similar to: OSSH 2.5.2p2: Why is /usr/local/ put into the include & lib p aths under Solaris?

I'd like to know why /usr/local/(include|lib) is added to the (include|library) path. I'd _especially_ like to know why it's added before user-specified library directories such as OpenSSL. If I specify --with-openssl=/foo/openssl, I want to actually _use_ the version of openssl in /foo/openssl, not some version that may have been installed in /usr/local. This really makes no

When doing a simple configure of OpenSSh 2.5.2p2 on a Sparc running RedHat 6.0 I get: ... updating cache ./config.cache creating ./config.status creating Makefile sed: file conftest.s1 line 1: Unknown command: ``^'' creating openbsd-compat/Makefile sed: file conftest.s1 line 1: Unknown command: ``^'' creating ssh_prng_cmds sed: file conftest.s1 line 1: Unknown command:

Hi ! According to http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98577747029227&w=2 [...snip...] List: openssh-unix-dev Subject: Updated configure.in patch for 2.5.2p2 From: Carson Gaspar <carson at taltos.org> Date: 2001-03-28 11:03:29 [...snip...] there exists a patch to add --with-zlib (needed when zlib isn't installed in the standard path. Happens on Solaris

Dear developers of OpenSSH, first of all I want to thank you for your excellent work on OpenSSH! I have compiled OpenSSH 2.5.2p2 on Sun Solaris 2.6 and Sun Solaris 8 and discovered some problems. The first is that OpenSSH doesn't evaluate the file /etc/default/login which contains some flags and parameters for the login process. On important parameter is the default value for PATH. As we

HI! I would like to introduce new patch which adds new config option "AuthOrder2" to sshd_config. I would like to say that I only modyfied the patch made by Carson Gaspar. If you want to know more about this patch see thread at: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98577021011067&w=2 I will appreciate any feedback from you. This patch is against 3.1p1. BTW:

On 2/17/16 6:02 PM, Darren Tucker wrote: > On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote: > [...] >> Is there a sane way to run just one test script? LTESTS can't be overridden >> AFAIK... > > make t-exec LTESTS=testname > > where testname is the name of the specific test script without the .sh > extension. Nope, that runs

Bug: all .out files get rebuilt every make. This is silly, and breaks make install if root cannot write to your build dir. Fix: add dependancy check sop .out files only get rebuilt if the source file changes FixBug: if any source file gets changed, all .out files get rebuilt. This is because man pages and config files both get .out extensions but get created differently. It's

channels.h from today's CVS has MS-DOS ^M end-of-line chars. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body

Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the

--sysconfdir configuration option doesn't work. sshd always try to open its config files from /usr/local/etc/ : pochini at orione:/home/pochini/openssh-2.9p2# sshd --help sshd: invalid option -- - sshd version OpenSSH_2.9p2 Usage: sshd [options] Options: -f file Configuration file (default /etc/ssh/sshd_config) [...] -h file File from which to read host key (default:

I've been trying to establish the following setup: * on port 22, a vanilla sshd that allows publickey and keyboard-interactive requests using only protocol v2 * on port 1022, a sshd that allows publickey, password and keyboard-interactive requests using both protocol 1 and 2 The first is meant to be open to the world, the second is accessible only from within the (firewalled) private

The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths

auth.c:auth_log contains the following code: authlog("%s %s for %s%.100s from %.200s port %d%s", authmsg, method, authctxt->valid ? "" : "illegal user ", ---> authctxt->valid && authctxt->pw->pw_uid == 0 ? "ROOT" : authctxt->user, get_remote_ipaddr(),

The attached patch against today's CVS improves write() error handling and logging in clientloop.c when flushing stdout/stderr. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body -------------- next part -------------- A non-text attachment was scrubbed... Name: clientloop.c.diff Type: application/octet-stream Size: 966 bytes Desc: not available Url :

I finally got around to looking at a bunch of patchs to configure.in, some of them from back in March. One from Carson Gaspar <carson at taltos.org> looked promissing at first glance but after many hours I just couldn't get it to work. Due to much demand, I have added optional PATH to --with-pcre, --with-zlib, and --with-tcp-wrappers. I have done extensive testin on --with-zlib, and

On 2/17/16 3:02 PM, Carson Gaspar wrote: > > Sadly I'm hitting a different autoconf bug :-( I was being an idiot - configure was bombing out & I didn't notice (boy that openssl version error message is loooooong...) With Mr. Wilson's patch, I still get: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox"

The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths

I attached a broken diff to my last mail. This one actually works. Sorry for the brain-o's tonight... -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body -------------- next part -------------- A non-text attachment was scrubbed... Name: makediff Type: application/octet-stream Size: 3569 bytes Desc: not available Url :

When using "HostbasedUsesNameFromPacketOnly yes", the ssh client sends the hostname with a trailing dot, but the server does not strip off the trailing dot when matching against .shosts et. al., or when looking up keys in ssh_known_hosts2. This causes the host to not be found. Adding the hostname with trailing dot to the config files "fixes" this, but I think sshd should

Finally all the pieces are in place to allow strong user and host authentication with SSH2 and the latest OpenSSH code (plus my partial auth patch). Herein I describe one problem case, and a possible solution thereof. Target: Allow user logins from host charles to host steve using passwords Previously, you would have had to trust the IP headers to authenticate charles. If charles had a