Displaying 20 results from an estimated 1000 matches similar to: "patch for openssh3.5p1 - adds logging option"
2002 Mar 26
1
Two patches for OpenSSH 3.1p1
Please find enclosed two patches for OpenSSH 3.1p1.
The first patch solves a problem where sessions will be left "hanging"
when you normally exit from a ssh shell (for example by logging out from
the remote host via "exit" or "logout"). The problem seems to be that sshd
(and some other parts of OpenSSH) doesn't check the return code and errno
from waitpid() for
2001 Jan 04
2
Patch to allow openssh-2.2.0-p1 to be started from /etc/inittab
The following patch allows OpenSSH 2.2.0-p1 to be started (and managed)
from /etc/inittab (by "init") on systems which support that. This is
useful when you *really* want SSHD to always run since it will be
automatically restarted by "init" if it dies (and if "init" dies the
the systems dies :-).
I use a line (in /etc/inittab) like this on Solaris systems:
2007 Nov 11
1
ftp-server patch - restrict user to directory
Hi,
please find a patch against openssh-4.7p1
This patch:
1) Allows for an optional configuration file
2) Allows a user to be restricted to a directory and it's children.
Enjoy
--
Alain Williams
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information:
2007 Jun 18
0
[PATCH] sftp-server argument error handling
When you give sftp-server a bogus -l or -f parameter, it logs a useful
error message then blunders on to call log_init() with the bogus value.
log_init() then prints a less useful message to stderr and exits. The
following patch tidies this up by only printing the more useful error to
stderr and not blundering on afterwards.
--- sftp-server.c.orig Mon Jun 18 16:37:46 2007
+++ sftp-server.c Mon
2001 Apr 12
1
ssh's readconf.c debug() goes to /dev/null
Hi,
Related to:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c.diff?r1=1.100&r2=1.101
It'd appear that logging in readconf.c:
---
debug("Applying options for %.100s", arg);
debug("Reading configuration data %.200s", filename);
---
Goes to /dev/null.
This is caused by the fact, that in ssh.c there is:
---
/*
* Initialize
1999 Nov 20
1
openssh and DOS
It appears that openssh has inherited the dos attack that ssh is
susceptible to. This has been discussed on Bugtraq (see
http://securityportal.com/list-archive/bugtraq/1999/Sep/0124.html
for the thread). There does not appear to be an official for ssh.
Attached below is a simple, proof of concept, patch that adds a
MaxConnections to sshd_config that sets the maximum number of
simultaneous
2024 Apr 25
1
[PATCH] Enable ssh_config to set LogPath option (-E)
ssh client has the ability to set the destination of debug logs via the `-E` flag. ssh_config lacks an equivalent keyword to set the same option via configs.
This patch follows the same semantics of other `*Path` type keywords and creates a new ssh_config keyword `LogPath`.
[0] Bugzilla: https://bugzilla.mindrot.org/show_bug.cgi?id=3683
[1] GitHub PR:
2001 Jun 20
1
SFTP Logging Redux.
Sorry to repost, but I finally have the code on a machine that has
diff -u, and I've updated it for 2.9p2. Attached is the unified
diff to add logging of SFTP activity to auth.info.
If there is a more proper way to contrib patches, please let me
know.
Cheers,
Jason
# "Jason A. Dour" <jason at dour.org> http://dour.org/
# Founder / Executive Producer - PJ
2007 Sep 12
0
PATCH: fix incorrect checking of syslog facility in sftp-server
hi, there is a typo like error in sftp-server.c - obviously
"log_facility" should be used in the comparison for '-f' option, not
"log_level". That way the error can't be ever printed because log_level is
always not equal to -1 there. However, using incorrect facility will trigger
"Unrecognized internal syslog level code ..." in log_init() later though
2003 Aug 16
0
sftp-server (secure) chroot patch, comment fix
Accidently removed XXX comment. New patch below.
