similar to: patch to ssh.c for KerberosTgtPassing and readability patches for config files and manpages

Hello all, If you don't compile in Kerberos, AFS etc. support, the ssh/sshd man page still mentions them as valid options, and ssh/sshd complains loudly and refuses to run if you set options about them in ssh_config or sshd_config. I'm not sure if this is the intended (or good?) behaviour. Should it be better to modify the man pages when ./configuring too? Like, adding a small sentence

Dear OpenSSH developers, Hello, I strongly support this suggestion ie. adding the sentence "This option has been disabled at compile time" as appropriate. It would be even more helpful if you said how to enable it (krb) at compile time. Remember, this is the only documentation available. I spent some time wondering about this before searching the archives. Ok, while we are on the

From: Keith Baker <ssh at par.dhs.org> To: openssh-unix-dev at mindrot.org Subject: Password Login Failing... I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything seems to be working (not quite smooth sailing - I had to resort to precompiled RPM for OpenSSL). I did however get it "working." I generated a host key as root and then changed back to joe-user. I

I'm using a OpenSSH 3.0.2p1 with the krb5 patch from <http://www.sxw.org.uk/computing/patches/openssh.html>. I'm getting KRB5CCNAME set to "" even though <http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98269278629018&w=2> mentions fixing it. This causes things like kinit to fail with a somewhat uninformative error message. The relevant sshd_config lines

Appologise if this did make it to the list but I just subscribed and didn't see it come back... I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything seems to be working (not quite smooth sailing - I had to resort to precompiled RPM for OpenSSL). I did however get it "working." I generated a host key as root and then changed back to joe-user. I created a key for

With a little help, I managed to get ssh to compile. (original post 05.02.02) Now, I can login using an account that is local to the target machine but logins with AFS accounts fail. The details: IRIX 6.5.15 ssh 3.1.p1 gcc 3.0.1 ssl-0.9.6c zlib-1.1.4. I am configuring with: env CC=gcc CFLAGS=-g LDFLAGS=-Wl,-rpath,/usr/local/krb4/lib,-rpath,/usr/local/ssl/lib ./configure

I have setup an OpenSSH_3.5p1 ssh/sftp server on my SunOS 4.1.4 box. I can ssh to it just fine. The problem is SFTP from certain clients. I can SFTP to it using my OpenSSH_3.5p1 sftp client. I can SFTP to it from MacSFTP from MacSSH.org, version 1.0.5. However, I have several clients that cannot connect. I have had them try CuteFTP Pro v2, v3, WS_FTP Pro v7.62, PuTTy pSFTP. None are able to

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

Help! I am trying to get debug output working with sftp-server, and can''t seem to find the appropriate information to get it working. Yes, I have recompiled sftp-server to include defining DEBUG_SFTP_SERVER. I found that myself in the code before finding it in several postings as the common answer to others having this problem. In addition, I have set up the sshd_config file

http://bugzilla.mindrot.org/show_bug.cgi?id=289 Summary: mmap error when trying to use 3.3p1 with privsep Product: Portable OpenSSH Version: 3.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

=== not on the list, please cc === Greetings. I've STFW, and I've realy not seen any reference to this. Recently I changed from loglevel info to loglevel debug. After I did that, I started getting a PLETHERA of odd logs. I changed back to LogLevel INFO, but I do stil get these messages, which kinda worry me: Jul 11 10:10:13 cabal sshd[26003]: debug: tvp!=NULL kid 0 mili 10 Jul 11

I'm finding another problem with OpenSSH 2.5.1p1 on RH 6.2 (at least, I think it's the linux box that is the problem). I'm ssh'ing to a RH 6.2 box from a Solaris 7 server (scp also... seems like the same problem). I'm using authorized_keys and identity.pub files to do it automagically, and all works well when it's from user to user, where the username is the same, but if

https://bugzilla.mindrot.org/show_bug.cgi?id=3223 Bug ID: 3223 Summary: Issues in openssh manpages Product: Portable OpenSSH Version: 8.4p1 Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.org

Hi, the following patch changes the Cygwin specific function copy_environment() to not restricting the strlen of a single environment variable to 512 byte. The PAM specific function do_pam_environment() (also in session.c) has the same problem but I don't know if that's important for PAM since only PAM specific environment variables are copied in that function. The below patch fixes

dear sir, i encountered something very odd with openssh. when i try to connect to my sshd daemon, i get repeated password errors. this happens on all connections to my server. outbound connections to other ssh sites work with no problem. the remote site can connect to itself, but not to my site. i captured the output of the sshd -d -d -d -e -D command to provide you with some trace data. i

Hi all, I just implemented (compiled from tarball) Openssh-2.3.0p1 on two different platform: an HP-UX 11.00 (the client) and a Redhat 6.2 (the server). On server (Linux RH-6.2) side the following compile options are considered: # CC="egcs" \ > ./configure \ > --prefix=/opt/openssh \ > --sysconfdir=/etc/opt/openssh \ > --with-tcp-wrappers \ > --with-ipv4-default \ >

I've been beating myself senseless trying to build OpenSsh 3.0.1 on Solaris 2.5.1 and get AFS login working. The symptoms of the problem are: sshd builds (used --with-afs and -with-kerberos4 - there is no PAM on this box), accepts connections from non-AFS users, but does not accept a connection from an AFS user; the user sees "permission denied" after entering the password. The

this is the proposed gssapi diff against OpenSSH-current (non-portable). note: if this goes in, the old krb5 auth (ssh.com compatible) will be removed. please comment. jakob Index: auth.h =================================================================== RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -u -r1.1.1.2 -r1.3 --- auth.h

I'm trying to build the --with-fake-kaserver option in 3.0.4 on RHEL 3.0. I'm using the srpms provided on the samba.org site (http://us3.samba.org/samba/ftp/bin-pkgs/RedHat/SRPMS/samba-3.0.4 -1.src.rpm). My OpenAFS version is 1.2.11, rpms (openafs-1.2.11 and openafs-devel-1.2.11) provided from openafs.org. It compiles fine if I omit the --with-fake-kaserver configure option.

Hi All. Attached is a patch which adds AIX native password expiry support to sshd. It will only apply to -current and is a subset of the patch I have been working on in the last few months (see bug #14 [1]). It contains code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported by many others (see [2] for a full list). It adds a do_tty_change_password function that execs