similar to: Portability patch for regression tests

[Note: CC to openssh-unix-dev added] "Ph. Marek" wrote: > I found you mail > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104970105603800&w=2 > where you claim that you've compiled openssh in AIX. That is correct, AIX 4.2.1, 4.3.3 and 5.1. > Not my situation is as follows: > openssh-3.6.1p1 > AIX 4.2 > gcc >

Hi All. With one eye on the do_pam_chauthtok() stuff I've merged contributions by Pablo Sor and Mark Pitt into a patch against -current. I'm interested in testers and suggestions for improvements. The patch extends the loginrestrictions test to include expired accounts (but unlike Mark's patch, doesn't log accounts with expired passwords unless they're locked) and adds

Hi all. As most of you know, we are preparing OpenSSH 4.4p1 for release. We have had one round of testing and I would like to thank all who responded. We believe that most of the problems reported have been resolved. If you are so inclined, we would appreciate a quick retest to ensure that the fixed ones remain fixed and the working ones remain working. Of the problems identitified, I am only

Hi Roumen, I discovered that the need of appending the .pub part of id_rsa(client key+cert) on the server can be eliminated by adding the Certificate Blob to authorized_keys which could look something like this: x509v3-sign-rsa subject= /C=FR/ST=PARIS/L=DESEl/O=SSL/OU=VLSI/CN=10.244.82.83/emailAddress=client at company.com This is extracted from the client certificate using openssl as

Hi all, Does anyone know if it exists a patch for OpenSSH for Windows to allow authentication through certificates? Is it possible to make one if it doesn't exists? Using OpenSSH for Windows 3.8p1-1 20040709 Build. I know there is Roumen Petrov patch, but is for unix machines if i'm not mistaken. I need a similar one for Windows that work with the Roumen Petrov patch so i can have

If I remove all the export and change all the ' in ", it does work on SCO 3.2v5.0.4 |--------+-----------------------------> | | Roumen Petrov | | | <Roumen.Petrov at skal| | | asoft.com> | | | | | | 21/12/00 13:10 | | | |

Hello All. As promised, here is what I needed to do to get the regression tests to work on AIX & HPUX. It goes into a bit of detail in the hope that others might be able to get them running on their platforms. I've run these mods on AIX 4.3.3, HP-UX 11.00, Solaris 8, Redhat 7.3 and OpenBSD 3.0. The problems I encountered: * prereqs (pmake, md5sum) * bad directory owner/mode causing auth

Tru64 patch will not make it into 3.5 (this is final) due to lack of willing people to test. I have given the Tru64/osf1 community almost a month to test it. And *ONE* person came forward to give me verification. And don't give me shit about "I don't have time." The person who tested it was LEAVING his employer with Tru64. He found time. IT IS YOUR GAWD DAMN PLATFORM. IF

Thanks Roumen. I have few more questions below: 1. What version of OpenSSH can the patch be applied to? What branch should I check out the patch? 2. >Impact is not only for source code. Build process has to be updated as well. Red Hat is based on "fipscheck". What build process should be changed? What is fipscheck? 3. My understanding any application (such as OpenSSH) which need

Hi All. After one false start, I now have a Tinderbox up and running for the OpenSSH portable tree. For those not familiar with it, Tinderbox is a tool for automatically displaying the status of builds and tests. At the moment, I do 1 update and 4 builds hourly. It's not fully functional yet but the basics work. It can be found at http://dodgynet.dyndns.org/tinderbox/OpenSSH_Portable/ (I

Hi all. The OpenSSH Portable anoncvs service has found a temporary home (mine :-). It's on a DSL link so please be nice to it. It may move in future so please use the "anoncvs.mindrot.org" alias. $ cvs -z5 -d anoncvs at anoncvs.mindrot.org:/cvs co openssh_cvs The key fingerprints are: RSA 8e:09:e9:fb:dc:af:e4:a5:e6:a0:e2:28:59:63:84:17 DSA

Darren or anyone, can anyone point me to what and where I can download the necessary src's and dependencies to make ssh work on HP-UX 11.0 PARISC 1.0. I've been trying to work with: openssh-4.4p1 openssh-4.5p1 openssl-0.9.7e openssl-0.9.8e Jerry Moore CSC, Principal UNIX Systems Administrator BAE Systems Electronics & Integrated Solutions 3131 Story Road West, Irving, Texas 75038

Hi All. Markus has commited the long-awaited GSSAPI patch to OpenBSD's ssh. There are patches. The first [1] is a straightforward port of the OpenBSD code to Portable. The second [2] contains the parts I've stolen from Simon Wilkinson's portable GSSAPI patch in an attempt to make it build. It is incomplete and doesn't currently work. The PAM support is not there and

Thanks Roumen. >Lets assume that application use OpenSSL FIPS validated module. FIPS mode is activated in openssl command if environment variable OPENSSL_FIPS is set. Similarly I use OPENSSL_FIPS environment variable to activate FIPS mode. Code will call FIPS_mode_set(1) if crypto module is not FIPS mode. Did you mean the FIPS patched OpenSSH server and client (such as ssh-keygen) always

Hi All. I'm looking for some help to merge an outstanding Kerberos credential cache change from OpenBSD into Portable. I don't know enough about Kerberos to figure out how that change should be applied for the non-Heimdal(?) code path. The outstanding diff is attached. Any volunteers? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4

Hi All. Recently a change was merged from OpenBSD's sshd into Portable that implements a KerberosGetAFSToken option (patchset attached). This change causes compile errors with both MIT Kerberos and Heimdal (errors when compiled with MIT Kerberos below). I've figured out that the functions called in the new code are in Heimdal's libkafs, so adding -lkafs to the start for the

http://bugzilla.mindrot.org/show_bug.cgi?id=1155 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Comment #5 from dtucker at zip.com.au 2006-09-25 18:24 ------- For the record, I believe all of the outstanding

Hi all. As most folks on this list will know, OpenSSH 4.3p1 had some problems with login recording under some configurations. This has been resolved in the current tree and we are looking at rolling a 4.3p2 release to address them. For the most part the changes are fixes only; the ChangeLog since 4.3p1 is below in its entirety. There's one other change that is currently still not decided,

We're trying to build OpenSSH 3.0.2p1 for Solaris 8 (among others) and are running into a problem with UseLogin and utmpx. If we set "UseLogin no" then we can login okay. finger or who won't find us, even with a TTY allocated altough "who /etc/wtmpx" will find us. But the real problem is if we set "UseLogin true" which we must do for BSM support on some

I [1]reported a problem on 5-April-2005 about a problem with the 4.0p1 version and remote port forwarding to SSH 2.4.0 servers. I provided a patch for the problem but [2]was told that no more patches were being considered until 4.1 was released and that I should attach my patch to a new Bugzilla bug. This [3]I did. Is there any chance it will be included in the next release? 1.