similar to: SSH / X11 auth: needless complexity -> security problems?

I don't like to be the bearer of bad news, but... In light of the big "ssh hangs on logout" thread (wherein the true culprit was identified as being programs that don't close inherited file descriptors), I find it somewhat ironic that one of those "broken daemon" programs that doesn't close its open fds is sshd. :( http://bugzilla.mindrot.org/show_bug.cgi?id=3

Currently, ~/.ssh/environment can set static environment variables, and ~/.ssh/rc can run initialization routines. But there is no way for sshrc to propagate changes to the environment to the user's shell or command. There is, however, a possible way to do this. If the PermitUserEnvironment option is set, sshd could treat the stdout of sshrc as additional assignment lines of the form

Thanks for sharing the questions and responses! Is it possible to appreciate how much the coefficients matter in one or the other model? Say, using Biau's example, using coxph, as.factor(grade2 == "high")TRUE gives hazard ratio 1.27 (rounded). As clinician I can grasp this HR as 27% relative increase. I can relate with other published results. With survreg the Weibull model gives a

Dear R help list, I am modeling some survival data with coxph and survreg (dist='weibull') using package survival. I have 2 problems: 1) I do not understand how to interpret the regression coefficients in the survreg output and it is not clear, for me, from ?survreg.objects how to. Here is an example of the codes that points out my problem: - data is stc1 - the factor is dichotomous

1. The weibull is the only distribution that can be written in both a proportional hazazrds for and an accelerated failure time form. Survreg uses the latter. In an ACF model, we model the time to failure. Positive coefficients are good (longer time to death). In a PH model, we model the death rate. Positive coefficients are bad (higher death rate). You are not the first to be confused

This is about 90% of the core work. I omited a few files from the patch set since they are basicly small blocks of #ifndef HAVE_NEXT/#endif to get it to compile. Daimen, feel free to let me know what you applied and what your rejecting and why.. so I can work on cleaning things up. Andre, Only thing of note you may want to look into is NeXT does not use "ut_user" in it's lastlog.

Remote vulnerability in SSH daemon crc32 compensation attack detector ----------------------------------------------------------------------- Issue date: 8 February 2001 Author: Michal Zalewski <lcamtuf at razor.bindview.com> Contact: Scott Blake <blake at razor.bindview.com> CVE: CAN-2001-0144 Topic: Remotely exploitable vulnerability condition exists in most ssh daemon

All, We have recently updated our password aging to include setting inactivity days. We are running ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. Accounts that have been inactive still prompt to change passwords - if you telnet the same servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive accounts are

Disabling checksum offloading at OSOL DomU via kmdb at intial boot :- ( -kd at extra line):- root@ServerJaunty:/home/boris/nevada# xm create -c osol.install Using config file "./osol.install". Started domain osol.install (id=6)                                   Loading kmdb... Welcome to kmdb Loaded modules: [ unix krtld genunix ] [0]> ::bp xnf`_init [0]> :c v3.4.1-rc7 chgset

Hello; Sorry for the crosspost/repost, but I am getting desparate here. I am having difficulties setting up ssh (ossh4.3p2 - NIS -Solaris8/Sparc) to authenticate and allow ossh access based on NIS netgroup. So, users and/or host should be from a valid netgroup triple, contained within the ossh servers .rhosts, .shosts, hosts.equiv and/or shosts.equiv. I am having alot of trouble getting NIS

Dear SSH community, It has been brought to my attention that is has been disputed whether the term "SSH" can be used freely as a term to describe implementations compatible with the "SSH" protocols, due to trademark issues. In particular, the owner of the "SSH" trademark argues that implementations compatible with the "SSH" protocols shall no longer be

What kind of connection delays are people seeing with Ossh 2.2.0p1?? One of the programmers here is seeing delays of up to 25s, which is clearly unacceptable. He's localized the problem to seeding the random number generator - it appears that the _minimum_ number of commands needed to seed the random number generator is 16. On his hosts (for a variety of reasons), many of those commands

Good day and well met. I'm trying to compile and install openssh-4.2p1 on a Sun Ultra-250 running Solaris 8. It's not happy about something. I've searched the bug list and the mail archives but haven't seen another posting about this. Apologies if there is one and my eyes just slid right over it. I've run a configure with the following options, and with no options at

But the main question hasn't been answered: Why is /usr/local placed before user-specified paths? Hypothetical example: You want to link against OpenSSL 0.96 for OpenSSH, but /usr/local contains 0.95, which is needed for something else. (Assume it comes binary only on Solaris for the sake of argument...) --Matt > -----Original Message----- > From: Damien Miller [mailto:djm at

I'm having trouble with users transferring files to a solaris box running ossh v2.3.1p1 via sftp using ssh.com's windows client. The sftp client appears not to respect the users umask, creating files with either mode 666 or 600. We're using version 2.4.0 of the windows client. Any ideas? thanks, -Brett ----------------- Brett Longworth Systems Manager Department of Biology

Is something special required for KerbV auth to work? I've enabled: KerberosAuthentication yes on some test boxes and it doesn't work. I do a kinit, and then ssh and it asks for a password. If you don't provide one, you don't get in.

On 20/03/2023 13:45, Ujjal Roy wrote: > Hi Nikolay, > > I have some query on multicast. When streams running on an STA and STA > disconnected due to some reason. So, until the MDB is timed out the > stream will be forwarded to the port and in turn to the driver and > dropps there as no such STA. > > So, is the multicast_eht handling this scenario to take any action >

Hi! I was browsing through archives and found out that somebody else was having the same problem as I'm. http://bugzilla.mindrot.org/show_bug.cgi?id=248 from the client, when I run scp to the server, I get: scp: warning: Executing scp1 compatibility. scp: FATAL: Executing ssh1 in compatibility mode failed (Check that scp1 is in your PATH). There are more details about this problem here:

Hi all, i have configured incoming voip traffic as follows: [voipin] exten => _X.,1,SetCallerID(033283077734) exten => _X.,2,Dial,Zap/g4/${EXTEN} exten => _X.,3,Hangup If the call going out the pri dials with an additional '0' before the dialed number. This is for caller number AND called number. But i can't see anything that says set a '0' more in front of the

Hi, Has anyone had the following problem. Under Win2000 I copy a file from Windows Explorer to a share running samba 2.2.x. The file does not yet exist on the share however windows pops up a warning that the file already exists and it asks me to replace it. The thing is, the file has a size of 0 bytes. If I click "no" to not replace I end up with an empty file, otherwise it copies