similar to: [Bug 476] New: Privsep directory error could be improved

http://bugzilla.mindrot.org/show_bug.cgi?id=476 ------- Additional Comments From maf at appgate.com 2003-01-27 20:30 ------- Created an attachment (id=209) --> (http://bugzilla.mindrot.org/attachment.cgi?id=209&action=view) Improves the error message ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

We run ssh from a program and needed to add port-forwards dynamically. The ~C method turns out to be very cumbersome to use since it reads from /dev/tty. But then I came to think of the master/slave functionality (which we already used) which seemed a perfect place for this functionality. Unfortunately it turned out not to be possible to set up new port forwards in a slave. So I patched openssh

I have been having problems with syslinux not working on one system. The error message was "failed to create ldlinux.sys". I checked and mcopy was installed. But upon further investigation I finally found the problem. I were starting syslinux for python (2.4) and in the python code I made it ignore SIGNCHLD. It turns out that this signal state was inherited by syslinux and it made

Recently I grew tired of the repeated ssh brute-force scanning bots so I implemented a blocking algorithm in our version of OpenSSH. My goal was to find an algorithm which could block most of the brute-force attempts while being simple to implement and not rely on any external software. The algorithm I came up with is that login attempts are blocked if there has been X failed, and no successful,

http://bugzilla.mindrot.org/show_bug.cgi?id=329 Summary: gmake install prefix=... does not work with the privsep-path Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=354 Summary: sshd with privsep doesn't do pam session setup properly Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=270 Summary: PrivSep breaks sshd on AIX for non-root users Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=325 Summary: PermitRootLogin forced-commands-only & privsep - not working together Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=423 Summary: Workaround for pw change in privsep mode (3.5.p1) Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

what's the point of using a new message type if it's the same as RSAAuthentication? the stat() fails because the process that reads from the network is chrooted. check PRIVSEP() in auth-rsa.c to figure out how RSAAuthentication works with PRIVSEP. On Fri, Mar 28, 2003 at 03:42:06PM +0800, ???? ???? wrote: > > I added a new authentication method to openssh called

http://bugzilla.mindrot.org/show_bug.cgi?id=544 Summary: sshd w/privsep fails on Linux 2.0, mm_receive_fd: expected type 1 got 1074276337 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd

http://bugzilla.mindrot.org/show_bug.cgi?id=324 Summary: privsep break KRB4 auth, KRB4 TGT forwarding and AFS token forwarding Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=205 Summary: PrivSep needs to be a compile-time option Product: Portable OpenSSH Version: 3.0.2p1 Platform: Other OS/Version: other Status: NEW Severity: critical Priority: P1 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=463 Summary: PrintLastLog doesn't work in privsep mode Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=355 Summary: No last login message with PrivSep under AIX Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=1053 Summary: The nonquery messages from PAM account aren't forwarded to user (privsep) Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support

Hi. If sshd is configured to use PAM and UsePrivilegeSeparation=no or you are logging is as root, any messages returned by PAM session modules are not displayed to the user. (Even when the config file has privsep=yes, logging in as root disables privsep anyway since there's no point, so it behaves the same way as privsep=no). I think I've figured out why: when privsep=no,

http://bugzilla.mindrot.org/show_bug.cgi?id=560 Summary: Privsep child continues to run after monitor killed. Product: Portable OpenSSH Version: -current Platform: ix86 URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=164797 OS/Version: Linux Status: NEW Severity: normal Priority: P2

Hi, This is included in the release now; any feedback? Privilege separation, or privsep, is method in OpenSSH by which operations that require root privilege are performed by a separate privileged monitor process. Its purpose is to prevent privilege escalation by containing corruption to an unprivileged process. More information is available at:

http://bugzilla.mindrot.org/show_bug.cgi?id=289 Summary: mmap error when trying to use 3.3p1 with privsep Product: Portable OpenSSH Version: 3.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org