Displaying 20 results from an estimated 10000 matches similar to: "[Bug 482] New: token parsed at first space in path"
2003 Jun 16
2
[Bug 596] "ProxyCommand none" doesn't work
http://bugzilla.mindrot.org/show_bug.cgi?id=596
Summary: "ProxyCommand none" doesn't work
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy:
2000 Aug 25
1
[patch] configurable ssh_prng_cmds
The following patch against openssh-SNAP-20000823 allows to override the
compile-time "ssh_prng_cmds" file at run time by adding new options to the
server and client configurations. (We move binaries around a bit, and this was
the only absolute path that couldn't be fixed at run-time).
Regards
Jan
diff -ur openssh-SNAP-20000823.orig/entropy.c openssh-SNAP-20000823.new/entropy.c
2004 Aug 05
1
LocalForward and RemoteForward bind patch
FINALLY, it's here.
You can now tell SSH which address to bind to for every single port
forwarding option! This patch allows you to pass the following as ssh
command line options:
ssh -L 192.168.1.55:1234:localhost:80 -R ::11:22:aa:bb/80/localhost/80
etc.
Or as normal config file options:
LocalForward ::11:22:33/1234 localhost/80
RemoteForward 1.2.3.4:80 localhost:80
It will also
2024 May 06
1
Feature request/EOI: Match interactive config?
Hey Damien,
> Would something like this help?
>
> Match sessiontype shell
> User foo
> Match remotecommand "none"
> User foo2
> Match sessiontype exec remotecommand "/rsync"
> User bar
> Match sessiontype subsystem remotecommand "sftp"
> User baz
>
>
> diff --git a/readconf.c b/readconf.c
> <snip>
Thanks for looking
2017 May 31
1
[PATCH 0/1] Process the IdentityFile option from the included files
Hello,
This change is to get the IdentityFile option processed
from the included configuration files.
Regards,
Oleg
Oleg Zhurakivskyy (1):
Process the IdentityFile option from the included files
readconf.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
--
2.9.3
2002 Oct 17
0
[PATCH] connect() timeout for OpenSSH-3.5p1
Here is the version of this patch for the last portable version of
OpenSSH (3.5p1), as it is not included in the main tree.
The patch avoids waiting to long when using ssh() or scp() on a down host,
it is usefull when you have to update many hosts via rsync or rdist themselves
relying upon ssh(). It enables a new option 'ConnectTimeout' to control
exactly the timeout value, so that it can
2002 Jan 26
7
[PATCH] Added NoDelay config option and nodelay subsystem option
Hello again!
Since there was some resistance against adding TCP_NODELAY uncontionally,
I've made another patch. The new patch contains the following:
* Added a NoDelay yes/no (default no) config option to ssh and sshd
* Added -oNoDelay=yes to the ssh command line for sftp.
* Changed the sshd subsystem config option syntax from
Subsystem name path
to
Subsystem name options path
2015 Mar 29
2
Invalid memory access / read stack overflow when reading config with zero bytes
On Mon, 30 Mar 2015, Damien Miller wrote:
> On Mon, 30 Mar 2015, Hanno B?ck wrote:
>
> > On Mon, 30 Mar 2015 09:19:02 +1100 (AEDT)
> > Damien Miller <djm at mindrot.org> wrote:
> >
> > > What version of OpenSSH is this?
> >
> > 6.8 portable on Linux.
>
> That's strange - the line numbers in the valgrind stack trace don't
>
2002 Feb 08
1
Expansion of hostname
# This issue is also related to
# Subject: Re: [openssh-dev]: disable ProxyCommand from being used?
On reading ~/.ssh/config file, host name which is specified by command
line and check with 'Host' line, is constant for the whole of reading.
If this host name is expanded by 'HostName' option value, it's worth for
making config file simple and usefull 'Host' can be
2006 Feb 10
0
OpenSSH ControlAllowUsers, et al Patch
Attached (and inline) is a patch to add the following config options:
ControlBindMask
ControlAllowUsers
ControlAllowGroups
ControlDenyUsers
ControlDenyGroups
It pulls the peer credential check from client_process_control() in ssh.c,
and expounds upon it in a new function, client_control_grant().
