similar to: Compatibility with 1.2.16 (commercial)?

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

Hello, I am testing ssh with occasional network disconnection between server and client during these days. I found ssh sometimes hangs if the disconnection happens after the connection is established but before ssh_exchange_identification completes. The ssh configuration files show that both client and server alive options are set. In /etc/ssh/ssh_config: # Send keepalive messages to the server.

I am working on a proxy which can be hosted on a single IP address and dispatch requests to different backends depending on which hostname the client used to connect to this IP address. Currently such a proxy can be build to support HTTP, HTTPS, SMTP, and DNS. However SSH support is impossible due to the ssh client not sending the information such a proxy would need. I am not the first to want

hi all, I got "xmalloc: out of memory" when i used ssh-keyscan to a remote host that is using SSH protocol 2 and only protocol 2 (no fallback to SSH protocol 1). Looks to me more like ssh-keyscan doesn't talk SSH protocol 2 to the server. Please help. Here is the exact error: # /usr/local/bin/ssh-keyscan -v miad_1 # miad_1 SSH-2.0-OpenSSH_3.0.2p1 xmalloc: out of memory

Hi, 1. I think you should apply the attached patch to openssh-2.9p1, otherwise ssh-keyscan on linux boxes with glibc-2.1 will experience enormous timeout delays. 2. Is there a program like ssh-keyscan for the Version2 (dsa and rsa) keys?? regards Peter Breitenlohner <peb at mppmu.mpg.de> -------------- next part -------------- diff -ur openssh-2.9p1.orig/ssh-keyscan.c

In the past 2 months another change occurred in the CVS code that broke my ssh-keyscan patch. Here's an updated version that tweaks the changed name (in the Kex struct) and also causes an attempt to grab an ssh2 key from an older server (without ssh2 support) to fail earlier and without an error message (Stuart Pearlman emailed me some code for this). This patch is based on the BSD CVS

samba-request at lists.samba.org wrote: > Subject: > Re: [Samba] empty password > From: > trentbuck at gmail.com (Trent W. Buck) > Date: > 11/15/2013 02:29 AM > > To: > samba at lists.samba.org > > > Rob Janssen<rob at ision.nl> writes: > >>> >>WARNING: The "null passwords" option is deprecated >> >I cannot find the

Hey guys. I am starting out with puppet and am in the process of writing a bootstrap script for the clients and a capistrano recipe for the server. I have the client bootstrap done which installs ruby, puppet, sets a host name, and then points the client at the puppet server and now I am in the process of setting up the puppet server. My first attempt was to set up a git project for puppet, an

===== Ladies/Gents, "ssh-keyscan.c" can't be linked statically against "libssh.a". You end up with `fatal()' being doubly defined. The patch below deletes the new "ssh-keyscan.c:fatal()" function and and restores the "ssh-keyscan.c:fatal_callback()" function with modifi- cations. The problem that both attempt to alleviate is the setting of the

The attached patch adds a new 'ConnectTimeout' option (man page updated in patch) to avoid wasting time when the target host is down. I needed that because I was using rsync/rdist over ssh for massive files update and the default connect() took too long for my purpose. The patch was tested on Linux only, but I used a similar one for ssh 1.2.XX on Linux, Solaris and HP-UX without

First, I''m trying to do the legwork with utilizing all 4 together because many people say it''s a good combination to use. I already have apache setup (was using it with the PHP version of my site formerly). I''ve installed all gems and dependencies that I need on my slice (using slicehost). I have a fully pushed git repository (master) on github (private git) with one

Hi, I am behind a firewall which does not permit connections to port 22, so I run my ssh server on port 23. :-) Unfortunately, the stupid firewall prints a few lines of junk when you make a connection to port 23 before actually starting the connection. This confuses ssh. Attached is an (ugly) patch against openssh-1.2pre15 which makes it ignore a configurable number of lines while looking for

Hello, I going to use ssh with Kerberos V5 support along with support for AFS. I don't want to use Kerberos V4 or AFS token passing. The only thing I need from AFS is creating an AFS token (using appropriate function from krb5 API) after user's authentication. It seems to me that such scenario is not much supported by the current code. Rather it is assumed only Kerberos 4 will be used

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

Because ForwardX11 and ForwardAgent are so useful but introduce risk when used to a not well-secured server, I added a "warn" value to the ForwardX11 and ForwardAgent options which causes the ssh client to print a big warning whenever the forwarding is actually used. I plan to make "ForwardX11=warn" the default in my ssh_config distribution. I'm not proposing that this

http://bugzilla.mindrot.org/show_bug.cgi?id=809 Summary: ssh-keyscan breaks too obscurely when remote isn't an SSH server Product: Portable OpenSSH Version: 3.8p1 Platform: All URL: http://bugs.debian.org/228828 OS/Version: Linux Status: NEW Severity: normal Priority: P2

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,

Hi, Here is a patch for release 1.2.2 that allows the use of '=' instead of whitespace when specifying options. For options on the commandline, it can be useful to be able to avoid whitespace in some situations. best regards and thanks for the patch regarding segfaulting with PAM, Stefan ------------------------------------------------------------------- Email: Stefan.Heinrichs at

Here's a quick patch that adds a timeout (value set from the connection timeout config parameter) for identification exchange. The situation that this fixes is the one where the sshd has a connection open (so you can make a TCP connection) but does not put up a banner (e.g. when the disk has crashed or when file descriptors are exhausted on a machine). Sounds unusual, but this happens with

Samba-4.0.10 in AD mode. I need to have an account with an empty password. After checking the smb.conf manpage (and also smbpasswd manpage), I added to the smb.conf file: null passwords = Yes The result is a warning from commands like smbstatus: WARNING: The "null passwords" option is deprecated I cannot find the new option to achieve this. How is it supposed to be configured