similar to: Failure message of configure from openssh 2.3.0p1 is wrong.

Feb 12 CVS (sort of, see warning below) I've had to change around some of the code in configure.in to get some platforms to compile with the --with-tcp-wrappers option. Basicly I have set it up to check headers check system libraries check for optional packages check functions I have also tried to clean up the library order as it is important on some platforms. This patch works on Solaris

Jim Klimov <jimklimov+nut at gmail.com> writes: > By the way, on the NUT CI farm the libwrap is present on some (though not > all) systems - covering linux, freebsd, openindiana... and neither > complained about `sockdebug` :\ > > What version do you have? Maybe it is some alternate implementation? Looks like 7.4, as amended in NetBSD over the years. Looks like the

Hi, 2.0 compiles fine in Solaris but and I've found only one glitch so far. Tcpwapper support needs some tweaks. I need to add CPPFLAGS=/usr/sfw/include because tcpd.h is in there. Then also LDFLAGS='-R/usr/sfw/lib -L/usr/sfw/lib' is needed. It would be nice to have --with-tcpwrap-dir or something. After this linking gives an error Undefined first referenced symbol in file

By the way, on the NUT CI farm the libwrap is present on some (though not all) systems - covering linux, freebsd, openindiana... and neither complained about `sockdebug` :\ What version do you have? Maybe it is some alternate implementation? Jim On Thu, Nov 9, 2023 at 3:44?PM Greg Troxel <gdt at lexort.com> wrote: > I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). > >

Hi! Here is the patch to support tcp wrappers with x11-forwarded connections. The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too. I've understood that this will not be included in the official version because it adds complexity (?!) to openssh. Binding the forwarded port to localhost doesn't solve all problems. I've understood that you should also implement

I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). (FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order. >From a packaging viewpoint, the effort to update for a release is about 3 minutes plus time to adapt anythhing that has changed. So I'd much rather have releases more often.) In the pkgsrc build, nut finds tcp wrappers because they are part of the base system.

Hello, I tried building OpenSSH-2.9p1 on AIX 4.3.3(ML6) with gcc. I included the --with-tcp-wrappers flag in configure. Configure went just fine, make went just fine, but 'make install' failed with the following error: exec(): 0509-036 Cannot load program ./ssh-keygen because of the following errors: 0509-130 Symbol resolution failed for /usr/local/lib/libwrap.a(libwrap.so)

Hi guys, and here's a security related bug report. I think it's has been fixed in the 2.2.x-release of openssh, but I'm not sure. I tried to reproduce the problem with my 2.2.0p1 and could find any difference in the behaviour of ssh depending on wether PermitRootLogin was set to no. Could someone please confirm that this problem is not existing anymore? > When PermitRootLogin is

Hi, here's another feature request that I just found and where I would like to hear your comments first: > The above commands are valid ssh-nonfree, but openssh doesn't like them. The > first two are important for security conscious sites. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6

Hi, I just confirmed this bug for openssh 2.2.0p1. Could you please fix this upstream? Thanks. > The manpage for sshd lists the option 'PrintLastLogin' as being enabled by > default, but in fact the option is called 'PrintLastLog'. I encountered > this problem when upgrading, after customizing my sshd_config file, and not > accepting the Debian version upon upgrade

Hi, and here's the next feature request, which sounds interesting. Also I think I won't need much extra code to add this feature. So what do you guys think? > `ssh' with its host key checking is incompatible with the use of > `redir' to map different ports on a gateway/firewall system to > different systems behind the firewall. > For instance, I redirect ports as

Damn, forgot the rest of the patch. Here it comes. diff -Nur openssh-2.2.0p1-/ssh-keygen.c openssh-2.2.0p1/ssh-keygen.c --- openssh-2.2.0p1-/ssh-keygen.c Wed Aug 23 02:46:24 2000 +++ openssh-2.2.0p1/ssh-keygen.c Sun Oct 29 16:44:50 2000 @@ -68,7 +68,7 @@ static const char *__progname = "ssh-keygen"; #endif /* HAVE___PROGNAME */ -char hostname[MAXHOSTNAMELEN]; +char

Thanks, I think it would not hurt to add the variables into the source if that helps? A bit puzzled why it wants TCP wrappers though, the program is primarily about the Unix socket access. It can be used by end-users or more likely by developers for troubleshooting; potentially for some automations that act like a NUT driver. Not intended as a prime-time mechanism, but could have its uses... As

Hi, and here's another bug report against openssh which I could verify using openssh from cvs. So could we please change the behaviour of openssh to be consistent? > when /etc/nologin exists and the pam_nologin.so module is included in > the sshd pam file then users will be denied access when it exists > (though its contents are not displayed to them) however if the user >

Hi, and another feature request that I got from a debian user and that I think should be included in openssh. Thanks. |Unlike the 'old' ssh (Package: ssh; Version: 1.2.26-1.2)'s scp |openssh's scp does not support the -L option which according to |old ssh's manpage does the following: |> -L Use non privileged port. With this you cannot use |>

Hi guys, here's another nasty bug in openssh that I also noticed. Has this already been fixed or would someone please take care of this? Thanks. > If I enable the line: > auth required pam_env.so > to the ssh pam file, with the following line in > /etc/security/pam_env.conf > file: > PATH DEFAULT=/usr/local/bin:/bin:/usr/bin:/usr/bin/X11:/usr/games > then

Hi, here's another bug report against openssh with a patch included (from the same person who submitted the bug report). Would you please apply it? Thanks! > The Debian package of ssh includes patches to recognize a 'PrintLastLog' > option which can be used to disable the automatic display of the last > login time. (This is often handled by PAM.) The option is scanned and

Hi and here's an feature request from a user/developer, wher I would like to hear your comments again. Thanks > The PAM_RHOST item, which tells PAM which remote host it is conversing > with, is currently set by OpenSSH _after_ authentication is made. This > is not a good thing for me, as a have written a module which needs the > IP of the peer as a part of authentication. >

Hi, here's a minor and easy to fix bug. Thanks for fixing: > Manual for ssh-copy-id claims public key will be appended to remote file > ~/.ssh/authorised_keys, which should read ~/.ssh/authorized_keys ('s'->'z'). Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853

Hi, I just ltraced ssh to see why it prints the lastlog twice instead of one time. I think the bug seems to be in the parsing of the lastlog-entry and I especially think that the function lastlog_populate_entry is the buggy one, but I'm not sure, as I'm not very familar with the code. So if someone of you, would please trace this bug down and fix it, I would really appreciate that.