similar to: manpage for ssh-copy-id misspells authorized_keys

Hi, I just confirmed this bug for openssh 2.2.0p1. Could you please fix this upstream? Thanks. > The manpage for sshd lists the option 'PrintLastLogin' as being enabled by > default, but in fact the option is called 'PrintLastLog'. I encountered > this problem when upgrading, after customizing my sshd_config file, and not > accepting the Debian version upon upgrade

Hi, here's another feature request that I just found and where I would like to hear your comments first: > The above commands are valid ssh-nonfree, but openssh doesn't like them. The > first two are important for security conscious sites. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6

Hi, and here's the next feature request, which sounds interesting. Also I think I won't need much extra code to add this feature. So what do you guys think? > `ssh' with its host key checking is incompatible with the use of > `redir' to map different ports on a gateway/firewall system to > different systems behind the firewall. > For instance, I redirect ports as

Damn, forgot the rest of the patch. Here it comes. diff -Nur openssh-2.2.0p1-/ssh-keygen.c openssh-2.2.0p1/ssh-keygen.c --- openssh-2.2.0p1-/ssh-keygen.c Wed Aug 23 02:46:24 2000 +++ openssh-2.2.0p1/ssh-keygen.c Sun Oct 29 16:44:50 2000 @@ -68,7 +68,7 @@ static const char *__progname = "ssh-keygen"; #endif /* HAVE___PROGNAME */ -char hostname[MAXHOSTNAMELEN]; +char

Hi guys, and here's a security related bug report. I think it's has been fixed in the 2.2.x-release of openssh, but I'm not sure. I tried to reproduce the problem with my 2.2.0p1 and could find any difference in the behaviour of ssh depending on wether PermitRootLogin was set to no. Could someone please confirm that this problem is not existing anymore? > When PermitRootLogin is

Hi, and here's another bug report against openssh which I could verify using openssh from cvs. So could we please change the behaviour of openssh to be consistent? > when /etc/nologin exists and the pam_nologin.so module is included in > the sshd pam file then users will be denied access when it exists > (though its contents are not displayed to them) however if the user >

Hi, and another feature request that I got from a debian user and that I think should be included in openssh. Thanks. |Unlike the 'old' ssh (Package: ssh; Version: 1.2.26-1.2)'s scp |openssh's scp does not support the -L option which according to |old ssh's manpage does the following: |> -L Use non privileged port. With this you cannot use |>

Hi guys, here's another nasty bug in openssh that I also noticed. Has this already been fixed or would someone please take care of this? Thanks. > If I enable the line: > auth required pam_env.so > to the ssh pam file, with the following line in > /etc/security/pam_env.conf > file: > PATH DEFAULT=/usr/local/bin:/bin:/usr/bin:/usr/bin/X11:/usr/games > then

Hi, here's another bug report against openssh with a patch included (from the same person who submitted the bug report). Would you please apply it? Thanks! > The Debian package of ssh includes patches to recognize a 'PrintLastLog' > option which can be used to disable the automatic display of the last > login time. (This is often handled by PAM.) The option is scanned and

Hi and here's an feature request from a user/developer, wher I would like to hear your comments again. Thanks > The PAM_RHOST item, which tells PAM which remote host it is conversing > with, is currently set by OpenSSH _after_ authentication is made. This > is not a good thing for me, as a have written a module which needs the > IP of the peer as a part of authentication. >

Hi, I just ltraced ssh to see why it prints the lastlog twice instead of one time. I think the bug seems to be in the parsing of the lastlog-entry and I especially think that the function lastlog_populate_entry is the buggy one, but I'm not sure, as I'm not very familar with the code. So if someone of you, would please trace this bug down and fix it, I would really appreciate that.

Hi, if i add --with-tcp-wrappers and --with-skey and don't have an skey-library installed configure will fail with a message telling me that I don't have libwrap installed. But after looking into config.log I see the following: |configure:6344: checking for libwrap |configure:6356: gcc -o conftest -g -O2 -Wall -I. -I. conftest.c -ldl -lnsl -lz | -lutil -lpam -lcrypto -lskey -lwrap

Hi guys, and another feature request for sshd which I would classify as really useful. And I think this behaviour is currently not available (If yes, sorry, I must have missed it): > I believe that the sshd should log which RSA key was used to connect to > an account. When there are a number of keys in the authorized_keys file > it is often useful to know which one was used for each

Hi, and that's another feature request. Sorry if it looks like some kind of spamming, but our current maintainer was very stressed in the past and had not time to forward those reports to you and now I help him a bit out. So thanks for your patience and answering of all my mails with bugreport and feature-reqeust. > Debian by default uses the user-group system. Each user has their own

Morning, and that's the next bugreport that I have to forward you, because the fix should be applied in the upstream sources. Thanks. > sshd (in ssh 1:1.2.3-9) in its default configuration reads > /etc/environment file twice when a user logs in: first, it is > read through pam_env module of PAM (due to the configuration > in /etc/pam.d/ssh), and then by

Hi, and another interesting bug report, where I'm not sure what the correct behaviour of openssh should be. Thanks for your comments: > I find myself frequently using OpenSSH to log in and perform a single > command (particularly in a script to perform some quick, simple task on > multiple machines I administer). If the '-t' option is not included, the > behavior is no

Hi, here's a patch so that ssh also supports hurd-i386. Thanks for incorporating. The patch comes from Robert Bihlmeyer <robbe at orcus.priv.at>. > openssh 2.2.0p1-1.1 does not build on the Hurd. The appended patch > fixes that. Changes in detail: > * PAM is not (yet?) supported, so the PAM dependencies are only put into > the control file on architectures != hurd-i386.

Hello, I'm trying to setup Rsync over SSH with openSSH running port 2222 with a remote RSA public key authentification and a restricted shell to avoid the user to browse my server via SSH, only be able to run rsync server. 1) i've built a regular rsync server over TCP/873 Worked fine, check my conf : motd file = /etc/rsyncd.motd log file = /var/log/rsyncd.log pid

In 3.7p1 you could, for a given user (say backup), generate an rsa_id key pair, place the .pub key into /home/backup/.ssh/authorized_keys and then you could ssh/scp localhost as the backup user and it worked as expected ie automatically authenticated using RSA. In 3.8p1 the behaviour has changed. For root you can do as described above ie if you add roots .pub key to /root/.ssh/authorised_keys you

Hi, OpenSSH 5.1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release is one of the biggest in recent years, with two hackathons' worth of improvements and fixes for some of our most recalcitrant bugs. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is