similar to: [PATCH] tcp-wrappers support extended to x11 forwards

Displaying 20 results from an estimated 500 matches similar to: "[PATCH] tcp-wrappers support extended to x11 forwards"

2001 Jun 05
1
OpenSSH tmp cleanup
Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2001 Dec 05
1
DISPLAY=localhost
hi, this can be applied to the latest portable CVS. by default bind sshd fake display to localhost. [stevesk at jenny stevesk]$ uname -sr HP-UX B.11.11 [stevesk at jenny stevesk]$ echo $DISPLAY localhost:14.0 [stevesk at jenny stevesk]$ netstat -an|grep 6014 tcp 0 0 127.0.0.1.6014 *.* LISTEN this is currently controlled with sshd_config gatewayports;
2009 Feb 05
2
Coding help : Where to log X11 forwards?
OpenSSH 5.1p1 I can't grasp why, when connecting with 'ssh -Y' to this test host, I am not tickling the verbose() call below that I have added. I am logging as auth + verbose in sshd_config The X11 forward for the session works fine as tested with xterm. At any rate, I am looking for some guidance on where to log X11 forwards that are established, ideally with a username and remote
2001 Feb 21
3
X11 display issues
Hi, This also has been discussed in SSHSCI's SSH context. All SSH versions (both SSHSCI and OpenSSH) derive value for DISPLAY variable from `uname -n`. The problem is that the returned value is not necessarily resolvable to a valid IP number which in turn might cause a failure. To make it fool-proof I suggest to set DISPLAY to the interface's address the user has reached the system in
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in
2002 Feb 04
0
[Bug 101] New: session.c modifications for correct UNICOS behavior
http://bugzilla.mindrot.org/show_bug.cgi?id=101 Summary: session.c modifications for correct UNICOS behavior Product: Portable OpenSSH Version: 3.0.2p1 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org
1999 Dec 10
5
openssh on AIX v4.3.3 with native compiler
Hello, Was looking in the archives... and haven't seen this one listed. When I compile openssh-1.2pre17 on AIX v4.3.3 with the native compiler I get the following errors. I haven't see this __attribute__ code.. What compiler/libraries are needed to compile this? I have seen that people have compiled openssh on AIX.. Just wondering what you have used. # make cc -g
2000 Oct 27
0
Segfault in 2.2.0p1 due to connect() changes in Linux 2.4
Hello, I upgraded (?) one of my machines to Linux kernel 2.4.0-test9, and sshd started failing. Specifically, the sshd child processes would segfault if a user requested X11 forwarding. I tracked the problem down to these bits of code: channels.c, x11_create_display_inet, line 1738: sock = socket(ai->ai_family, SOCK_STREAM, 0); if (sock < 0) { if (errno != EINVAL) {
2001 Oct 23
1
Compilation error on Solaris Workshop 6 (+patch)
Hi! At compilation of the openssh-2.9.9p2 with Solaris WorkShop 6.01 the following compilation error was given out. /opt/SUNWspro/bin/cc -Xa -xF -xCC -xildoff -xarch=v9 -xchip=ultra -dalign -I/usr/include/v9 -D_REENTRANT -xO2 -I. -I. -I/usr/local/include -DETCDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
2023 Nov 09
1
2.8.1 build buglet: sockdebug.c
Jim Klimov <jimklimov+nut at gmail.com> writes: > By the way, on the NUT CI farm the libwrap is present on some (though not > all) systems - covering linux, freebsd, openindiana... and neither > complained about `sockdebug` :\ > > What version do you have? Maybe it is some alternate implementation? Looks like 7.4, as amended in NetBSD over the years. Looks like the
2010 Feb 25
2
dovecot-2.0.beta3 tcpwrapper support in Solaris
Hi, 2.0 compiles fine in Solaris but and I've found only one glitch so far. Tcpwapper support needs some tweaks. I need to add CPPFLAGS=/usr/sfw/include because tcpd.h is in there. Then also LDFLAGS='-R/usr/sfw/lib -L/usr/sfw/lib' is needed. It would be nice to have --with-tcpwrap-dir or something. After this linking gives an error Undefined first referenced symbol in file
2023 Nov 09
1
2.8.1 build buglet: sockdebug.c
By the way, on the NUT CI farm the libwrap is present on some (though not all) systems - covering linux, freebsd, openindiana... and neither complained about `sockdebug` :\ What version do you have? Maybe it is some alternate implementation? Jim On Thu, Nov 9, 2023 at 3:44?PM Greg Troxel <gdt at lexort.com> wrote: > I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). > >
2001 Mar 20
1
Tru64 UNIX SIA in 2.5.2p1 is hosed
Something really hosed Digital/Tru64 UNIX SIA support in 2.5.2p1. I haven't been able to figure out what changed in the code, but the symptom seems to be that the TTY name being registered with SIA is truncated to eight characters. This apparently prevents it from matching with entries in the tty database, and the dreaded "Cannot obtain database information on this terminal
2001 May 08
0
make install fails if configured --with-tcp-wrappers
Hello, I tried building OpenSSH-2.9p1 on AIX 4.3.3(ML6) with gcc. I included the --with-tcp-wrappers flag in configure. Configure went just fine, make went just fine, but 'make install' failed with the following error: exec(): 0509-036 Cannot load program ./ssh-keygen because of the following errors: 0509-130 Symbol resolution failed for /usr/local/lib/libwrap.a(libwrap.so)
2012 Feb 04
8
Potential memory leak in sshd [detected by melton]
Hi all, After the memory leaks (bug 1967 <https://bugzilla.mindrot.org/show_bug.cgi?id=1967>) I reported in bugzilla are fixed, I also applied melton(http://lcs.ios.ac.cn/~xuzb/melton.html) to detect the potential bugs in sshd (openssh-5.9p1). The url below is the index of bug reports that are checked as real bugs manually.
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port
2023 Nov 09
2
2.8.1 build buglet: sockdebug.c
I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). (FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order. >From a packaging viewpoint, the effort to update for a release is about 3 minutes plus time to adapt anythhing that has changed. So I'd much rather have releases more often.) In the pkgsrc build, nut finds tcp wrappers because they are part of the base system.
2023 Nov 09
1
2.8.1 build buglet: sockdebug.c
Thanks, I think it would not hurt to add the variables into the source if that helps? A bit puzzled why it wants TCP wrappers though, the program is primarily about the Unix socket access. It can be used by end-users or more likely by developers for troubleshooting; potentially for some automations that act like a NUT driver. Not intended as a prime-time mechanism, but could have its uses... As
2001 Nov 20
3
problem with AFS token forwarding
Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the
2001 Jul 23
1
forwarded message from mouring@etoh.eviladmin.org
On Mon, Jul 23, 2001 at 12:49:14AM +0100, Matthew Vernon wrote: > ------- start of forwarded message ------- > From: <mouring at etoh.eviladmin.org> > To: Matthew Vernon <matthew at empire.ucam.org> > cc: <openssh-unix-dev at mindrot.org> > Subject: Re: [patch] GNU/Hurd compatibility patches > Date: Sun, 22 Jul 2001 12:39:32 -0500 (CDT) > > > We