similar to: privsep

Hi, The 20130110 snapshot fails to build against OpenSSL 0.9.8 and 1.0.0 with the following error: gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/tmp/foo/etc\" -D_PATH_SSH_PROGRAM=\"/tmp/foo/bin/ssh\"

I have been trying to compile OpenSSH_4.7p1 for OS/390 and got really stuck. IBM released a build of v3.8.1p1 several years ago, but I do not know whether anyone else has ever managed to compile it for OS/390 or OS/z. The first problem is that the build apparently performs ssh transport exchange using EBCDIC character encoding instead of ASCII (which breaks RFC 4253) and I am not sure how to do

I've done a decent size update of the OpenSSH portable from the upstream tree. There is an AES upgrade that needs to take place, but I need people to test and tell me what endedness changes need to be applied (if any). Attached is the patch. It is geared towards the latter snapshots..Unsure how it will patch (if at all) against 2.9pX series. Thanks. - Ben "This is dark day in

Hoping that this is not OT.. Hi I want to write a simple perl script to see if my system supports des or md5 as the password encryption scheme..what is the easiest way.. one of course is to look at the /etc/shadow file and then parsing the passwd field, any better way..?? Thx, Arni

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Security Changes: ================= - fixed buffer overflow

Dear all, I have an R script that uses Rcpp, and I have been trying to parallelize it using mclapply (I tried with the multicore and the parallel library) Sometimes (not always, interestingly), the CPU use for each core drops, usually so that the total over all cores reaches 100%, i.e., as fast as if using just one single core fully. I tried my code directly from within emacs, and also using a

nuqneH, I've tried using TIS authsrv authentication via bsd auth and found it quite limited. The most important restriction it does not log ip and fqdn of the remote peer, nor the application name, to the authentication server. It does not matter much for TIS authsrv, but since other applications do provide such information, our authsrv version uses it for extra authentication restrictions.

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

I need to solve a system of non-linear fourth-order differential equations. Is there a command which solves this system? Thanks in advance.

I wrote a small app that monitors a Back-UPS ES500 UPS via the uhid0 interface. I want to run the daemon with as little privs as possible. gastest# ls -l /dev/uhid0 crw-rw---- 1 root operator 122, 0 Nov 12 05:26 /dev/uhid0 gastest# Is it safe to chmod o+r /dev/uhid0 ? Or is there a better way to drop privs of the daemon yet still be able to read from the device ? All I am doing is

Hello, I was trying to build a chrooted sftp account when I faced a problem. The chroot is done with the patch present in the contrib subdirectory in the portable version (I'm under linux slackware current). My problem is that verifying access rights on directories and files are too tight and then I couldn't have the following things : The user sftp, with primary group sftp, is chrooted

Hallo Everyone, Please answer to: http://lists.samba.org/pipermail/samba/2002-November/084692.html Thanks a lot in advance, Gianluigi Di Vaio

Hi All. While wandering in auth-pam.c I noticed that there's a few Portable-specific escapees from the xmalloc(foo * bar) cleanup. There's also a "probably can't happen" integer overflow in ssh-rand-helper.c with the memset: num_cmds = 64; - entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t)); + entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));

server is running openssh 4.6p1 on linux x86 (32bit) client is running openssh 4.6p1 on linux x86_64 (64bit) Just connecting from the client to the server and running "top" long enough results in: Disconnecting: Bad packet length 3690378913. This seems like a 32/64 bit problem to me. -- Andreas Steinmetz SPAMmers use robotrap at domdv.de

Either this never made it to the list or no one cares about Tru64. This is the last time I'll send this patch to the list. If no one steps up and finishes it or provides me with enough information to fix any remaining bugs (one being complaint that 'ssh site cmd' does not work right). If there is no activity on this for a week. I'll post it to bugzilla and will ignore any

This patch adds all the missing commonly used UNIX attributes: st_dev, st_ino, st_nlink, st_rdev, st_blocks, st_blksize, st_ctime. In addition it extends st_atime and st_mtime to 64bits, and adds nanosecond resolution to all three timestamps. This is implemented as an extension to the ATTR message. This patch alone is sufficient for SSHFS to be able to use these attributes. The following two

This (very quick) patch allows you to connect with the commercial ssh.com windows client and use x509 certs for hostkeys. You have to import your CA cert (ca.crt) in the windows client and certify your hostkey: $ cat << 'EOF' > x509v3.cnf CERTPATHLEN = 1 CERTUSAGE = digitalSignature,keyCertSign CERTIP = 0.0.0.0 [x509v3_CA]

If one is using the pidfile as an indicator of sshd's status, it is possible to kill sshd before the sigterm handler gets installed, since the pidfile is written out before the signal handlers are setup. The solution is to simply write the pidfile after the signal handlers are setup. Here's the patch. Rob --- sshd.c.orig Fri Jun 22 11:16:41 2001 +++ sshd.c Fri Jun 22 11:18:32 2001 @@

>>>>> <seifried@seifried.org> writes: > I was looking around for a book specifically on Linux security a week or > two ago, and couldn''t find any. I wanted something Linux specific as > opposed to say O''Reilly''s yellow safe book. There are actually Linux-specific details in Practical; I put some of them there. They are not, however,

I'm not on the mailing list, so I'd appreciate it if you could cc: me, though I will keep an eye on the archives. I am running openssh 2.2.0p1 on Debian GNU/Linux. I was pleased to see that 2.2.0p1 had support for DSA keys in the agent, and I have successfully used the v2 protocol to another openssh server with the agent providing authentication. I am also able to successfully connect