similar to: [Bug 367] patches for Cray port

Significant changes since last patch. Deleted patches to packet.c and channel.c - not needed. Add small patch to sshd.c and openbsd/ssh-cray.c to disable cray process privileges. Depending on how a cray unicos/unicosmk system is configured user could su to root without a password with out this mod. Add no_sco flag to noop check for -lrpc which assumes that their was a -lyp library.

This patch fixes my botched attempted to patch deattack.c. I created a bsd-cray.h file and cleaned up a few error cases in bsd-cray.c. Fixed cray_setup call to pass uid and login name in session.c and moved its call so that its called with root privs. Its been tested on a irix, sun, aix, unicos(SV1) and unicosmk(T3E) systems. If you are building this on a T3E you may have to edit the Makefile

http://bugzilla.mindrot.org/show_bug.cgi?id=367 ------- Additional Comments From wendyp at cray.com 2002-07-23 08:38 ------- Created an attachment (id=134) cray patches ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

if i want to learn more about implementing a /dev/urandom, where would be a good place to start? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154

When we were porting OpenSSH on SX, we had similar problem. And when we did #undef HAVE_B64_NTOP in config.h, we faced linking problem as b64_pton() multiply defined, in base64.c and in libc.a. So we modified configure to check both the functions b64_pton() and b64_ntop(). But we gave priority to native function if available. Following are the diffs of three files we changed 1. configure (line

simon- any luck with that GSS-API patch for 3.6.1? ben/markus/whoever - will this ever be added to source? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154

do_pre_login() in session.c is used (in do_exec_pty()) before it's declared, which is causing some problems for me. please move it up a couple hundred lines in the file. patch included for 0807 snapshot. thanks, wendy % diff -u session.c.orig session.c.mod --- session.c.orig Tue Aug 7 13:11:51 2001 +++ session.c.mod Tue Aug 7 16:21:07 2001 @@ -397,6 +397,34 @@ } }

anyone who can help me understand- one of my developers reimported openssh snapshot from 0722 into cvs. he sent me the following email about an error he believes is in the snapshot i'm not a cvs-knowledgeable person, so i'm not all that clear on this, but should *.in files be in .cvsignore? i tried checking a later snapshot, but 0722 seems to be the latest one. .cvsignore is dated jun

we are encouraging the use of protocol 2 over protocol 1, correct? but ssh's default is that protocol 1 is tried first, then protocol 2. this can be overridden in the ssh_config file and by command line options, of course, but shouldn't we set the default to be what we want users to use? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com,

i have a site that needs to increase the socket buffer size. this is something i really don't know much about, myself. they need to increase it to at least 300k to get decent performance (specifically for scp). what is the current default & are there any known ramifications to increasing it? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com,

This patch is against Cray patch against openssh-SNAP-20010710. Here a few notes about them: 1) rijndael does not work on cray due to the fact it is rooted in 32 bits. I looking for a fix, it may come form Wendy Palam. For now the cray default to the following cihpers for ssh version 2 ssh are: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour 2) Crays don't have setitimer so I

is anyone running, or advocating running openssh in combination with dce? what would be the concerns? on first glance, i'd say they shouldn't be run together, but i don't know enough about dce to be able to definitively state that. thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154

http://bugzilla.mindrot.org/show_bug.cgi?id=367 Summary: patches for Cray port Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: wendyp at

http://bugzilla.mindrot.org/show_bug.cgi?id=224 Summary: configure.ac changes for crays Product: Portable OpenSSH Version: 3.1p1 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: wendyp

http://bugzilla.mindrot.org/show_bug.cgi?id=224 ------- Additional Comments From wendyp at cray.com 2002-04-23 09:12 ------- sorry, slight error with that last patch. try this instead (with 22 april snapshot): --- configure.ac.orig Mon Apr 22 14:31:27 2002 +++ configure.ac Mon Apr 22 14:32:48 2002 @@ -236,12 +236,29 @@ AC_CHECK_FUNCS(getluid setluid) MANTYPE=man

http://bugzilla.mindrot.org/show_bug.cgi?id=97 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-04-23 08:39

http://bugzilla.mindrot.org/show_bug.cgi?id=96 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:40

does anyone have a comment to make about this? (cert picked it up and we're being asked for a vendor response) http://www.securityfocus.com/archive/1/324016/2003-06-03/2003-06-09/0 do we have an "official" response yet? thanks, wendy -- wendy palm Cray Open Software Development, Cray Inc. wendyp at cray.com, 651-605-9154

http://bugzilla.mindrot.org/show_bug.cgi?id=367 ------- Additional Comments From mouring at eviladmin.org 2002-11-10 03:34 ------- Everything was applied to 3.5 but deattack.c. Changes talked about on the list will be accepted if they are submitted in patch form. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=96 ------- Additional Comments From stevesk at pobox.com 2002-04-05 19:23 ------- the cray support is incomplete now, is that correct? if so, what is needed to complete it? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.