Displaying 20 results from an estimated 1000 matches similar to: "[PATCH] Make "-L" local ports bind to "127.0.0.1" in openssh-2.9p1"
2001 Nov 27
1
[PATCH] tcp-wrappers support extended to x11 forwards
Hi!
Here is the patch to support tcp wrappers with x11-forwarded connections.
The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too.
I've understood that this will not be included in the official version
because it adds complexity (?!) to openssh.
Binding the forwarded port to localhost doesn't solve all problems. I've
understood that you should also implement
2001 Dec 05
1
DISPLAY=localhost
hi,
this can be applied to the latest portable CVS. by default bind sshd fake
display to localhost.
[stevesk at jenny stevesk]$ uname -sr
HP-UX B.11.11
[stevesk at jenny stevesk]$ echo $DISPLAY
localhost:14.0
[stevesk at jenny stevesk]$ netstat -an|grep 6014
tcp 0 0 127.0.0.1.6014 *.* LISTEN
this is currently controlled with sshd_config gatewayports;
2002 Jan 05
2
new feature w/ patch
I've attached a patch to OpenSSH 3.0.2p1 that will allow the client
side of local port forwarding to be bound to a single address. For
my purposes, binding to 127.0.0.1 or (via GatewayPorts) all addresses
would not work. I overloaded the "-b local_host" option so that
it's address will be used when "-L port:remote_host:remote_port"
is also specified.
Today is the first
2004 Aug 05
1
LocalForward and RemoteForward bind patch
FINALLY, it's here.
You can now tell SSH which address to bind to for every single port
forwarding option! This patch allows you to pass the following as ssh
command line options:
ssh -L 192.168.1.55:1234:localhost:80 -R ::11:22:aa:bb/80/localhost/80
etc.
Or as normal config file options:
LocalForward ::11:22:33/1234 localhost/80
RemoteForward 1.2.3.4:80 localhost:80
It will also
2002 Feb 15
3
ssh can't resolve hostnames thru WINS
[Please CC me, I'm not on the list]
My box is on a mostly Windows-populated network.
Naturally, I set up Samba and added WINS as a name resolution option.
I found out that some programs now can use NetBIOS names, other can't.
openssh falls into latter category :-(
I found that openssh use this snippet to convert hostname to ip:
if((gaierr = getaddrinfo(host, strport, &hints,
2012 Oct 22
1
[PATCH] Implement remote dynamic TCP forwarding
Hi all,
This is a client side only implementation of reversed dynamic (SOCKS) TCP
forwarding, which means it is compatible with any existing servers
have 'remote forward' capability.
To establish such forward, use "ssh -R [BIND_ADDRESS:]PORT ...".
The server will listen on that port and address and accept SOCKS
traffics.
Hope this will be useful for you.
There was an
2014 Feb 10
0
[PATCH] Basic SCTP support for OpenSSH client and server
This patch allows the OpenSSH client to make connections over SCTP,
and allows the OpenSSH server to listen for connections over SCTP.
SCTP is a robust transport-layer protocol which supports, amongst other things,
the changing of endpoint IPs without breaking the connection.
To connect via SCTP, pass -H or set "ConnectViaSCTP yes".
To listen via SCTP as well as TCP, set
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly
soon.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
In the current implementation, ssh always uses the hostname supplied by
the user directly for the SSHFP DNS record lookup. This causes problems
when using the domain search path, e.g. I have "search example.com" in my
resolv.conf and then do a "ssh host", I will connect to host.example.com,
but ssh will query the DNS for an SSHFP record of "host.", not
2017 Jan 29
2
[PATCH tftpd-hpa] tftpd: don't use AI_CANONNAME and AI_ADDRCONFIG to resolve addresses for bind
AI_CANONNAME is only relevant when the resulting official name is used,
which is not the case in tftpd for the address to bind to. Also
AI_ADDRCONFIG isn't helpful. This flag is good for sockets used to
connect(2) somewhere. But for listening sockets it makes tftpd fail to
start when -a 0.0.0.0:69 is passed and no network device is up yet.
