Displaying 20 results from an estimated 500 matches similar to: "bug in readconf.c"
2003 Sep 17
5
openssh-3.7.1p1 segfaults
Hi,
the following problem occurs on Solaris 2.6. openssh-3.7p1 and openssh-3.7.1p1
both show the same behaviour.
openssh is configure with:
CC='gcc -L/usr/LOCAL/lib -I/usr/LOCAL/include' ./configure --prefix=/usr/LOCAL --sysconfdir=/etc/ssh --sbindir=/usr/local/sbin --libexecdir=/usr/local/libexec --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/LOCAL/ssl
2001 Jan 29
1
Solaris wtmpx patch
Hi,
Solaris (tested with 2.6) needs a username in the logout record in the wtmpx
file. Currently openssh (version 2.3.0p1) leaves the username (utmpx.ut_user)
empty in logout records, which leads to conflicting results from the last
command. Example:
# last -5 siegert
siegert pts/186 stikine.ucs.sfu. Mon Jan 15 14:26 still logged in
siegert pts/105 stikine.ucs.sfu. Mon Jan 15
2000 Jan 13
2
sshd doesn't set SSH_AUTH_RHOSTS as supported authentication
Okay...I've got it narrowed down, just don't know why this is happening...
In sshd.c, auth_mask is set to "supported authentication methods":
/* Declare supported authentication types. */
auth_mask = 0;
if (options.rhosts_authentication)
auth_mask |= 1 << SSH_AUTH_RHOSTS;
if (options.rhosts_rsa_authentication)
2000 Oct 30
2
RhostsAuthentication + nondefault port doesn't work?
Hello all,
It seems that RhostsAuthentication does not work on non-default port no
matter what when connecting from OpenSSH (2.1.1, 2.2.0 tried) either with
protocol 1 or protocol 2 (shouldn't work either..).
_However_ when connecting with SSH.COM Ltd's ssh, RhostsAuthentication
works just fine!
Checking the port number of ssh client you can see that OpenSSH doesn't
assign
2000 Aug 04
0
Combining RSA host authentication with another method
Precedence: bulk
Hi folks,
It seemed to me that it would be useful to be able to control access to
my server with the /etc/ssh_known_hosts file, using RSA authentication
of the remote host. But the protocol only allows RSA host authentication
in conjunction with rhosts, while I prefer RSA user authentication.
I've made a patch to the server which adds a new configuration option:
2000 Nov 14
1
[PATCH] Added option 'RetryDelay'
Being rather aggrevated when testing at the enforced 1 second
delay between each connection attempt and the useless 1 second delay
done after all connection attempts have failed I wrote a patch to make
the number of seconds delayed between each connection attempt
configurable.
Stephen
-------------- next part --------------
diff -u --recursive openssh-2.3.0p1/ChangeLog
2002 Jun 07
4
openssh for UWIN
I am enclosing a context diff of the changes that I made to get
openssh working on UWIN. UWIN is a UNIX operating system layer
that runs on Win32 systems. For more information on UWIN
go to http://www.research.att.com/sw/tools/uwin/.
I also ran configure using -with-cppflags=-D_BSDCOMP=2. I don't
know where that information would go with the source code.
Let me know if you need more
2002 Oct 30
2
Rhosts Authentication broken in 3.4.p1???
Has ANYONE been able to verify that Rhosts authentication works with
3.4.p1? Does it work with other SSHv2 implementations? Anybody tried
it on a RedHat 7.3 system?
Also, I'm curious about this code I found in sshd.c:
/*
* Check that the connection comes from a privileged port.
* Rhosts-Authentication only makes sense from priviledged
* programs. Of course, if
2001 Sep 28
3
OpenSSH (portable) and entropy gathering
On Thu, 27 Sep 2001 20:41:05 EDT, Damien Miller writes:
> On Thu, 27 Sep 2001, Dan Astoorian wrote:
>
> >
> > It would (IMHO) be useful if there were a way to optionally configure
> > that code to fall back to the internal entropy gathering routines in the
> > event that EGD was not available; as it is, the routines simply fail if
> > EGD is unavailable at the
2001 Dec 27
2
sftp-server and chroot
Hi,
It's a shame that the sshd/sftp-server programs do not support chroot and
sftp-only users. As far as I can tell, there's a patch availble that
modifies OpenSSH to chroot() based on a specific entry in /etc/passwd.
