similar to: bug or feature ?

I get error: %SSHD-3-ERROR: Could not load host key: /tmp/ssh_host_dsa_key: Bad file descriptor Jan 26 23:58:52: %SSHD-6-INFO: Disabling protocol version 2. Could not load host key Everything looks okay, the file exists, (it was generated using command: ssh-keygen -d -f ssh_host_dsa_key -N '') I also do 'ls' and find the file exists with permissions: -rw------- 1 root group

Looking at openSSH INSTALL: To generate a host key, run "make host-key". Alternately you can do so manually using the following commands: ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N "" ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" But when I try latter, I get: (gdb) n 1 0x35a6 in save_private_key_ssh2 ( filename=0xb2d2c

vis.c from the 20010208 snap fails to build under OpenBSD 2.8. apply the following in the openssh root to fix: --- openbsd-compat/vis.c.old Thu Feb 8 09:21:18 2001 +++ openbsd-compat/vis.c Thu Feb 8 09:21:26 2001 @@ -35,9 +35,9 @@ static char rcsid[] = "$OpenBSD: vis.c,v 1.5 2000/07/19 15:25:13 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ -#ifndef HAVE_VIS -

Hi ! I haven't found an easy solution to determine the local IP to which the remote SSH client is connected to the local SSHD. We use MC/Serviceguard which can create many Interfaces where a remote client could connect and we like to know within .profile which interface the client has connected to. I've looked at the sourcecode and maybe the following could do something I described :

Hello, I'm running OpenBSD 2.9 (-rOPENBSD_2_9) on i386. Remote port forwarding doesn't work. Attached are 2 logs of ssh -v -R2828:localhost:22 localhost and sshd -p 2222 -d Note that server tries to forward to Connection to port 2828 forwarding to 0.0.0.0 port 0 requested. instead of localhost port 22 as it should. what ssh, what sshd and /etc/sshd_config are also attached. Thanks

Hi All. I'm looking for some help to merge an outstanding Kerberos credential cache change from OpenBSD into Portable. I don't know enough about Kerberos to figure out how that change should be applied for the non-Heimdal(?) code path. The outstanding diff is attached. Any volunteers? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4

Accidently removed XXX comment. New patch below. Regards Magnus --- openssh-3.6.1p2/sftp-server.c.org 2003-08-11 22:07:47.098650000 +0200 +++ openssh-3.6.1p2/sftp-server.c 2003-08-16 19:07:14.273582000 +0200 @@ -24,15 +24,24 @@ #include "includes.h" RCSID("$OpenBSD: sftp-server.c,v 1.41 2003/03/26 04:02:51 deraadt Exp $"); +#define CHROOT #include "buffer.h"

My question is regarding the possibility of someone wiretapping the communication and repeat the action. What if an intruder notice that there's a secure session starting (by guessing at the dst IP address and unintelligible payload) and then start capturing all the packets on this session for the purpose of repeating the whole session again? The secure user could add/delete interfaces and

I see that: SSH uses the following ciphers for encryption: Cipher SSH1 SSH2 DES yes no 3DES yes yes IDEA yes no Blowfish yes yes Twofish no yes Arcfour no yes Cast128-cbc no yes Two ques re: sshd: 1) Using openssh, how do I configure which

Hello, I see that incase of command execution: :fork()" is called twice, in sshd. Once to spin off child sshd from parenat and second from child sshd, to execute command. Due to this I see 3 processes being created for each connection viz: 16398 0.0 0.3 1284 892 ?? S 4:33PM 0:00.05 sshd:child 16399 0.0 0.1 320 232 p4 Is+ 4:33PM 0:00.06 -sh -c foo_command 16401 0.0

The 2.1.1p3 release of portable OpenSSH has been uploaded to the OpenBSD ftp master site. In a few hours it will be available from one of the many mirrors listed at: http://www.openssh.com/portable.html This release fixes several bugs reported since the previous release and extends portability to NeXT and Reliant Unix. As usual, the OpenBSD team has been hard at work further polishing and

The 2.1.1p3 release of portable OpenSSH has been uploaded to the OpenBSD ftp master site. In a few hours it will be available from one of the many mirrors listed at: http://www.openssh.com/portable.html This release fixes several bugs reported since the previous release and extends portability to NeXT and Reliant Unix. As usual, the OpenBSD team has been hard at work further polishing and

I'm finding another problem with OpenSSH 2.5.1p1 on RH 6.2 (at least, I think it's the linux box that is the problem). I'm ssh'ing to a RH 6.2 box from a Solaris 7 server (scp also... seems like the same problem). I'm using authorized_keys and identity.pub files to do it automagically, and all works well when it's from user to user, where the username is the same, but if

I have just tarred up a snapshot and uploaded it to: http://www.mindrot.org/misc/openssh/openssh-SNAP-20000823.tar.gz The snapshot incorporates the last month's fixes and enhancements from the openssh-unix-dev mailing list and from the OpenBSD developers. In particular: - ssh-agent and ssh-add now handle DSA keys. NB. this does not interop with ssh.com's ssh-agent. (Markus Friedl)

removes HAVE_BOGUS_SYS_QUEUE_H and always use our queue.h. ok? Index: acconfig.h =================================================================== RCS file: /var/cvs/openssh/acconfig.h,v retrieving revision 1.122 diff -u -r1.122 acconfig.h --- acconfig.h 26 Feb 2002 16:40:49 -0000 1.122 +++ acconfig.h 12 Mar 2002 02:11:39 -0000 @@ -14,7 +14,6 @@ /* SCO workaround */ #undef

Damien Miller <djm at mindrot.org> wrote: On 29 Dec 2000, sunil vallamkonda wrote: > Hello, > > Looking at: > http://www.openssh.com/features.html > > Under 'Free Licensing' section: > > "any licensed or patented components are chosen from > external libraries (e.g. OpenSSL)" > > Can someone please enlighten me which > components

Hello, I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users

just having finished this *MOST* frustrating exercise, here's what i ended up doing. i downloaded a file from the hp ftp site called: hpwj_solaris_en.tar.Z (see http://whp-web1.extweb.hp.com/cposupport/networking/software/SOLd615.PKG.html ) this is a complete configuration setup utility that configures your solaris machine to serve the printer. and then you point samba to the solaris

With a little help, I managed to get ssh to compile. (original post 05.02.02) Now, I can login using an account that is local to the target machine but logins with AFS accounts fail. The details: IRIX 6.5.15 ssh 3.1.p1 gcc 3.0.1 ssl-0.9.6c zlib-1.1.4. I am configuring with: env CC=gcc CFLAGS=-g LDFLAGS=-Wl,-rpath,/usr/local/krb4/lib,-rpath,/usr/local/ssl/lib ./configure

The Unix/Linux port of OpenSSH 1.2.3 was released yesterday and should be available from a mirror near you. A mirror list is available from: http://violet.ibs.com.au/openssh/files/MIRRORS.html This release fixes the bugs reported since 1.2.2p1 and contains many cleanups from the OpenBSD tree. In particular, the OpenSSL detection problems have been resolved. The layout has changed a little bit.