Displaying 20 results from an estimated 40000 matches similar to: "[Bug 364] New: resolution for bug 302 doesn`t appear to work"
2002 Jul 19
0
[Bug 364] resolution for bug 302 doesn`t appear to work
http://bugzilla.mindrot.org/show_bug.cgi?id=364
mouring at eviladmin.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From mouring at eviladmin.org
2006 Jan 08
3
Allow --without-privsep build.
I've been trying to cut down the size of openssh so I can run it on my
Nokia 770. One thing which helps a fair amount (and will help even more
when I get '-ffunction-sections -fdata-sections --gc-sections' working)
is to have the option of compiling out privilege separation...
Is it worth me tidying this up and trying to make it apply properly to
the OpenBSD version? Does the openbsd
2002 Apr 18
3
privsep no user fatal message
Hello,
I updated the latest snapshot as RPM's to two of my systems. Basic stuff
seems to be working ok.
Privilege separation failed though, possibly because I didn't populate
/var/empty with PAM entries. Privsep might be a bit raw in any case, at
least for the portable.
FWIW, I came across error message 'sshd: no user' and had to scratch my
head a bit to figure out what it
2002 Jul 15
10
Patch: Solaris packages don't create privsep user or group
Hi.
Solaris packages created by buildpkg.sh don't create privsep user or
group and sshd won't start until they are created (or privsep is
disabled):
## Executing postinstall script.
starting /usr/local/sbin/sshd... Privilege separation user sshd does not
exist
/etc/init.d/opensshd: Error 255 starting /usr/local/sbin/sshd...
bailing.
The attached patch (against -cvs) ports the relevant
2014 Mar 31
1
SSH_PRIVSEP_USER configurable at runtime?
Hi,
Right now, the unprivileged account for privilege separation is only
configurable at compile time (SSH_PRIVSEP_USER). I'd like to ask if it
would be acceptable to have the account runtime configurable by adding
something like
PrivilegeSeparationAccount foo
to sshd_config.
The reason I'm asking is this. I'm working on a long overdue change to
Cygwin which is supposed to get
2002 Jul 19
0
[Bug 364] on ssh 3.4 - Privilee separation user /"sshd." does not exist
Dear ssh group,
I am having the same problem as reported by mkoopman at cac.com
on July 19th on various SUN platforms which I manage. I would
appreciate notification of when the bug is fixed or any work-around.
Until then I am running 3.4 without the "UsePrivilegeSeparation".
Thanks for any help.
2017 Mar 27
2
Is support being removed for ordinary users to run sshd?
Hello Darren,
Could you comment on this issue being raised by myself and
Corinna Vinschen?
This will create big problems for me.
I'm not clear if this is a conscious decision supported by solid
reasons or if it is just collateral damage.
Thank you for all you work!
Jack DoDDs
-------- Original Message --------
Date: Mon, 27 Mar 2017 16:31:03 +0200
Subject: Re: Announce: OpenSSH 7.5
2002 Jun 26
5
[PATCH] improved chroot handling
There are a couple of niggles with the sandboxing of the unprivileged
child in the privsep code: the empty directory causes namespace pollution,
and it requires care to ensure that it is set up properly and remains set
up properly. The patch below (against the portable OpenSSH, although the
patch against the OpenBSD version is very similar) replaces the fixed
empty directory with one that is
2002 Jun 26
1
[Bug 302] New: make install reports that separation user does not exist...
http://bugzilla.mindrot.org/show_bug.cgi?id=302
Summary: make install reports that separation user does not
exist...
Product: Portable OpenSSH
Version: -current
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo:
2011 Jun 22
3
sandbox pre-auth privsep child
Hi,
This patch (relative to -HEAD) defines an API to allow sandboxing of the
pre-auth privsep child and a couple of sandbox implementations.
The idea here is to heavily restrict what the network-face pre-auth
process can do. This was the original intent behind dropping to a
dedicated uid and chrooting to an empty directory, but even this still
allows a compromised slave process to make new
2002 Jun 24
4
README.privsep
Hi,
This is included in the release now; any feedback?
Privilege separation, or privsep, is method in OpenSSH by which
operations that require root privilege are performed by a separate
privileged monitor process. Its purpose is to prevent privilege
escalation by containing corruption to an unprivileged process.
More information is available at:
2017 Mar 20
12
Announce: OpenSSH 7.5 released
OpenSSH 7.5 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support. OpenSSH also includes
transitional support for the legacy SSH 1.3 and 1.5 protocols
that may be enabled at compile-time.
Once again, we would like to thank the OpenSSH community
2014 Feb 10
0
[PATCH] Basic SCTP support for OpenSSH client and server
This patch allows the OpenSSH client to make connections over SCTP,
and allows the OpenSSH server to listen for connections over SCTP.
SCTP is a robust transport-layer protocol which supports, amongst other things,
the changing of endpoint IPs without breaking the connection.
To connect via SCTP, pass -H or set "ConnectViaSCTP yes".
To listen via SCTP as well as TCP, set
2002 Jul 18
0
[Bug 302] make install reports that separation user does not exist...
http://bugzilla.mindrot.org/show_bug.cgi?id=302
stevesk at pobox.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From stevesk at pobox.com 2002-07-18 15:04
2006 Feb 27
0
when partial render is wider than the main part, scroll doesn''t appear on the browser!!!
Hi,
in my rhtml, I have two parts, the main part and a
partial, the main part has a width almost the same,
but
the partial is much longer and width. when it happens.
the vertical scroll appear correctly on the browser,
but the horizontal scroll doesn''t appear on the
browser, it appears instead on the partial render
part, so I have to scoll down until the end of the
partial, that use the
2006 Feb 27
1
Help!!! horizontal scroll doesn''t appear on the browser!!!
Hi,
in my rhtml, I have two parts, the main part and a
partial, the main part has a width almost the same,
but
the partial is much longer and width. when it happens.
the vertical scroll appear correctly on the browser,
but the horizontal scroll doesn''t appear on the
browser, it appears instead on the partial render
part, so I have to scoll down until the end of the
partial, that use the
2007 Sep 17
3
[Bug 1364] New: default for ChallengeResponseAuthentication doesn' t match sshd_config
http://bugzilla.mindrot.org/show_bug.cgi?id=1364
Summary: default for ChallengeResponseAuthentication doesn't
match sshd_config
Product: Portable OpenSSH
Version: 4.7p1
Platform: Other
OS/Version: Other
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2008 May 01
2
openssh-5.0p1: sftp transfer logging doesn't appear to work with chroot environment
Hi all,
I am running Debian Etch. I've compiled openssh-5.0p1 with pam
support. I'd like to use a chrooted sftp environment for my users and
also log their sftp file transfers. Currently file transfer logging
stops working when I implement a jail. Logging from within the chroot
seems like a useful feature. I hope it makes it in sooner rather than
later.
Here's the contents of my
2003 Oct 08
4
OS/390 openssh
Hello Steve, Hello OpenSSH-portable developers,
I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe
operating system, and I noticed you do the same for OS/390.
Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2
or some such), I thought it was fair enough to help with a little
co-operation; we might come up with a unified EBCDIC patch which could
be contributed to
2002 Jul 03
1
[PATCH]: Change Cygwin contrib files to better support PrivSep
Hi,
the following patch patches the files in contrib/cygwin. The changes
are necessary to allow a better support of privilege separation.
On NT machines the script asks now if it should create a user called
"sshd" and all that. Additionally it creates the /etc/ssh_config
and /etc/sshd_config files follows the latest versions.
Would you mind to apply this to the official OpenSSH