similar to: OpenSSH 3.4p1 AIX packages available

Hi All. If anyone wants them, SMIT installable .bff packages of 3.3p1+privsep for AIX 4.[23].x are available for download from the link below. The usual caveats apply (see page). Link: http://www.zip.com.au/~dtucker/openssh/ -- Darren Tucker (dtucker at zip.com.au) GPG Fingerprint D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the

Hello All, Since (a) I've offered them to people and (b) the previous source of AIX OpenSSH packages (freeware.bull.net) seems to be offline I've put my AIX bff (SMIT/installp installable) packages up for download. Packages for 3.1p1 and 3.2.2p1 are currently available. If you want AIX packages I recommend you build them yourself with contrib/aix/buildbff.sh, however if you can't

Hi All. AIX native installp/SMIT installable packages of openssh-3.5p1 are now available. There are 2 packages: openssh-3.5p1-1 which contains the PermitRootLogin patch and openssh-3.5p1-1x which also contains the (experimental) password expiration patch. I'm still interested in feedback on the password expiration patch, so if you choose to download the package with it, please let me know

Hi All. New AIX packages of OpenSSH 3.6.1p1 are available for download at [1]. There are two tarballs, one for the as-distributed code and one with the password expiration patch. Each tarball contains binaries for AIX 4.x and AIX 5.x. The usual caveats apply (see page). These packages have been more popular than I ever thought they'd be. They are about to clock up the one thousandth

Hello All, I've updated the AIX package builder (contrib/aix/buildbff.sh). The changes are below. Please review and commit if OK. First, a question: Does anyone want SRC (System Resource Controller) support in the packages? I don't use it but I've been sent an example of how do do it without modifying sshd itself. Onto the changes: * Supports PrivSep. Postinstall will create

Hi. This was added just before 3.4p1 for passing to aix_usrinfo and is now unused. -Daz. Index: session.c =================================================================== RCS file: /cvs/openssh/session.c,v retrieving revision 1.210 diff -u -r1.210 session.c --- session.c 4 Jul 2002 03:08:41 -0000 1.210 +++ session.c 15 Jul 2002 11:50:14 -0000 @@ -1159,8 +1159,6 @@ void

Hi, Please find the mail appended below. I need some help on SSH installation. The machine is running on AIX 4.3.2.0. It is a production machine and has some known vulnerable issues with current version of SSH installed. Current SSH version is openSSH_3.7p1 I need to know the highest version of SSH which can be installed on this machine. Please be so kind to send me this info. Regards,

[Note: CC to openssh-unix-dev added] "Ph. Marek" wrote: > I found you mail > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104970105603800&w=2 > where you claim that you've compiled openssh in AIX. That is correct, AIX 4.2.1, 4.3.3 and 5.1. > Not my situation is as follows: > openssh-3.6.1p1 > AIX 4.2 > gcc >

Hi all. The old (~3.6.x) PAM code used to send PAM messages to stderr, whereas the new generic loginmsg code sends them to stdout, and it sends an extra newline. I think stderr is probably right, but the extra \n should probably be removed either way. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with

Olli Savia wrote: > The attached patch is a port of the current CVS (2005-08-11) version > of OpenSSH portable to LynxOS. Could you consider adding it to the > future releases of OpenSSH? If the patch needs additional work, please > let me know. Looks mostly reasonable, some comments and questions below. > + AC_DEFINE(LYNXOS_BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf()

Is there a problem with the snapshots? The newest one on ftp.ca.openbsd.org is a week old. -Daz. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.

Does anyone actually use sshd on a system that doesn't have socketpair? It's used elsewhere so the don't-have path seems like it'd never be exercised these days. Index: monitor.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh/monitor.c,v retrieving revision 1.147 diff -u -p -r1.147 monitor.c --- monitor.c

Hi All. For a couple of weeks, the Portable snapshots have contained optional support for NetBSD's libedit in the sftp client, thanks to djm's work in OpenBSD. It's enabled with: ./configure --with-libedit. If enabled, sftp gains command history, recall and line editing (and probably other features too, I haven't looked into libedit's capabilities much). If not

I am just looking for a quick answer as to whether or not OpennSSH is compatible with Digital Unix Tru64 v 4.0F. Hing Fei Wong Systems Engineer Building 100, M1309 Valley Forge, PA Admin # 4-6242 -----Original Message----- From: Darren Tucker [mailto:dtucker at zip.com.au] Sent: Friday, June 23, 2006 3:53 AM To: Wong, Hing Fei Cc: www at openbsd.org Subject: Re: OpenSSH compatibility with

Hi All. As of now, openssh on AIX passes all regressions tests (and, yes, I just checked!), works with privsep, bugzilla has zero open AIX-specific bugs and IBM ship it essentially unmodified as a supported product. I think it's beyond "support underway" :-) -Daz. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69

Hi all. I was getting something working over socks5 and was trying to figure out why it kept using socks4. It wasn't, it was just a misleading debug message.... Patch applies to either OpenBSD or Portable. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience

Hi All. Right now, if OpenSSH is configure'ed --with-kerberos5 and the system has a krb5-config that's not in /usr/local/bin then configure won't find it. The attached patch changes this so krb5-config will be used if it's anywhere in the path (although if it exists in the directory specified by --with-kerberos5= then the user-supplied path will take precedence). You will

Hi All. The attached patch speeds up the dynamic forwarding regression test: * moves starting the test sshd to the outer loop. * kills the sleep of when it's no longer required. -Daz. $ time PATH="`pwd`:$PATH" sh ../regress/test-exec.sh `pwd` \ ../regress/dynamic-forward.orig.sh ok dynamic forwarding real 0m54.585s user 0m5.760s sys 0m0.370s $ time

"DiNisco, Jeff" wrote: > I read in the change log that you fixed a bug that denies access to > accounts with locked passwords. My environment is dependent on public > key authentication. The account used does not have a person associated > with it but rather a service. I want to keep the password locked. Is > there a way to turn this fix off? What platform are we

Hi All. While working on something I noticed core dumps from sshd. They don't seem to be related to what I was working on. It's from the process forked to run the shell. Just after the fork, fatal_remove_all_cleanups() is called, which looks like: fatal_remove_all_cleanups(void) { struct fatal_cleanup *cu, *next_cu; for (cu = fatal_cleanups; cu; cu = next_cu) {