similar to: Logging of passwords in plaintext in syslog

Hi, since I switched from SSH 1 to OpenSSH 2.9p2/2.9.9p2/3.0p1 Snapshot I suffer from awfully slow connection performance. Once the connection is established, performance is perfectly ok. Client Server (protocol 2 only) # time ssh -p 22222 xx id # time sshd -d -p 22222 real 0m13.340s real 0m13.900s user 0m7.860s

To allow easier targeting of users of old protocols I would find it useful for the syslog "Accepted" messages to be more uniform. 1. Include the string "ssh1" for ssh1 connections as is done for ssh2 connections. 2. Change the "publickey" message for ssh2 connections to specify which publickey, "dsa" or "rsa". This is already the case for

Hello, Firstly thankyou for developing openssh - it is a great tool. Secondly I'm not subscribed to this list - sorry! It would be helpful to log the key comment to syslog when logging in using private key authentication. At the moment I get. Nov xx xx:xx:xx hostname sshd[pid]: Accepted publickey for root from xxx.xxx.xxx.xxx port xxxxx ssh2 If this could be changed to log the key comment

The hang-on-exit bug still hasn't been fixed in OpenSSH-3.0p1... :-( Here again is the patch to fix this bug under Linux, updated for OpenSSH-3.0p1. This has been exhaustively tested for six months now. It also add an exit delay option that can be useful. The patch does not lead to data loss under Linux. Please see the Secure NFS page (SNFS) for further details:

Hi, I just ran into an interesting problem with 3.0p1 on FreeBSD 4.0 and IPv6/v4 mapped addresses. If I do "ssh -v machine", where "machine" has an IPv4 address in the DNS, everything works fine (machine is "hilbert.space.net"): debug1: Connecting to hilbert [194.59.182.6] port 22. ... Warning: This may be due to an old implementation of ssh. debug1: Received

The System: RedHat 7.0 OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f Client: PuTTY The Problem: I've installed the newest version of OpenSSH on RedHat 7.0 and can get most things to work, except when I want to use Public Keys with version 2.0. If I use straight password authentication, I can get PuTTY to connect using either SSH 1 or SSH 2. If I RSA authentication for SSH1, it

Hi All, I've turned on logging in the sshd_config file and it now logs all commands, which is great. The trouble is, the source IP address in the log is always the same, regardless of where I log in from. e.g. In syslog, "May 19 10:58:11 n1 audit: [ID 702911 audit.notice] execve(2) ok session 3800170877 by emob as root:root from 1.2.3.4 obj /usr/bin/less" IP address 1.2.3.4

I just upgraded my Windows SSH client from the 2.1.x version (whatever it was) to 2.2.0 and am now experiencing difficulties connecting to my OpenSSH-2.1.1p1 Linux servers. I'm not as up-to-speed as I should be on the inner workings of the handshakes that go on, but from the debug logs and from trying different connection methods, it seems to be isolated to using publickeys. This

Hai.   Config. Debian Stretch, samba 4.7.7. member server AD backend. Network setup like in the howtos here. : https://github.com/thctlo/samba4/tree/master/howtos      Today i discovered that somehow a disabled user was able to login after a few retries.   I run a SSH/SFTP server for data exchange with the customer of the company here.   The SSH/SFTP server is restricted by groups, this

Hello. Recently I discovered some kind of exploit of openssh used against me. For configuration info, I am using Mandrake 8.2 with the openssh package openssh-3.1p1-1mdk. Fortunately, I was at least somewhat security-aware, and have an AllowUsers parameter in my sshd config file. I Used to allow only public key logins, but ditched that when I found myself needing access from multiple places. I

I've got a Solaris 8 and 9 box using LDAP to successfully authenticate users. I can get logged in via ssh using keyboard interactive (via PAM/LDAP). When I try to use pubkey authentication, both the pubkey as well as the fallback to keyboard interactive always fail. I've tried openssh versions as early as 3.4 and as new as the 11-06 snapshot with the same behavior. Everything works

Hi all, I am running Debian Etch. I've compiled openssh-5.0p1 with pam support. I'd like to use a chrooted sftp environment for my users and also log their sftp file transfers. Currently file transfer logging stops working when I implement a jail. Logging from within the chroot seems like a useful feature. I hope it makes it in sooner rather than later. Here's the contents of my

Hi List I'm currently in the process of migrating my dovecot imap/pop users to a new server and have to extract their passwords in order to import them into the new system (different password encryption schemes). I've tried enabling auth_* debug parameters in my dovecot.conf in the hope that this would result in logging plaintext passwords to the dovecot log. However dovecot does not log

Hi, I am having problems using pam_winbind to log in as a user in a trusted domain. The arrangement is that Samba is joined to a local domain DOMLOCAL which has a trust setup with DOMREMOTE. getent passwd/group correctly enumerates users and groups from DOMLOCAL. If I try getent passwd for the DOMREMOTE account no result is returned. pam_winbind has a requirement that the user is a member of

I have just uploaded a new snapshot to: http://www.mindrot.org/misc/openssh/openssh-SNAP-20001114.tar.gz This snapshot includes Markus Friedl's new SSH2 RSA authentication work and -R portforwarding for SSH2. Please give these a good test. The new RSA authentications works similar to the current SSH2 DSA keys, but requires a little modification to config files. Currently RSA key cannot be

Hello! I recently discoverd a problem with ssh.com's ssh-agent2 and OpenSSH: If I have more than one key in my agent, then the agent tries to authenticicate me with every one of them at the OpenSSH server; but none of them is a valid key for that server. The Problem is that the Server increments the authctxt->attempt at every of that tries. So even if you want to login with a password at

Hi, I admin a box that has Subversion users authenticate with public keys to a restricted 'svnuser' account. The comment field of all the keys describe who they belong to (it has their usernames), but unfortunately, sshd does not log this when a user successfully authenticates: Jun 21 08:18:22 localhost sshd[23636]: Accepted publickey for svnuser from x.x.x.x port 2065 ssh2 Jun

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=383 Summary: PublicKeyAuthentication failure when rlogin set to false Product: Portable OpenSSH Version: -current Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at

Hello there! I have made a patch against OpenSSH 3.0.2p1 which allows the fingerprint of the accepted key to be printed in the log message. It works with SSH1-RSA and SSH2 pubkey (DSA+RSA) authentication. This feature is controllable by the LogKeyFingerprint config option (turned off by default). Michal Kara -------------- next part -------------- diff -u5

Hi folks, while chasing down a logging-related situation, I happened to notice that when I connect via ssh to my system it makes the following logs: Nov 15 14:15:39 saturn sshd[29868]: Accepted password for dave from ::ffff:10.0.10.14 port 2833 ssh2 Nov 15 09:15:39 saturn sshd[29867]: Accepted password for dave from ::ffff:10.0.10.14 port 2833 ssh2 Nov 15 09:15:39 saturn sshd(pam_unix)[29869]: