similar to: getnameinfo(), PrivSep, FreeBSD 4.1.1

subscribe openssh-unix-dev at mindrot.org > Send openssh-unix-dev mailing list submissions to > openssh-unix-dev at mindrot.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev > or, via email, send a message with subject or body 'help' to > openssh-unix-dev-request at mindrot.org >

http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=382 Summary: Privilege Separation breaks HostbasedAuthentication Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at

http://bugzilla.mindrot.org/show_bug.cgi?id=376 Summary: HostbasedAuthentication, followed snailbook but not working! :-( Product: Portable OpenSSH Version: -current Platform: UltraSparc URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-

Hi, I am still working on getting hostbased authentication working in OpenSSH 3.5p1. I emailed the user list, and got no response. It seems so simple, yet I have continued to have problems getting it working properly. I've read posts about it on this list, and the openssh-unix-dev list, and nothing I have tried seems to work. My question is this, does it matter which key, either

hello, i did some debugging today, here is the weird portion form sshd -d -d -d debug1: userauth-request for user jholland service ssh-connection method hostbased debug1: attempt 1 failures 1 debug2: input_userauth_request: try method hostbased debug1: userauth_hostbased: cuser jholland chost i2-0. pkalg ssh-dss slen 55 debug3: mm_key_allowed entering debug3: mm_request_send entering: type 20

Hi, I've seen a few patches related to the PrivSep works. As far as I can see, it seems to work by using a shared memory segment to communicate. I just want to point out that there are some unix systems that do not have mmap() (SCO, older SVR3 systems) or that might have problems with anonymous shared mmap() (don't have an examples, but e.g. the INN docs are full of warnings concerning

http://bugzilla.mindrot.org/show_bug.cgi?id=342 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From stevesk at pobox.com 2002-07-18

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hello *, sorry if i missed an article which already solves my problem. I need a working configuration of OpenSSH for Solaris 7 (SunOS 5.7) with AFS support. PAM support to use the AFS PAm module `pam_afs.so' and TCP-Wrapper support would be nice. It would be nice to have similar configurations for Solaris 6 (SunOS 5.6), Solaris 8 (SunOS 5.8) and Solaris 2.5.1. I have tested a few

Hi Gert, Thanks for your reply. But we can't upgrade to 7.2 version also we don't have plan to upgrade in near future. Can I fix these vulnerabilities in the current version? Regards Abhishek On Tue, Mar 8, 2016 at 6:42 PM, Gert Doering <gert at greenie.muc.de> wrote: > Hi, > > On Tue, Mar 08, 2016 at 06:14:01PM +0530, abhi dhiman wrote: > > Actually I am working

Hi, just "cvs update"'d to get the latest portable version, to start rebuilding our AIX systems to get zlib-1.1.4 and the channel-bug fix. SSH protocol 2 seems to work nicely, ssh protocol 1 doesn't work properly. Environment: AIX 4.3.3, openssl 0.9.6c, openssh as of today (Mar 12, 11:20 GMT). Client/blowfish, to openssh 3.0p1 or to 2.5.1p1: debug1: Encryption type: blowfish

(yet-unknown) server key, but just checking all possible locations, not finding the key, and giving up. I have seen a similar effect on a system that had a /dev/tty entry that was not world-writeable (thus the ssh client couldn't open it to ask for a confirmation). The effect will also happen if you have "StrictHostKeyChecking yes" in ssh_config - set that to "ask",

Hi, experimenting with openssh_cvs on my SCO Unix 3.2v4.2 machine, I had sshd core dumping on me. Tracking this, I found that if a host key is specified in the sshd_config that does not exist (I used "./sshd -d -d -d -f sshd_config" with the shipped sshd_config file, to work around incompatibilities with the installed sshd.com's sshd_config, and I do not have ssh2 host keys on

Hi, the openssh_cvs Makefile includes the following rules: $(LIBSSH_OBJS): config.h $(LIBOPENBSD_COMPAT_OBJS): config.h but no equivalent for $(LIBSSHD_OBJS) - is this desired or an oversigt? In my case, I built the sshd, tested it, reconfigured with SKEY support, rebuilt (just running "make", no "make clean"), and tracked down the non-working s/key for a while before I

Hi, trying "current CVS" on AIX 4.3.3, yields: gcc -O2 -Wall -I/usr/local/include -I/gnulocal/include -I/gnu/include -I. -I./openbsd-compat -I. -DETCDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/gnu/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/gnu/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/gnu/libexec/sftp-server\" -DHAVE_CONFIG_H -c auth.c auth.c: In

Hi, something that I'd like to see for the next major release is "build OpenSSH without installing zlib and openssl". That is, I have a source tree with the following subdirectories: .../src/zlib-1.1.3/ /openssl-0.9.6/ /openssh_cvs/ and want "configure", run from openssh_cvs, to be able to find the zlib and openssl trees in the directory

Hi, On Wed, Mar 07, 2001 at 10:05:07AM +1100, Damien Miller wrote: > > now to patching openssh to actually *use* prngd/socket... :-) > Was done last week - use the "--with-prngd-port=XXX" configure option. OpenSSH + PRNGD + SCO3 seem to work nicely. Thanks! One other thing: I'm not fully convinced that current OpenSSH does everything right regarding utmp/wtmp on SCO3

Hi, I'm not sure if what I'm thinking of is doable with current OpenSSH's, and if yes, how. I want to force our users to use S/Key-Authentication, but only if they do not come from "known hosts". "known hosts" could be hosts that are listed via IP address ("network 192.168.0.0/24") or hosts that are listed in ssh_known_hosts - this doesn't really

Hi, openssh_cvs as of today, SCO Open Server 3.0, socklen_t this typedef doesn't exist on SCO OSR 3, and "configure" properly detects this, leading to /* #undef HAVE_SOCKLEN_T */ in config.h. Problem: I can't find any place where this is actually being used? I'd expect something like #ifndef HAVE_SOCKLEN_T typdef int socklen_t; #endif ("int" is what the

Hi, is anybody out there still using RhostsAuthentication? Can we please remove it? I just stumbled over a few sshd_config's set up by colleagues who didn't bother to understand what they are doing, and since .shosts didn't work anymore after upgrading to OpenSSH 3, they just enabled RhostsAuth and voila, back to "working"... Yes, there is a big warning in the