Displaying 20 results from an estimated 700 matches similar to: "Patch for removing X11 fwding cookies"
2001 Dec 05
1
DISPLAY=localhost
hi,
this can be applied to the latest portable CVS. by default bind sshd fake
display to localhost.
[stevesk at jenny stevesk]$ uname -sr
HP-UX B.11.11
[stevesk at jenny stevesk]$ echo $DISPLAY
localhost:14.0
[stevesk at jenny stevesk]$ netstat -an|grep 6014
tcp 0 0 127.0.0.1.6014 *.* LISTEN
this is currently controlled with sshd_config gatewayports;
2002 Feb 04
0
[Bug 101] New: session.c modifications for correct UNICOS behavior
http://bugzilla.mindrot.org/show_bug.cgi?id=101
Summary: session.c modifications for correct UNICOS behavior
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2001 Feb 21
3
X11 display issues
Hi,
This also has been discussed in SSHSCI's SSH context. All SSH versions
(both SSHSCI and OpenSSH) derive value for DISPLAY variable from
`uname -n`. The problem is that the returned value is not necessarily
resolvable to a valid IP number which in turn might cause a failure.
To make it fool-proof I suggest to set DISPLAY to the interface's
address the user has reached the system in
2000 Oct 27
0
Segfault in 2.2.0p1 due to connect() changes in Linux 2.4
Hello,
I upgraded (?) one of my machines to Linux kernel 2.4.0-test9, and sshd
started failing. Specifically, the sshd child processes would segfault if
a user requested X11 forwarding. I tracked the problem down to these bits
of code:
channels.c, x11_create_display_inet, line 1738:
sock = socket(ai->ai_family, SOCK_STREAM, 0);
if (sock < 0) {
if (errno != EINVAL) {
2001 Jun 05
1
OpenSSH tmp cleanup
Hi,
I noticed that Markus has fixed the temporary file cleanup problems in
OpenSSH cvs. What files need patching for this ? I only noticed
changes in: session.c, channels.h and channels.c.
-Jarno
--
Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2009 Feb 05
2
Coding help : Where to log X11 forwards?
OpenSSH 5.1p1
I can't grasp why, when connecting with 'ssh -Y' to this
test host, I am not tickling the verbose() call below that
I have added.
I am logging as auth + verbose in sshd_config
The X11 forward for the session works fine as tested with
xterm.
At any rate, I am looking for some guidance on where
to log X11 forwards that are established, ideally with
a username and remote
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful
in an environment where users do not have a regular shell login.
It allows you to selectively disable certain features on a
system-wide level for users with a certain shell; it also allows
you to control and audit TCP forwarding in more detail.
Our system is an email server with a menu for the login shell;
we selectively allow port
2001 Nov 27
1
[PATCH] tcp-wrappers support extended to x11 forwards
Hi!
Here is the patch to support tcp wrappers with x11-forwarded connections.
The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too.
I've understood that this will not be included in the official version
because it adds complexity (?!) to openssh.
Binding the forwarded port to localhost doesn't solve all problems. I've
understood that you should also implement
2001 Oct 23
1
Compilation error on Solaris Workshop 6 (+patch)
Hi!
At compilation of the openssh-2.9.9p2 with Solaris WorkShop 6.01 the
following compilation error was given out.
/opt/SUNWspro/bin/cc -Xa -xF -xCC -xildoff -xarch=v9 -xchip=ultra
-dalign -I/usr/include/v9 -D_REENTRANT -xO2 -I. -I.
-I/usr/local/include -DETCDIR=\"/etc/ssh\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
2001 Jul 20
0
Updated chroot patch
This is the patch part of contrib/chroot.diff updated to be appliable
against openssh-2.9p2. Tested on FreeBSD (various 3.x and 4.x) without
PAM or UseLogin.
