similar to: [patch] document location of identity files

Hi, protocolkeepalives sends ssh_msg_ignore, which the ssh2 server handles incorrectly (i.e. it produces some output to syslog, instead of ignoring the packet): Jul 9 11:58:07 ren sshd[16580]: error: Hm, dispatch protocol error: type 32 plen 4 This patch implements a highly advanced function to ignore these packets ;) Matthew -------------- next part -------------- An embedded and

Hi, Several people have asked that scp support the -1 and -2 options, so I wrote this patch. Cheers, Matthew -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scp.diff Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010722/7e096fab/attachment.ksh -------------- next part -------------- -- "At least you know

Hi, These patches are from Robert Bihlmeyer to make ssh build on Hurd. If you have queries about them, I suggest contacting debian-hurd at lists.debian.org. Cheers, Matthew -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: openssh-2.9-hurd.diff Url:

Hi, This patch (mostly my work, except for protocolkeepalives, which rjk at greenend.org.uk wrote for 2.5, and I forward-ported) came out our usage for VPN tunnels of ssh, where it was useful for ssh to notice if the server went away. It includes documentation, and is pretty self-explanatory. Matthew -------------- next part -------------- An embedded and charset-unspecified text was

Hi, A bug I've had reported is that scp doesn't work with large files (Debian bug number 106809). The problem seems to be scp.c:504: if ((fd = open(name, O_RDONLY, 0)) < 0) Is there some reason why making that if ((fd = open(name, O_RDONLY|O_LARGEFILE, 0)) < 0) would break things? It seems a simple fix to me... Thanks, Matthew -- "At least you know where you are

Hi, It seems from the source code that there are a couple of quirks with this option: firstly, in the code it's mis-spelt as "challenge_reponse_authentication" and secondly, the default for the client (in readconf.c) seems to be off, whereas for the server (servconf.c) seems to be on: readconf.c: if (options->challenge_reponse_authentication == -1) readconf.c:

Hi, Debian have #defined out this function in entropy.c for some time (since it causes things to break too often, given I don't maintain openssl). Does it serve a useful function security-wise? Thanks, Matthew -- "At least you know where you are with Microsoft." "True. I just wish I'd brought a paddle." http://www.debian.org

Hi, I have recently taken over as Debian maintainer for ssh. This means you're going to be getting lots of mail from me in the near future :-) I'm aiming to be a little more active than the last maintainer, but the Debian packages were really out of date, so I've quite a lot of work (and probably some old bugs) to deal with. Anyhow, onto the first question. ssh these days uses

Hi, Man page: -q Quiet mode. Causes all warning and diagnostic messages to be suppressed. Only fatal errors are displayed. But in log.h: typedef enum { SYSLOG_LEVEL_QUIET, SYSLOG_LEVEL_FATAL, so in log.c: void do_log(LogLevel level, const char *fmt, va_list args) { char msgbuf[MSGBUFSIZ]; char fmtbuf[MSGBUFSIZ]; char *txt = NULL; int pri = LOG_INFO; if (level

Hi, Patch from Adam McKenna (via Debian BTS) to improve how we document scp -r: --- scp.1.orig Thu Sep 27 21:28:12 2001 +++ scp.1 Thu Sep 27 21:29:22 2001 @@ -72,7 +72,9 @@ Preserves modification times, access times, and modes from the original file. .It Fl r -Recursively copy entire directories. +Recursively copy entire directories. A trailing slash (/) on a source file +name means

Hi, There seems to be a problem with the arc4random code on mips/mipsel, producing the following error message: Couldn't obtain random bytes (error 604389476) To quote the bug submitter: "On mips and mipsel, the above error message is frequently seen when calling ssh with a command, usually several times in rapid succession, although that is not always the case. The error appears to

Hi, quick patch to ssh-copy-id to make it set the file modes more correctly. Thanks, Matthew --- contrib/ssh-copy-id.orig Thu Sep 27 21:47:44 2001 +++ contrib/ssh-copy-id Thu Sep 27 21:47:52 2001 @@ -33,7 +33,7 @@ exit 1 fi -{ eval "$GET_ID" ; } | ssh $1 "test -d .ssh || mkdir .ssh ; cat >> .ssh/authori zed_keys ; chmod g-w . .ssh .ssh/authorized_keys" +{ eval

Hi, if I do the following: ssh -X localhost su - another_user xterm I get: X connection to ming:10.0 broken (explicit kill or server shutdown). Where what is really wanted was something like: Xlib: connection to ":0.0" refused by server Xlib: Client is not authorized to connect to Server xterm Xt error: Can't open display: :0.0 'tis easy to reproduce the bug, but the debug

Hi, I get the following, having built openssh 3.0.1p1 on a linux system - this is the result of trying to ssh to localhost. OpenSSH_3.0.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1:

Hi, R users, I'm trying to transform a matrix A into B (see below). Anyone knows how to do it in R? Thanks. Matrix A (zone to zone travel time) zone z1 z2 z3 z1 0 2.9 4.3 z2 2.9 0 2.5 z3 4.3 2.5 0 B: from to time z1 z1 0 z1 z2 2.9 z1 z3 4.3 z2 z1 2.9 z2 z2 0 z2 z3 2.5 z3 z1 4.3 z3 z2 2.5 z3 z3 0 The real matrix I have is much larger, with more than 2000 zones. But I think it should

Hi, Is it possible to produce box-and-whisker plots given that I have the median, interquartile and 5/95th centile values, but not the data from which they come? It seems that it ought to be possible to coerce bxp to do what I want, but I can't quite see how. Thanks, Matthew -- Matthew Vernon, Research Fellow Ecology and Epidemiology Group, University of Warwick

Attempting to setup a dual ISP on a gentoo box but I''m not sure how to configure the routing in the /etc/conf.d/net configuration file. Does shorewall do all the routing or do I set just the default route to the PRIMARY outbound ISP? Vernon ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net

Hi, Since we're doing protocol v2 by default, shouldn't ssh-add default to one of the v2 keys, rather than ~/.ssh/identity ? Matthew -- Rapun.sel - outermost outpost of the Pick Empire http://www.pick.ucam.org

Beyond any more general questions of whether pam sessions *should* be run as root, is there an immediate security concern with moving the pam_open_session (and pam_setcred) stuff to the parent (root) process? (E.g., via the patch below.) -- Mike Stone diff -u -r1.4 auth-pam.c --- auth-pam.c 25 Jun 2002 00:45:33 -0000 1.4 +++ auth-pam.c 25 Jun 2002 20:33:41 -0000 @@ -286,6 +286,8 @@

New to the group! Which version is considered stable for redhat 7.2. I have attempted to compile 2.5.2 but recieve numerous compile warning. Once installed, I receive the following error but just keying rsync {return}. Please see the rsync(1) and rsyncd.conf(5) man pages for full documentation See http://rsync.samba.org/ for updates, bug reports, and answers rsync error: syntax or usage error