similar to: [Bug 80] Host key conflict with two servers on one IP

http://bugzilla.mindrot.org/show_bug.cgi?id=393 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From markus at openbsd.org 2002-09-11

I have had a brief discussion with Damien Miller (below) about storing host port values in the known_hosts file so as to track multiple ssh sessions (with independant keys) that run on a single host but accept connections on different ports. If it were possible to state that a given key for a remote host belonged to that host's ssh session on port 23 and that another key belonged to that

On 2/17/16 6:02 PM, Darren Tucker wrote: > On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote: > [...] >> Is there a sane way to run just one test script? LTESTS can't be overridden >> AFAIK... > > make t-exec LTESTS=testname > > where testname is the name of the specific test script without the .sh > extension. Nope, that runs

http://bugzilla.mindrot.org/show_bug.cgi?id=80 ------- Additional Comments From eric-ossh at brouhaha.com 2002-08-22 04:57 ------- This "HostKeyAlias" business seems like a flimsy excuse for not implmeenting a feature that users want. In this age of ubiquitous firewalls and NAT, it is NOT reasonable to assume that two ports on the same IP address refer to the same host, or to the

On 2/17/16 3:02 PM, Carson Gaspar wrote: > > Sadly I'm hitting a different autoconf bug :-( I was being an idiot - configure was bombing out & I didn't notice (boy that openssl version error message is loooooong...) With Mr. Wilson's patch, I still get: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox"

Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the

Bug: all .out files get rebuilt every make. This is silly, and breaks make install if root cannot write to your build dir. Fix: add dependancy check sop .out files only get rebuilt if the source file changes FixBug: if any source file gets changed, all .out files get rebuilt. This is because man pages and config files both get .out extensions but get created differently. It's

channels.h from today's CVS has MS-DOS ^M end-of-line chars. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body

I'm sending this to both Simon and openssh-unix-dev because although the problem I'm having actually occurs in Simon's patch, it could be resolved with a change in the main code. We are using openssh-3.4p1 plus Simon's GSSAPI patch to support Kerberos V5 ticket forwarding over ssh protocol 2. We are using OpenAFS for user home directory space, and LDAP for user information,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all, bear with me, I know the SUBJECT sounds pretty unclear. I'll clarify in a minute. And please excuse that due to the keywords being unclear no usable help was found on google & Co... Assume there is a workstation, which connects to multiple machines, one of which is considered potentially unsafe. So, it would be nice to have agent

When I looked at `man pam_unix`, I did not see any obvious options that would cause ssh to authenticate without prompting for a password at all, short of setting an empty password which is similar to PermitEmptyPasswords option. However, I am not very familiar with the internals of PAM, so pointers to documentation would be greatly appreciated. Also, I think adding a single line to sshd_config

see pam_permit(8) On Thu, Jun 27, 2024 at 10:37?AM Henry Qin <hq6 at cs.stanford.edu> wrote: > > When I looked at `man pam_unix`, I did not see any obvious options that > would > cause ssh to authenticate without prompting for a password at all, short of > setting an empty password which is similar to PermitEmptyPasswords option. > > However, I am not very familiar

On Thu, Oct 30, 2008 at 11:05 PM, Richard Elling <Richard.Elling at sun.com> wrote: > Philip Brown wrote: >> I''ve recently started down the road of production use for zfs, and am hitting my head on some paradigm shifts. I''d like to clarify whether my understanding is correct, and/or whether there are better ways of doing things. >> I have one question for

On 6/26/2024 9:34 PM, Henry Qin wrote: > Hi folks, > > I've recently started to work on a patch for openssh that introduces a new > option to disable authentication. > I'd like to explain why I think this might be generally useful, and solicit > opinions on whether such a patch would be acceptable to the maintainers as > a pull request. Why not just use a different

Thanks for the pointer! I played around with PamServiceName set to 'sshd_disable_auth' and got it working with the minimum contents below in the file /etc/pam.d/sshd_disable_auth. auth required pam_permit.so account required pam_permit.so session required pam_permit.so Thus, this does indeed enable disabling authentication. Unfortunately, as far as I can tell, only root can create files

Hi! I am use SuSe 7.2 x86 and openssh-2.9p1-7.rpm I got a problem using bitkeeper on my laptop where bitkeeper reported an I/O error while reading data from 'ssh'. After much debugging, and some help from the bitkeeper people, I found out that that clientloop.c doesn't handle interrupts gracefully. (It died when it got an EAGAIN error when writing to the application) After applying

https://bugzilla.samba.org/show_bug.cgi?id=11588 Bug ID: 11588 Summary: missing option: preallocate for all files except for sparse Product: rsync Version: 3.1.2 Hardware: x64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: core

https://bugzilla.samba.org/show_bug.cgi?id=13463 Bug ID: 13463 Summary: Please consider using the IP_FREEBIND socket option Product: rsync Version: 3.1.3 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: core Assignee: wayned at samba.org

i'm not a maintainer, but my personal opinion is that it's probably easier to prepare a container with this pam configuration On Thu, Jun 27, 2024 at 2:26?PM Henry Qin <hq6 at cs.stanford.edu> wrote: > > Thanks for the pointer! > I played around with PamServiceName set to 'sshd_disable_auth' and got it working with the minimum contents below in the file

fyi http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/TODO