similar to: connect() timeout patch.

Here is a patch to implement an exit delay in OpenSSH-3.0.2p1, proposed by John Hardin. This is his description of the feature: New option for OpenSSH: Delay before exit. Command line option: -S delay Config file option: sleep {delay} Purpose: Wait the specified number of seconds after last traffic before dropping the connection and exiting. If ports are forwarded, this causes the ssh client

The hang-on-exit bug still hasn't been fixed in OpenSSH-3.0p1... :-( Here again is the patch to fix this bug under Linux, updated for OpenSSH-3.0p1. This has been exhaustively tested for six months now. It also add an exit delay option that can be useful. The patch does not lead to data loss under Linux. Please see the Secure NFS page (SNFS) for further details:

As you are now probably aware, the portability team for openssh still has not fixed the hang-on-exit bug in the 2.9.9p2 release. Attached is a patch for 2.9.9p2 that fixes the hang-on-exit bug for Linux systems. It also adds a useful exit delay feature that has also not yet been incorporated into the main sources. For more information, see the SNFS (secure NFS) web page:

Hi List, I have a szenario where I need to reach a host on the internet from a "firewalled" network but there is a HTTPS-proxy runnnig. As some people know you can tunnel all TCP-connections through this proxy because it can't decide if someone is really doing SSL or just Telnet to port 443 (or use SSH in our case). So I've written a patch for ssh to make it send the CONNECT

The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,

The attached patch for 4.6p1 adds a feature (-u) that will check to see if a key exists on a remote host. I use this for auditing my users transition to v2 keys very useful. If there is any interest I'll provide a patch for v2 ssh keys also. http://vapid.dhs.org/dokuwiki/doku.php?id=vapidlabs:openssh_check_key_patch -- Thanks Larry --- orig/openssh-4.6p1/sshconnect1.c 2006-11-07

I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the

OpenSSH supports the -b bind_address argument for binding to a local IP address when connecting to a remote host. It's however currently not possible to specify a local port to bind to, something I've found useful at several occasions. Below is an unified diff that introduces the [-B bind_port] option to ssh(1) and a ssh_config(5) style option "BindPort bind_port". This allows

http://bugzilla.mindrot.org/show_bug.cgi?id=955 Summary: ssh -h " Displayed as illegal options " in SSH 3.9 Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org

Hi, i have written a patch for openSSH 5.8p2 which allows the user to set the local source port. The patch is as follows: diff -rupN openssh-5.8p2//readconf.c openssh-5.8p2-srcport//readconf.c --- openssh-5.8p2//readconf.c 2010-11-20 04:19:38.000000000 +0000 +++ openssh-5.8p2-srcport//readconf.c 2011-07-17 20:57:52.385044096 +0100 @@ -125,7 +125,7 @@ typedef enum { oGlobalKnownHostsFile2,

hi, all I do a hotplug detach a network in a thread, because virDomainDetachDeviceFlags maybe asynchronous, so I do like follow: cb_para->cluster_id = info->cluster_id; cb_para->group_id = info->group_id; cb_para->vsys_id = info->vsysid; cb_para->vnf_id = info->vnf_id; cb_para->conn = conn; cb_para->time_out = 20*1000;//20s

Scenario: I have access to a semi-public (about 30 users) server where I keep my webpage. Occasionally, especially if I'm on the road. I use this as a bounce point to get to "secured" systems which only allow ssh from certian IP's. (Ignoring the discussion on spoofing, since we have host keys) But host keys are the problem. If anyone gets root on this hypothetical

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,

Hello again! Since there was some resistance against adding TCP_NODELAY uncontionally, I've made another patch. The new patch contains the following: * Added a NoDelay yes/no (default no) config option to ssh and sshd * Added -oNoDelay=yes to the ssh command line for sftp. * Changed the sshd subsystem config option syntax from Subsystem name path to Subsystem name options path

Can anybody tell me how to pass a variable from the rake command to my steps file using cucumber? I have the following in my Rakefile: ## Rakefile Cucumber::Rake::Task.new do |t| profile = ENV[''PROFILE''] || ''default'' browser_type = ENV[''BROWSER''] || ''*chrome'' t.cucumber_opts = "--profile #{profile}" end I

Hello all. I have been working on adding some logging abilities to the ext3 filesystem. I am at the point now where I could use some pointers to source code documentation, functions, data structures generally an overview of the implementation. If such a beast exists I would love to be pointed at it. -- Larry Cashdollar

Hi, all: I have wrote a demo patch for Backend for Lucene format indexes, Lucene version is 3.6.2. http://lucene.apache.org/core/3_6_2/fileformats.html Now, this demo patch just support the basic features in Lucene. Compound File(.cfs/.cfe)?term vector(.tvx/.tvd/.tvf) delete document(.del) are not supported, skip list in .fdx is not supported too example/quest.cc is used to test this demo.

Hum guys, For this, i was comparing configuration from my old dbmail imap server, and i had it with time_out 30 seconds, and connection timeout 24 hours. No one will work more than 24 hours in a row.. (except for me, but i'm an idiot!) I'll set the same.. let's see the behavior. -----Original Message----- From: dovecot <dovecot-bounces at dovecot.org> On Behalf Of Jorge Bastos

I'm trying to replace some sshv1 clients and servers in a modular way, and the "Server Lies" warning (when the server says the key has one more bit than it really has) is causing heartache. Per the FAQ, this is relatively benign. Here's a patch that allows an admin or user to disable the warning. - Morty diff -Nur openssh-3.7.1p2/readconf.c