similar to: strange dir in snapshot

I remember a discussion to the effect that using DSA keys in sshd increases the requirement for random bits available on the system... and that this requirement (was it a 128 bit random number per connection?) presents security problems on systems that don't have a decent source of entropy? Am I misinterpreting those discussions? We are having a problem deploying sshd (no prngd) where sshd

Over the holidays, I intend to finally rid portable OpenSSH of the builtin entropy collection code. Here's what I intend to do: When init_rng is called, we'll check OpenSSL's RAND_status(). If this indicates that their PRNG is already seeded, we'll do nothing. This effectively detects platforms which have /dev/urandom (or similar) configured into OpenSSL. If OpenSSL isn't

Hello - I am trying to use scp (openssh_3.0), but every time I run it, I get the following error: stty: Not a typewriter When I run it with -v , it shows that authentication (pub key) succeeds, but it fails to read the file. If anybody has a clue as to what's going on here, any help will be appreciated. Thanks. Tariq tariq.lahyani at aa.com

If for some reason (directory missing or permissions bad), it is not possible to cd into either the scards or openbsd-compat direcotries, the make will enter an infinite loop. Correct this by changing the make idiom (cd directory; $(MAKE)) to the idiom (cd directory && $(MAKE)) so that a failure to cd into directory will generate an error for make. The following patch is against the

All, I'm attempting to generate a patch for 3.0.2p1. This patch will modify the configure script (and another file); I would like to do it via the configure.ac file. However, when I run 'autoconf ./configure.ac > ./configure.new', I get an unuseable ./configure.new script; both with and without my patch applied (including from a freshly unpacked tarball). Here is the error:

Hi, I work on openssh-2.9p2 installed on LynxOS i386 system. sshd, ssh, scp and sftp-server all work fine. The problem is sftp client, in interactive mode, exits after authentication printing the sftp prompt. sftp client works fine in non-interactive mode. i.e., lynxos>sftp hari at linuxsystem:test works fine But, lynxos>sftp hari at linuxsystem ... sftp> lynxos> Any help, as to why

Hi, OpenSSH 2.9p2 behaves differently with 'PermitRootLogin without-password' than does SSH 2.2.27 with 'PermitRootLogin nopwd': nopython.imorgan 153> ssh root at sun523 root at sun523's password: ROOT LOGIN REFUSED FROM nopython.nas.nasa.gov nopython.imorgan 154> ssh root at sun566 root at sun566's password: Permission denied. In the case of OpenSSH, you simply

It appears that "fixpaths" has "/usr/bin/perl" hard-coded in. This causes make to fail immediately after running configure. Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key

Hi, I've compiled openssh 3.0p1 (portable) on an openbsd 2.6 machine, compile goes fine however the sshd deamon will not start: > [usura at outpost]:/tmp/openssh-3.0p1 {28}$ ./sshd -p 3333 > bad addr or host: 0.0.0.0 (name or service is not known) > > [usura at outpost]:/tmp/openssh-3.0p1 {29}$ ./sshd -4 -p 3333 > bad addr or host: 0.0.0.0 (name or service is not known) >

In do_authloop() in auth1.c(), the Kerberos 4 and 5 code both allocate, then xfree() the client_user string. The call to do_pam_account() later in the function then tries to use this string, resulting in a corrupt remote user. Finally, before exiting, the function frees client_user again, resulting in a double free and much mess. Patch attached. Cheers, Simon. -- Simon Wilkinson

I'm developing a minimal embedded linux system that will be running on a powerpc chip. I can get everything to work but the size is quite large. The majority of my size requirements are in libcrypto.a which is around 1.52 Megs I tried to pare it down further by removing some crypto options [ Configure linux-ppc no-asm no-cast no-des no-dh no-md2 no-mdc2 no-rc2 no-rc4 no-rc5 shared ] This

Hi, There seems to be a problem with the arc4random code on mips/mipsel, producing the following error message: Couldn't obtain random bytes (error 604389476) To quote the bug submitter: "On mips and mipsel, the above error message is frequently seen when calling ssh with a command, usually several times in rapid succession, although that is not always the case. The error appears to

I'm currently upgrading a tool which is a parallelized rsh for a cluster and want to include ssh connection in it. But the ssh code is huge and, as I don't want to loose too much time reading ssh code, I'd like to know if there is in ssh a C-function like rcmd, that opens a ssh connection and give in return a socket descriptor. Thanks -- Wilfrid Billot Laboratoire ID Tel.: 04 76

1) Thank you to whoever makes these available. 2) I have a problem with the SRPMS, they will not --rebuild on a RedHat 6.2 system. Can anyone help me to get this to build here? [root openssh]# rpm --rebuild openssh-3.0.1p1-1.src.rpm Installing openssh-3.0.1p1-1.src.rpm line 74: Unknown tag: 0.9.5a Some Info: [root openssh]# rpm -qa | grep rpm rpm-python-3.0.5-9.6x rpm-build-3.0.5-9.6x

Running "ls" on a large directory (/usr/bin) locks the term when using protocol 2.0. A tilde works to escape the session. Client: OpenSSH_2.9p2 on NetBSD Server: OpenSSH_2.3.0 on FreeBSD Output of ssh -v <FreeBSD host>: OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will

Hi, all. I'm trying to compile OpenSSH-3.0.2p1 on a Linux libc5 system, and it fails when compiling packet.c with the following: gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I. -DETCDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/libexec/sftp-server\"

Hi All, I just tried to test my web server with telnet. The only problem was that my web server refuses non-encrypted connections (duh!). I know that SSL and SSH are *entirely* different, but ssh is the only commonly-available encryption-enabled command-line tool around. It would be greate to have an SSL-emulation mode in OpenSSH.... Just wishful thinking, Ciaran --

I've been doing so more tests with 2.9.9p2 on Sol8. Here are my finding so far: When a user needs to change his password and trys to run a command in non-interactive mode, it just succeeds without even trying to prompt the user for a new password. Damien submitted a fix - it works for me (is it going into CVS?). When a user needs to change his password and trys to login in interactive

The 2 errors: pam_setcred: error Permission denied Cannot delete credentials[7]: Permission denied Looks to be a major bug in the PAM module for Solaris-2.8/2.7/2.6. Has anyone from the list (developers of OpenSSH, endusers, hackers, etc.) came up w/ a solution? Even a temporary one? When authenticating yourself on the same system that worked, but when authenticating to another system failed. I

Hi, the following patch to contrib/cygwin/ssh-host-config creates /etc/ssh_config and /etc/sshd_config according to the current default config files. Could somebody please check it in? Corinna Index: contrib/cygwin/ssh-host-config =================================================================== RCS file: /cvs/openssh_cvs/contrib/cygwin/ssh-host-config,v retrieving revision 1.3 diff -u -p