Also, as part of deployment (replacing emergency-withdrawal of Telnet
access) I've chosen to get sftp on the relevant boxes. The deployment
had a scriptlet doing the config/make/etc and after the "make install"
would change
2001 Aug 13
0
Latest won't compile under Solaris 8
Here the setup:
# cat ecn
rm config.cache
CC="cc -O -xarch=v9" ./configure \
--prefix=/opt/openssh \
--sysconfdir=/var/ssh \
--with-rsh=/usr/local/etc/rsh \
--with-ipv4-default \
--with-ssl-dir=/usr/local/ssl \
--with-pam \
--with-ipaddr-display \
--with-pid-dir=/var/ssh
ALthough I have tried several different configs, all
2000 May 15
0
OpenSSH (1.2.3) sshd hanging when using rsync over ssh (retry)
Now that the list is said to be open again, I'm resending this. I've
merged my changes into OpenSSH 2.1.0 as Kris imported it into FreeBSD over
the weekend.
---------- Forwarded message ----------
Date: Thu, 4 May 2000 08:40:22 -0500 (CDT)
From: Guy Helmer <ghelmer at cs.iastate.edu>
To: openssh-unix-dev at mindrot.org
Subject: OpenSSH (1.2.3) sshd hanging when using rsync over ssh
2002 Feb 15
1
IRIX cleanup.
Can I get someone from the IRIX group to apply this patch to the
3.0.2pX release and reconfigure/compile. I'm trying to clean out
do_child() in perparation of a larger patch to that part of the code.
Also if someone could give me the hint for the right compiler magic
to wrap the code in instead of what I'm doing now. I'd be thankful.
Thanks
- Ben
diff -urN
2001 Apr 04
1
compiler warnings about format strings
Is anyone bothered by the compiler warnings that indicate that the
format strings don't match the associated variables? I was, so I cast
most of the objectionable args (pids, uids, gids) to "long", and added
an "l" (el) to the format string. A single item was cast to an int.
Here's the patch. If you haven't applied my UseLogin patch, the line
numbers in
2001 Oct 24
2
disable features
this (uncomplete) patch makes various features compile time
options and saves up to 24K in the resulting
ssh/sshd binaries. i don't know whether this
should be added to the CVS since it makes
the code less readable.
perhaps WITH_COMPRESSION should be added, since
it removes the dependency on libz
-m
Index: Makefile.inc
===================================================================
RCS
2000 May 15
1
AIX authenticate patches
Here are some patches to re-enable support for AIX's authenticate
routines. With them, ssh will honor locked & unlocked accounts, record
successful and unsuccessful logins, and deny accounts that are
prohibited to log in via the network. Tested with AIX 4.3.
It also includes a fix for handling SIGCHLD that may be needed for
other platforms (HP-UX 10.20, for example).
If I get the time
2001 Oct 10
1
LynxOS: ssh client hang on exit?
Hi,
I use openssh-2.9p2 on LynxOS i386 system. sshd runs
on LynxOS and ssh client on Redhat 7.0 Linux system
(openssh-2.9p2 ssh client). The ssh client hangs on
exit 90% of times. I don't think this is the usual
hang-on-exit bug, because, there are no background
processes running, I suppose. I attach the server
debug messages.
$ssh -V hari at lynx (From Linux)
...
Password:
...
lynx>
2001 Sep 28
0
openssh-2.9.9p2 session.c uses two undeclared void functions
I found this problem on 32-bit Solaris 8 sparc. session.c uses two
void functions without declaring them first; this violates the C
standard, which requires declarations for such functions. Here's a
patch.
2001-09-28 Paul Eggert <eggert at twinsun.com>
* session.c (do_pre_login, record_utmp_only): Add missing
declarations.
2000 Aug 13
1
Patches for openssh port forwarding
Hi !
I hacked together a couple of patches for Openssh 2.1.1p4 port forwarding.
It is a one patch file that does the following two things:
First:
If the server is configured not to allow port forwardings it sends
SSH_SMSG_FAILURE (protocol 1) while openssh client expects SSH_SMSG_SUCCESS.
When the client gets the failure it exists with protocol error message.
This patch will accept both failure
2001 Apr 22
1
relaxing access rights verifications
Hello,
I was trying to build a chrooted sftp account when I faced a problem. The
chroot is done with the patch present in the contrib subdirectory in the
portable version (I'm under linux slackware current).
My problem is that verifying access rights on directories and files are too
tight and then I couldn't have the following things :
The user sftp, with primary group sftp, is chrooted