similar to: Patch for removing X11 fwding cookies

Displaying 20 results from an estimated 700 matches similar to: "Patch for removing X11 fwding cookies"

2001 Dec 05
1
DISPLAY=localhost
hi, this can be applied to the latest portable CVS. by default bind sshd fake display to localhost. [stevesk at jenny stevesk]$ uname -sr HP-UX B.11.11 [stevesk at jenny stevesk]$ echo $DISPLAY localhost:14.0 [stevesk at jenny stevesk]$ netstat -an|grep 6014 tcp 0 0 127.0.0.1.6014 *.* LISTEN this is currently controlled with sshd_config gatewayports;
2002 Feb 04
0
[Bug 101] New: session.c modifications for correct UNICOS behavior
http://bugzilla.mindrot.org/show_bug.cgi?id=101 Summary: session.c modifications for correct UNICOS behavior Product: Portable OpenSSH Version: 3.0.2p1 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org
2001 Feb 21
3
X11 display issues
Hi, This also has been discussed in SSHSCI's SSH context. All SSH versions (both SSHSCI and OpenSSH) derive value for DISPLAY variable from `uname -n`. The problem is that the returned value is not necessarily resolvable to a valid IP number which in turn might cause a failure. To make it fool-proof I suggest to set DISPLAY to the interface's address the user has reached the system in
2000 Oct 27
0
Segfault in 2.2.0p1 due to connect() changes in Linux 2.4
Hello, I upgraded (?) one of my machines to Linux kernel 2.4.0-test9, and sshd started failing. Specifically, the sshd child processes would segfault if a user requested X11 forwarding. I tracked the problem down to these bits of code: channels.c, x11_create_display_inet, line 1738: sock = socket(ai->ai_family, SOCK_STREAM, 0); if (sock < 0) { if (errno != EINVAL) {
2001 Jun 05
1
OpenSSH tmp cleanup
Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2009 Feb 05
2
Coding help : Where to log X11 forwards?
OpenSSH 5.1p1 I can't grasp why, when connecting with 'ssh -Y' to this test host, I am not tickling the verbose() call below that I have added. I am logging as auth + verbose in sshd_config The X11 forward for the session works fine as tested with xterm. At any rate, I am looking for some guidance on where to log X11 forwards that are established, ideally with a username and remote
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port
2001 Nov 27
1
[PATCH] tcp-wrappers support extended to x11 forwards
Hi! Here is the patch to support tcp wrappers with x11-forwarded connections. The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too. I've understood that this will not be included in the official version because it adds complexity (?!) to openssh. Binding the forwarded port to localhost doesn't solve all problems. I've understood that you should also implement
2001 Oct 23
1
Compilation error on Solaris Workshop 6 (+patch)
Hi! At compilation of the openssh-2.9.9p2 with Solaris WorkShop 6.01 the following compilation error was given out. /opt/SUNWspro/bin/cc -Xa -xF -xCC -xildoff -xarch=v9 -xchip=ultra -dalign -I/usr/include/v9 -D_REENTRANT -xO2 -I. -I. -I/usr/local/include -DETCDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
2001 Jul 20
0
Updated chroot patch
This is the patch part of contrib/chroot.diff updated to be appliable against openssh-2.9p2. Tested on FreeBSD (various 3.x and 4.x) without PAM or UseLogin. Also, as part of deployment (replacing emergency-withdrawal of Telnet access) I've chosen to get sftp on the relevant boxes. The deployment had a scriptlet doing the config/make/etc and after the "make install" would change
2001 Aug 13
0
Latest won't compile under Solaris 8
Here the setup: # cat ecn rm config.cache CC="cc -O -xarch=v9" ./configure \ --prefix=/opt/openssh \ --sysconfdir=/var/ssh \ --with-rsh=/usr/local/etc/rsh \ --with-ipv4-default \ --with-ssl-dir=/usr/local/ssl \ --with-pam \ --with-ipaddr-display \ --with-pid-dir=/var/ssh ALthough I have tried several different configs, all
2000 May 15
0
OpenSSH (1.2.3) sshd hanging when using rsync over ssh (retry)
Now that the list is said to be open again, I'm resending this. I've merged my changes into OpenSSH 2.1.0 as Kris imported it into FreeBSD over the weekend. ---------- Forwarded message ---------- Date: Thu, 4 May 2000 08:40:22 -0500 (CDT) From: Guy Helmer <ghelmer at cs.iastate.edu> To: openssh-unix-dev at mindrot.org Subject: OpenSSH (1.2.3) sshd hanging when using rsync over ssh
2002 Feb 15
1
IRIX cleanup.
Can I get someone from the IRIX group to apply this patch to the 3.0.2pX release and reconfigure/compile. I'm trying to clean out do_child() in perparation of a larger patch to that part of the code. Also if someone could give me the hint for the right compiler magic to wrap the code in instead of what I'm doing now. I'd be thankful. Thanks - Ben diff -urN
2001 Apr 04
1
compiler warnings about format strings
Is anyone bothered by the compiler warnings that indicate that the format strings don't match the associated variables? I was, so I cast most of the objectionable args (pids, uids, gids) to "long", and added an "l" (el) to the format string. A single item was cast to an int. Here's the patch. If you haven't applied my UseLogin patch, the line numbers in
2001 Oct 24
2
disable features
this (uncomplete) patch makes various features compile time options and saves up to 24K in the resulting ssh/sshd binaries. i don't know whether this should be added to the CVS since it makes the code less readable. perhaps WITH_COMPRESSION should be added, since it removes the dependency on libz -m Index: Makefile.inc =================================================================== RCS
2000 May 15
1
AIX authenticate patches
Here are some patches to re-enable support for AIX's authenticate routines. With them, ssh will honor locked & unlocked accounts, record successful and unsuccessful logins, and deny accounts that are prohibited to log in via the network. Tested with AIX 4.3. It also includes a fix for handling SIGCHLD that may be needed for other platforms (HP-UX 10.20, for example). If I get the time
2001 Oct 10
1
LynxOS: ssh client hang on exit?
Hi, I use openssh-2.9p2 on LynxOS i386 system. sshd runs on LynxOS and ssh client on Redhat 7.0 Linux system (openssh-2.9p2 ssh client). The ssh client hangs on exit 90% of times. I don't think this is the usual hang-on-exit bug, because, there are no background processes running, I suppose. I attach the server debug messages. $ssh -V hari at lynx (From Linux) ... Password: ... lynx>
2001 Sep 28
0
openssh-2.9.9p2 session.c uses two undeclared void functions
I found this problem on 32-bit Solaris 8 sparc. session.c uses two void functions without declaring them first; this violates the C standard, which requires declarations for such functions. Here's a patch. 2001-09-28 Paul Eggert <eggert at twinsun.com> * session.c (do_pre_login, record_utmp_only): Add missing declarations.
2000 Aug 13
1
Patches for openssh port forwarding
Hi ! I hacked together a couple of patches for Openssh 2.1.1p4 port forwarding. It is a one patch file that does the following two things: First: If the server is configured not to allow port forwardings it sends SSH_SMSG_FAILURE (protocol 1) while openssh client expects SSH_SMSG_SUCCESS. When the client gets the failure it exists with protocol error message. This patch will accept both failure
2001 Apr 22
1
relaxing access rights verifications
Hello, I was trying to build a chrooted sftp account when I faced a problem. The chroot is done with the patch present in the contrib subdirectory in the portable version (I'm under linux slackware current). My problem is that verifying access rights on directories and files are too tight and then I couldn't have the following things : The user sftp, with primary group sftp, is chrooted