ssh_known_hosts file, using RSA authentication of the remote host. But the protocol only allows RSA host authentication in conjunction with rhosts, while I prefer RSA user authentication. I've made a patch to the server which adds a new configuration option:

https://bugzilla.mindrot.org/show_bug.cgi?id=2189 Bug ID: 2189 Summary: Client fails to consider hostname when matching rfwd channel opens Product: Portable OpenSSH Version: -current Hardware: Other OS: All Status: NEW Severity: minor Priority: P5 Component: ssh

Patch is below : diff -nru openssh-3.8.1p1/auth-options.c openssh-3.8.1p1-devs//auth-options.c --- openssh-3.8.1p1/auth-options.c Tue Jun 3 02:25:48 2003 +++ openssh-3.8.1p1-devs//auth-options.c Mon Feb 21 16:56:49 2005 @@ -265,6 +265,81 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is