Since, I personally, do not enjoy applying unofficial patches to released
programs, I was looking for an alternative but found none.
I've written a small sample
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
In the current implementation, ssh always uses the hostname supplied by
the user directly for the SSHFP DNS record lookup. This causes problems
when using the domain search path, e.g. I have "search example.com" in my
resolv.conf and then do a "ssh host", I will connect to host.example.com,
but ssh will query the DNS for an SSHFP record of "host.", not
2001 Oct 24
1
Config file semantics change intentional?
In 2.3.0, the per-user config file was read before the system-wide
config file, so options set in ~/.ssh/config took precedence over
system-wide defaults. In 2.9.9, the system-wide file seems to be read
first, contrary to the man page (cf. ssh.c ll. 631-632).
It seems to me that the old behaviour made more sense. (I discovered
the change because I could not override a "ForwardX11"
2016 Oct 17
20
[Bug 2625] New: Support Capabilities for ssh client port forwarding
https://bugzilla.mindrot.org/show_bug.cgi?id=2625
Bug ID: 2625
Summary: Support Capabilities for ssh client port forwarding
Product: Portable OpenSSH
Version: 7.3p1
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs
2013 Oct 07
4
Feature request: FQDN Host match
Hello!
I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :)
Anyway, my question relates to ssh_config. The problem I find is that
the Host pattern is only applied to the argument given on the command
line, as outlined in the man page:
"The host is the hostname argument given on the command line (i.e. the
name is not converted to a canonicalized host name
2002 Oct 11
2
[Bug 413] New: Port forwarding: [localhost:]localport:remotehost:remoteport
http://bugzilla.mindrot.org/show_bug.cgi?id=413
Summary: Port forwarding:
[localhost:]localport:remotehost:remoteport
Product: Portable OpenSSH
Version: older versions
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo:
2002 Jun 11
4
ssh setuid changes.
Ok, I'm doing a heads up here.
I just applied:
- markus at cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
A few comments about
2001 Oct 26
2
Patch to add "warn" value to ForwardX11 and ForwardAgent
Because ForwardX11 and ForwardAgent are so useful but introduce risk when
used to a not well-secured server, I added a "warn" value to the ForwardX11
and ForwardAgent options which causes the ssh client to print a big warning
whenever the forwarding is actually used. I plan to make "ForwardX11=warn"
the default in my ssh_config distribution.
I'm not proposing that this
2002 Dec 10
1
Problem with Openssh3.5
Hello
I have compiled Openssh3.5 on Solaris 2.6
It works well on 2.6, 2.7 and solaris 8 but on solaris 8 it try to log in /var/adm/wtmp file and it dose not exist.
What can I do to fix this.
Read something about "build sol" insted of "configure"....but where do i find information about this command (build sol).
Mail me on: daniel.d.olsson at telia.se
Thanks
2001 Oct 31
4
Open SSL connection to HTTPS?
Hi All,
I just tried to test my web server with telnet. The only problem
was that my web server refuses non-encrypted connections (duh!).
I know that SSL and SSH are *entirely* different, but ssh is
the only commonly-available encryption-enabled command-line tool
around. It would be greate to have an SSL-emulation mode in
OpenSSH....
Just wishful thinking,
Ciaran
--
2002 Jan 26
5
[PATCH] Connect timeout
The attached patch adds a new 'ConnectTimeout' option (man page updated
in patch) to avoid wasting time when the target host is down. I needed that
because I was using rsync/rdist over ssh for massive files update and the
default connect() took too long for my purpose.
The patch was tested on Linux only, but I used a similar one for ssh 1.2.XX
on Linux, Solaris and HP-UX without