similar to: -q option doesn't do what it says in the man page?

The attached modification to log-server.c add a "tag" to all the syslog output. The tag is a composite of the internal verbose level names used in sshd and the external syslogd names. The form of the tag is as follows. ssh_internal_name(syslog_priority) This might be instructive for a learning sysadmin trying to setup syslog for sshd logging. (I have posted earlier about

Feature request: - Please add a new LogLevel corresponding to the LOG_NOTICE syslog level. - Then modify OpenSSH to log to LOG_NOTICE only these events: - login failures - login successes Specifically, please: - add a new element to the LogLevel enum, say, 'SYSLOG_LEVEL_NOTICE', between 'SYSLOG_LEVEL_INFO' and 'SYSLOG_LEVEL_ERROR', in log.h -

Hi, This diff (for portable) makes the chrooted preauth privsep process log via the monitor using a shared socketpair. It removes the need for /dev/log inside /var/empty and makes mandatory sandboxing of the privsep child easier down the road (no more socket() syscall required). Please test. -d Index: log.c =================================================================== RCS file:

Here's a unified diff, proposed by Christos Zoulas (with a little reworking to get the configure.in part a bit cleaner). The main target of the patches are NetBSD compatability, although there are some changes making if (pointer X) into if (X != NULL) as well. Christos also proposed a change to Makefile.in, but I'll send that as a seperate mail. Thanks, David Index: configure.in

Hello folks, Is it possible to extend log message as large as PATH_MAX? Current length of message format including file path is small against linux PATH_MAX, 4096. diff --git a/log.c b/log.c index ad12930..95df4a9 100644 --- a/log.c +++ b/log.c @@ -359,7 +359,7 @@ log_redirect_stderr_to(const char *logfile) log_stderr_fd = fd; } -#define MSGBUFSIZ 1024 +#define MSGBUFSIZ 5192 void

https://bugzilla.mindrot.org/show_bug.cgi?id=2688 Bug ID: 2688 Summary: Long log messages to stderr missing newlines Product: Portable OpenSSH Version: 7.4p1 Hardware: All OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at

From: Christian Hesse <mail at eworm.de> Signed-off-by: Christian Hesse <mail at eworm.de> --- log.c | 2 +- sshkey.c | 77 +++++++++++++++++++++++++++++++++++++++++++++++----------------- 2 files changed, 58 insertions(+), 21 deletions(-) diff --git a/log.c b/log.c index 32e1d2e..90c1232 100644 --- a/log.c +++ b/log.c @@ -444,7 +444,7 @@ do_log(LogLevel level, const char *fmt,

Hi, I think I found a minor bug in OpenSSH's log functionality: If a log message which is larger than MSGBUFSIZE=1024 and logged to stderr, then the newline (\r\n) is not printed. This is due to the fact that the newline is added after the log message concatenated with "\r\n" is snprintf'd to another buffer of the same size. If the source buffer (fmtbuf) would already fill the

From: Christian Hesse <mail at eworm.de> Logging to stderr results in line endings being terminated with carriage return (\r) and new line (\n). While this is fine for terminals it may have undesired effects when running from crond and logging to syslog or similar. I run ssh from cron on an recent linux host. Viewing logs with journalctl I see: Sep 06 16:50:01 linux CROND[152575]: [96B

subject: ssh non-intuitive logging setting (priority names). I installed openssh 2.3.0p1 on Solaris 7 for x86 box and sshd worked fine. However, somehow the logging of connection and disconnection to sshd was not recorded as I wished. Time to investigate. On a host where sshd from data-fellows once ran, the log was recorded with auth.info level. After trying to modify sshd_config, I found that

this patch adds a LogFile option to sshd_config. it just logs messages directly to a file instead of stderr or syslog. the largest change is an additional argument to log_init() in log.c for the log file name (and then changes to the rest of the tools to add a NULL arg). galt -------------- next part -------------- diff -urN openssh-3.5p1-orig/log.c openssh-3.5p1/log.c ---

http://bugzilla.mindrot.org/show_bug.cgi?id=1221 Summary: Banner only suppressed at log level = QUIET (used to be at log level < INFO) Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo:

Hi all. What's the feeling about adding a new configure-time option to generate a core dump on when fatal() is called? It might help debug certain types of problems, but runs the risk of sensitive information being left in the core dump. Obviously, it should default to "no". Anyone like the idea? Anyone hate it? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 /

https://bugzilla.mindrot.org/show_bug.cgi?id=3666 Bug ID: 3666 Summary: sshd crash Product: Portable OpenSSH Version: 8.2p1 Hardware: Other OS: Linux Status: NEW Severity: critical Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter:

===== Ladies/Gents, "ssh-keyscan.c" can't be linked statically against "libssh.a". You end up with `fatal()' being doubly defined. The patch below deletes the new "ssh-keyscan.c:fatal()" function and and restores the "ssh-keyscan.c:fatal_callback()" function with modifi- cations. The problem that both attempt to alleviate is the setting of the

https://bugzilla.mindrot.org/show_bug.cgi?id=1427 Summary: scp -q behavior different than documented Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P3 Component: scp AssignedTo: bitbucket at mindrot.org

Le 06/07/15 12:33, Alex Bligh a ?crit : > On 6 Jul 2015, at 11:05, Christian Hesse <list at eworm.de> wrote: > >> +#ifdef HAVE_LOCALE_H >> + char *locale; >> + char *border_utf8[] = { "?", "?", "?", "?", "?", "?" }; >> +#endif >> + char *border_ascii[] = { "+", "-",

Hi, A bug I've had reported is that scp doesn't work with large files (Debian bug number 106809). The problem seems to be scp.c:504: if ((fd = open(name, O_RDONLY, 0)) < 0) Is there some reason why making that if ((fd = open(name, O_RDONLY|O_LARGEFILE, 0)) < 0) would break things? It seems a simple fix to me... Thanks, Matthew -- "At least you know where you are

Hi, It seems from the source code that there are a couple of quirks with this option: firstly, in the code it's mis-spelt as "challenge_reponse_authentication" and secondly, the default for the client (in readconf.c) seems to be off, whereas for the server (servconf.c) seems to be on: readconf.c: if (options->challenge_reponse_authentication == -1) readconf.c:

Hi, protocolkeepalives sends ssh_msg_ignore, which the ssh2 server handles incorrectly (i.e. it produces some output to syslog, instead of ignoring the packet): Jul 9 11:58:07 ren sshd[16580]: error: Hm, dispatch protocol error: type 32 plen 4 This patch implements a highly advanced function to ignore these packets ;) Matthew -------------- next part -------------- An embedded and