similar to: [Bug 476] Privsep directory error could be improved

Displaying 20 results from an estimated 40000 matches similar to: "[Bug 476] Privsep directory error could be improved"

2003 Jan 27
0
[Bug 476] New: Privsep directory error could be improved
http://bugzilla.mindrot.org/show_bug.cgi?id=476 Summary: Privsep directory error could be improved Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: maf
2007 Oct 30
2
Patch: open port forwards from slave
We run ssh from a program and needed to add port-forwards dynamically. The ~C method turns out to be very cumbersome to use since it reads from /dev/tty. But then I came to think of the master/slave functionality (which we already used) which seemed a perfect place for this functionality. Unfortunately it turned out not to be possible to set up new port forwards in a slave. So I patched openssh
2007 Dec 13
2
SOLVED: failed to create ldlinux.sys
I have been having problems with syslinux not working on one system. The error message was "failed to create ldlinux.sys". I checked and mcopy was installed. But upon further investigation I finally found the problem. I were starting syslinux for python (2.4) and in the python code I made it ignore SIGNCHLD. It turns out that this signal state was inherited by syslinux and it made
2005 Sep 08
0
Blocking the password-guessing bots
Recently I grew tired of the repeated ssh brute-force scanning bots so I implemented a blocking algorithm in our version of OpenSSH. My goal was to find an algorithm which could block most of the brute-force attempts while being simple to implement and not rely on any external software. The algorithm I came up with is that login attempts are blocked if there has been X failed, and no successful,
2002 Mar 20
1
privsep
i think our strategy for privsep is to just keep portable sync'd closely with openbsd's tree, even though things will be broken wrt privsep for many platforms. then we just get primary one's working and work out issues as we go along. i'll start to work on sun and hp-ux again tomorrow.
2003 Jan 07
2
[Bug 463] PrintLastLog doesn't work in privsep mode
http://bugzilla.mindrot.org/show_bug.cgi?id=463 ------- Additional Comments From dtucker at zip.com.au 2003-01-07 23:43 ------- Generate the message earlier in the login process and store for display after session startup? Rather than another variable for this (eg aixloginmsg, maybe __pam_msg), what about using a single Buffer for storing all of the messages to be displayed after login?
2006 Jan 08
3
Allow --without-privsep build.
I've been trying to cut down the size of openssh so I can run it on my Nokia 770. One thing which helps a fair amount (and will help even more when I get '-ffunction-sections -fdata-sections --gc-sections' working) is to have the option of compiling out privilege separation... Is it worth me tidying this up and trying to make it apply properly to the OpenBSD version? Does the openbsd
2003 May 12
3
[Bug 560] Privsep child continues to run after monitor killed.
http://bugzilla.mindrot.org/show_bug.cgi?id=560 Summary: Privsep child continues to run after monitor killed. Product: Portable OpenSSH Version: -current Platform: ix86 URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=164797 OS/Version: Linux Status: NEW Severity: normal Priority: P2
2002 Jul 31
2
privsep+kerb5+ssh1
please test Olaf Kirch's patch. it looks fine to me, but i don't to K5. i'd like to see this in the next release. thx -m -------------- next part -------------- --- openssh-3.4p1/auth-krb5.c.krb Sun Jun 9 21:41:48 2002 +++ openssh-3.4p1/auth-krb5.c Tue Jul 23 15:15:43 2002 @@ -73,18 +73,17 @@ * from the ticket */ int -auth_krb5(Authctxt *authctxt, krb5_data *auth, char
2002 Feb 13
8
[Bug 112] Using host key fingerprint instead of "yes"
http://bugzilla.mindrot.org/show_bug.cgi?id=112 ------- Additional Comments From dan at doxpara.com 2002-02-13 11:43 ------- Heh, I kinda like that. You should update the yes/no prompt to say that pasting the expected host key will result in appropriate testing, as well as providing some sort of error if the remote side *doesn't* match the key pasted in. I hadn't thought of cut
2004 Jul 03
3
[Bug 463] PrintLastLog doesn't work in privsep mode
http://bugzilla.mindrot.org/show_bug.cgi?id=463 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #235 is|0 |1 obsolete| | Attachment #288 is|0 |1 obsolete|
2002 Oct 11
3
[Bug 412] AuthorizedKeysFile assumes home directory access upon authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=412 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From markus at openbsd.org 2002-10-12
2002 Aug 21
3
[Bug 387] command="" in authorized_keys fails when sshd_config has "PermitRootLogon forced-commands-only"
http://bugzilla.mindrot.org/show_bug.cgi?id=387 ------- Additional Comments From markus at openbsd.org 2002-08-22 06:27 ------- hm, the logoutput from the server would be more helpfull. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2002 Jul 10
4
[Bug 350] sshd leaks fd to pty for interactive sessions
http://bugzilla.mindrot.org/show_bug.cgi?id=350 ------- Additional Comments From mindrot at extern.wiggy.net 2002-07-10 20:10 ------- This happens with both privsep enabled and disabled. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2003 May 10
7
[Bug 463] PrintLastLog doesn't work in privsep mode
http://bugzilla.mindrot.org/show_bug.cgi?id=463 ------- Additional Comments From dtucker at zip.com.au 2003-05-10 12:59 ------- I've had a look at the OpenBSD source and I don't think OpenBSD *needs* a "Buffer loginmsg" right now. PrintLastLog can be easily fixed by updating s->last_login_time before the privsep split. So, is there another reason OpenBSD needs (or
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that
2002 Sep 16
2
privsep versus compression
Hi, I'm unable to get Kerberos4 authentication working with openssh-3.4p1. I'm getting a message that privsep is not available on my platform (Irix 6.5.15) and another message stating that compression and privsep are mutually exclusive. But, ssh decided to turn off compression, I think because of servconf.c. I think it would be more usefull to have compression enabled and disable privsep
2002 Apr 05
14
PLEASE TEST snapshots
The next OpenSSH release is close, too. If you want OpenSSH 3.2 to be the best version of OpenSSH, then please test the snapshots. If you like to see new features in future OpenSSH releases, then test the snapshots. If you are running OpenBSD then please test the OpenBSD snapshots. If you are running the portable OpenSSH release then please test the nightly snapshots from
2002 Apr 07
5
[Bug 205] PrivSep needs to be a compile-time option
http://bugzilla.mindrot.org/show_bug.cgi?id=205 ------- Additional Comments From mouring at eviladmin.org 2002-04-07 10:28 ------- Created an attachment (id=64) This patch (does not include configure.ac patch) should allow non-mmap platforms to compile, but will not allow them to use privsep period. One has to do more R&D to figure out where to disable compression on sshd since