Regards
Magnus
--- openssh-3.6.1p2/sftp-server.c.org 2003-08-11 22:07:47.098650000 +0200
+++ openssh-3.6.1p2/sftp-server.c 2003-08-16 19:07:14.273582000 +0200
@@ -24,15 +24,24 @@
#include "includes.h"
RCSID("$OpenBSD: sftp-server.c,v 1.41 2003/03/26 04:02:51 deraadt Exp $");
+#define CHROOT
#include "buffer.h"
2003 Sep 30
1
[PATCH] sftp-server (secure) chroot patch, 3.7.1p2 update
Hello all,
Here is an updated patch. I published the original patch published on
august 16.
--- openssh-3.7.1p2/sftp-server.c.org 2003-08-22 01:34:41.000000000
+0200
+++ openssh-3.7.1p2/sftp-server.c 2003-09-30 17:22:43.730402000 +0200
@@ -24,6 +24,7 @@
#include \"includes.h\"
RCSID(\"$OpenBSD: sftp-server.c,v 1.43 2003/06/25 22:39:36 miod Exp
$\");
+#define CHROOT
2001 Jul 27
0
Updated ssh-keyscan patch for ssh2 support
In the past 2 months another change occurred in the CVS code that
broke my ssh-keyscan patch. Here's an updated version that tweaks the
changed name (in the Kex struct) and also causes an attempt to grab an
ssh2 key from an older server (without ssh2 support) to fail earlier
and without an error message (Stuart Pearlman emailed me some code for
this).
This patch is based on the BSD CVS
2000 Oct 30
2
Minor fixes for openssh-SNAP-20001028
I've attached a patch for openssh-SNAP-20001028 which fixes the
following two problems:
1) I fixed fixpaths to complain instead of failing silently if it
can't write the output file.
2) I changed log-server.c to use av0 as the first argument to
openlog(). I also made sure it called openlog() before the TCP
wrapper stuff, because libwrap calls syslog() and winds up using
the
2003 Aug 16
0
sftp-server (secure) chroot patch?
Hello,
I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users
2002 Mar 15
4
PATCH: sftp-server logging.
This is another take on logging for sftp-server. Given the number
of private email requests I've received for this patch, I assume
there is signifigant enough interest to request it be reviewed for
inclusion into the release.
The patch is against 3.1p1, and is completely disabled by default.
To enable logging, one must use compile time directives
(-DSFTP_LOGGING). This was done due to prior
2011 Jun 02
2
preauth privsep logging via monitor
Hi,
This diff (for portable) makes the chrooted preauth privsep process
log via the monitor using a shared socketpair. It removes the need
for /dev/log inside /var/empty and makes mandatory sandboxing of the
privsep child easier down the road (no more socket() syscall required).
Please test.
-d
Index: log.c
===================================================================
RCS file:
2000 Aug 05
0
Protocol 2 and fork
Hello !
Like Edmund EVANS reported openssh-2.1.1p4 won't fork to background when
using protocol 2.
I managed to hack a little patch that might work ...
What is the -N command line option supposed to do ? I gather it should work
only with protocol2 and without any command to run on the server (and with
some port forwardings ??)
Anyway in the patch I put some code to check that -N is used
2002 Mar 21
2
bug in ssh-keyscan.c --
=====
Ladies/Gents,
"ssh-keyscan.c" can't be linked statically against "libssh.a". You end
up with `fatal()' being doubly defined.
The patch below deletes the new "ssh-keyscan.c:fatal()" function and
and restores the "ssh-keyscan.c:fatal_callback()" function with modifi-
cations. The problem that both attempt to alleviate is the setting of
the
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2681
Bug ID: 2681
Summary: postauth processes to log via monitor
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2000 May 29
1
Syslog facility in Linux
Hi !
While browsing Linux manpages (man 3 syslog) I noticed that the manual
says that the LOG_AUTH facility is deprecated use LOG_AUTHPRIV instead.
Is there a good reason why OpenSSH doesn't have an option to use
LOG_AUTHPRIV facility ? (Looks like that tcpd/telnet etc. use the AUTHPRIV
facility (in RH6.2)).
Shouldn't be too hard to add the AUTH_PRIV facility ?
Cheers,
-Jarno
--