This addresses Debian bug
2002 Mar 21
1
BindAddress with Openssh
Hi
In a nutshell, the BindAddress functionality doesn't seem to work (at
least on Solaris 7 when using the fake-gettaddrinfo module provided). I
haven't been able to test on other OS versions or using an OS library
provided getaddrinfo (such as OpenBSD), but the unless the functionality
of getaddrinfo is majorly different, I think this problem would be
similar everywhere.
The code in
2017 Jan 12
3
proposed change to ssh_connect_direct()
On Sat, Jan 7, 2017 at 2:30 PM, Peter Moody <mindrot at hda3.com> wrote:
> so I spent a bit of time looking at this and it seems like the only
> way to go, at least if I want to keep it in ssh_connect_direct(), is
> to use pthreads. further, it seems like getting that accepted is
> something of a long shot:
Sorry, pthreads is a non-starter.
I would have thought that using
2013 Oct 07
4
Feature request: FQDN Host match
Hello!
I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :)
Anyway, my question relates to ssh_config. The problem I find is that
the Host pattern is only applied to the argument given on the command
line, as outlined in the man page:
"The host is the hostname argument given on the command line (i.e. the
name is not converted to a canonicalized host name
2004 Apr 30
1
Code question (canohost.c)
On Fri, 30 Apr 2004, YOSHIFUJI Hideaki / [iso-2022-jp] $B5HF#1QL@(B wrote:
> In article <Pine.BSO.4.44.0404292059520.953-100000 at etoh.eviladmin.org> (at Thu, 29 Apr 2004 21:00:26 -0500 (CDT)), Ben Lindstrom <mouring at etoh.eviladmin.org> says:
>
> > Be that true.. then one should review the usage of it in sshconnect.c
> > which is the other place we do it.
>
2001 May 14
2
openssh-2.9p1
Hi,
1. I think you should apply the attached patch to openssh-2.9p1,
otherwise ssh-keyscan on linux boxes with glibc-2.1 will experience enormous
timeout delays.
2. Is there a program like ssh-keyscan for the Version2 (dsa and rsa) keys??
regards
Peter Breitenlohner <peb at mppmu.mpg.de>
-------------- next part --------------
diff -ur openssh-2.9p1.orig/ssh-keyscan.c
2002 Jul 17
2
[Patch] SSH through HTTP proxy using CONNECT
Hi,
I'm not a subscriber to this list so please CC: me in any replies.
I found myself in a situation where I was behind a corporate firewall
that allowed only web requests to the outside world (and furthermore
those requests had to be via their proxy server). Therefore, I couldn't
SSH to the outside world.
However, the HTTP proxy 'CONNECT' method, which is normally used to
2002 Sep 06
0
use of setsockopt(SO_LINGER)
I would like to remove setsockopt(SO_LINGER), as there does not seem
to be a reason for its use. If you know of specific reasons we should
keep any of these let me know, or run this patch in local test trees
where possible.
This is against OpenBSD, but should apply to portable with some
fuzz.
Index: channels.c
===================================================================
RCS file:
2002 Jan 07
1
rsync-2.5.1 / socket.c - unititialized variable breaks build.
In socket.c, the variable error is unitilialzed.
Also the variable length should be an unsigned int.
EAGLE> type socket.gdiff
--- ref_src:socket.c Sat Jan 5 13:27:07 2002
+++ lcl_src:socket.c Sun Jan 6 08:40:51 2002
@@ -1,3 +1,4 @@
+/* Converted by prj_src:unix_c_to_vms_c.tpu AND prj_src:socket.tpu on
6-JAN-20
02 08:40:51.01 OPENVMS_AXP */
/* -*- c-file-style: "linux"
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2018 Feb 23
6
RFC 8305 Happy Eyeballs in OpenSSH
Hello,
I use hosts that are dual stack configured (IPv4 and IPv6) and it
happens that connectivity through one or the other is broken and
timeouts. In these case connection to the SSH server can take quite some
time as ssh waits for the first address to timeout before trying the
next.
So I gave a stab at implementing RFC 8305. This patch implements part of
it in sshconnect.c.
* It does not do