similar to: openssh problems

Hi, I built rpm from openssh-2.5.1p1 srpm on redhat 6.2, then installed it. When trying to ssh from other machine, sshd gives error: ..... Feb 20 17:54:24 foo PAM_pwdb[925]: (login) session opened for user doe by LOGIN(uid=0) Feb 20 17:55:15 foo sshd[1342]: Connection closed by 192.168.0.3 Feb 20 17:55:43 foo sshd[1343]: PAM unable to dlopen(/lib/security/pam_stack.so) Feb 20 17:55:43 foo

Hi all, I just installed OpenSSH 2.3.0p1 on an HP-UX 10.20 box, and I'm psyched to try out sftpd. I found one bug in the Makefile. Under the host-key and host-key-force targets, ssh-keygen is called as '$(srcdir)/ssh-keygen'. This is fine if you configure and build in the source dir, but not if you build in a separate dir as I did in order to build several architechtures from one

Hi Team, I'm looking to "upgrade" my sites ssh installation from the original. I have built openssh-2.3.0p1 and it looks good. I am puzzled as to why there are so many source distributions? However, that is not why am writing - the man pages provided do not format with either Solaris 'nroff -man' or 'groff -man'. What am I missing here? Thanks for your help. Scott

I figured this out -- looks like 2.5.1p1 is now using ports < 1024 on the client side (wasn't before?). I had a ipchains rule to allow ACK packets to 1024:65535, which was good enough for <= 2.3.0p1 : #allow only ACK tcp packed ipchains -A input -j ACCEPT -i eth0 -s any/0 --dport 1024:65535 -p tcp ! -y So I added the following : #allow return from ssh connections ipchains -A input -j

Damien-- Attached is a patch to contrib/redhat/sshd.init which eliminates the dependency on the success() and failure() functions from initscripts>=4.16. This allows sshd.init to be used for both early and recent releases of Red Hat Linux (i've confirmed it works on both 4.2 and 5.2 as well as 6.2). The patch also removes the 'Requires: initscripts >= 4.16' line from

Hi! I've got a few machines (Red Hat Linux, IBM AIX, HP-UX) with OpenSSH 2.3.0p1. But it's that RhostAuthentication doesn't work :( Is it true or not? yuliy

Hello, the man pages for openssh-2.3.0p1 look bad on our Tru64 Unix V4.0E systems. (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communica- tions between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be

Hi, Here's a problem in openssh, some logs, and a very minor patch that cures this: Issue: (open)ssh client WILL NOT talk to F secure SSH-2.0-2.1.0pl2 client S/W version: openssh-2.3.0p1 client O/S version: SunOS 5.7 Generic_106541-11 sun4u sparc server S/W version: SSH-2.0-2.1.0pl2 server O/S version: SunOS 5.7 Generic_106541-11 sun4u sparc Log/Details: : % telnet <mymachine> 22

Is there any work going into placing keys in a central directory such as LDAP ? Jeff McElroy jmcelroy at dtgnet.com

There is a problem in the contrib/redhat/sshd.init script: it starts sshd without specifying the full path (/usr/bin/sshd for the RPM installation). The daemon starts up and works, but dies when it receives a SIGHUP, because it is unable to re-exec itself without the full path. -------------- next part -------------- --- openssh-2.3.0p1/contrib/redhat/sshd.init.initfix Mon Oct 16 05:25:17 2000 +++

Hi, Connecting from RHL7 with OpenSSH 2.3.0p1 or 2.5.0p1 to OpenSSH 2.3.0p1 on AIX 4.3.1. Protocol 2 doesn't work if you specify 'Ciphers rijndael128-cbc' or Ciphers 'aes128-cbc'. sshd -d -d -d on the server shows _nothing_ about these connections. I'm not sure if rijndael has been left out from sshd somehow, but shouldn't the error message be a little more

It depends on regex.h, that is not part of IRIX 5's standard library and, in fact, that is no portable in general. I'm currently using GNU rx as a replacement, but it would be nice to have a portable implementation of regular expressions built into OpenSSH, if it is to depend on them. Best regards, -- Alexandre Oliva Enjoy Guarana', see http://www.ic.unicamp.br/~oliva/ Red Hat

When comparing SSH 1.2.27 with OpenSSH 2.5.1 I see that the SecurID code/patch is not in OpenSSH 2.5.1. I'm not sure how or why that happened. Upon looking through the OpenSSH 2.5.1 source, I think I could fairly easily provide a 'SecurID Authentication Method' patch (which would rely on -DHAVE_SECURID, -I/blah/securid/include, and -L/blah/securid/lib... /blah/securid being a

I have a couple of questions regarding openssh.spec and the rpm that gets generated from it. I am using 2.3.0p1 1. Why is openssl a prereq? openssh statically links to openssl during build by default (rightfully so, you don't want your security library a shared object if possible) 2. I don't understand the following line in the spec file during the install step (it makes it not build for

Yesterday I was forced to migrate servers due to a hardware failure. I have been able to bring up my mail server, and set up Squirrelmail and Dovecot. I am able to access (via Squirrelmail) all users' mail except one - which happens to be my wife's, so it would be really helpful if I could get that working too. I am able to log in, but see the following message in the main pane:

Hello all, I just found a bug a nice bug that can be turned into a real feature on systems (usually Linux) that are built with --with-ipv4-default. If you enable IPv6 in kernel, and enable both listenaddress 0.0.0.0 and ::, sshd will error out 'address family not supported'. However, you can work around this error by starting sshd with 'sshd -4 -6'. As far as man page is

Hello all, sshd configuration file options change from one release to another. If you forget updating sshd_config, sshd will not start. This is especially painful for update scripts etc. where you can't do e.g. 'sshd -p 2022' to see if it's okay. May I suggest some option, e.g. sshd -t, which would test config files and other obvious issues and return an errorcode if something

Hi, I'd like to bring this up again as there has been discussion about 2.4.0 patches. Getting something this big in would probably delay the release too much, but something similar should be considered for 2.5 then. A lot of people would like some control over port forwarding. Florian Weimer's patches (http://cert.uni-stuttgart.de/files/openssh/) are one, rather "big"

Hello all, OpenSSL 0.9.5a and 0.9.6 are incompatible, causing weird errors. I'd like to get a check for this in the RPMs. However, now I want to make sure whether anyone has experienced problems with RHL 0.9.5a OpenSSL libs vs. the 0.9.5a ones provided at openbsd.org? Ie: is it enough to check like '= 0.9.5a' or do you have to check '= 0.9.5a-xyz'. -- Pekka Savola

Hello all, Very recently, djm added compability patch so that aes/rijndael encryption problems could be avoided when talking to broken server/client; and you wouldn't have to toggle off the protocols yourself. Might this be a candidate for 2.5.2p2 or the like? This would be helpful when there are a lot of broken, 2.3.0 and like, systems. -- Pekka Savola "Tell me of