Supplemental groups are not checked in this patch. I didn't feel comfortable
taking a shot
2003 Feb 24
1
[Bug 482] readconf doesn't accept paths with spaces in them
http://bugzilla.mindrot.org/show_bug.cgi?id=482
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|token parsed at first space |readconf doesn't accept
|in path |paths with spaces in them
------- Additional Comments From
2024 May 06
1
Feature request/EOI: Match interactive config?
On Sat, 4 May 2024, openssh at tr.id.au wrote:
> Hey there,
>
> I often want different behavior in my ssh client depending on
> whether I'm logging into an interactive session or running
> a remote non-interactive command. We can see at, say,
> https://unix.stackexchange.com/a/499562/305714 that this isn't a
> unique wish, and existing solutions are kind of baroque.
2024 May 06
1
Feature request/EOI: Match interactive config?
On Mon, 6 May 2024, openssh at tr.id.au wrote:
> ... and I guess your next question will be about compilation environment, so:
>
> ```
> $ gcc --version
> gcc (Gentoo 13.2.1_p20240210 p14) 13.2.1 20240210
> Copyright (C) 2023 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY
2001 Mar 11
0
patch to allow client to select rsa/dss
Here is a quick patch against openssh-2.5.1p1 to add a new config
option (pkalg) for the ssh client allowing the selection of which
public keys are obtained/verified.
--cut-here-
diff -c3 -r orig/openssh-2.5.1p1/key.c openssh-2.5.1p1/key.c
*** orig/openssh-2.5.1p1/key.c Mon Feb 5 18:16:28 2001
--- openssh-2.5.1p1/key.c Sun Mar 11 23:10:10 2001
***************
*** 534,539 ****
--- 534,567 ----
2001 Aug 15
1
ProxyCommand broken in SNAP-20010814
For some odd reason, one line was removed from the handling of
ProxyCommand in readconf.c. As a result, ssh crashes on strlen(string)
when it parses this option.
--- readconf.c:X Mon Aug 6 23:35:52 2001
+++ readconf.c Wed Aug 15 16:11:44 2001
@@ -475,6 +475,7 @@
case oProxyCommand:
charptr = &options->proxy_command;
+ string = xstrdup("");
while ((arg =
2001 Mar 07
1
patch to select pkalg
Suppose an SSH server has both RSA and DSA host keys for protocol 2, but I
only have the DSA key, and I want to use that. I'm stuck; the OpenSSH client
is hard-wired to offer both algorithms in the key exchange, and will select
ssh-rsa if it's available (see myproposal.h, KEX_DEFAULT_PK_ALG).
Below is a patch adding the client configuration option "PKAlgorithms" for
this
2000 Jul 05
1
OpenSSH-2.1.1p2: Is this misuse of strtok?
Is this a misuse of strtok() in OpenSSH-2.1.1p2?
readconf.c:process_config_line() calls strtok() to
parse config lines. When it finds oProtocol it calls
compat.c:proto_spec() which in turns uses strtok().
However on return of proto_spec(), process_config_line() calls
strtok() once more to (quoting from the source code)
/* Check that there is no garbage at end of line. */
But surely strtok()
2012 Feb 12
0
PATCH: multiple BindAddress
Hello all,
I recently have a problem with multiple addresses and address
families. Problem is simple, i have some hosts with IPv4 access only
and some with IPv6 access. This wouldn't be big problem if I had a
stable IP addresses. But sometimes I move to another network with
complete different addresses. So I created patch which on option
BindAddress accept list of addresses. With ip I solved
2004 Mar 23
2
A question on Compilation errors...
Hello
I am attempting to build on a LynxOS platform and am using a old
version of zlib and OpenSSL-0.9.6a. I get past the configure stage by
ignoring the zlib version check. However, at make stage I run into the
following undefineds. Any idea what may be causing this. I am using
version 3.8p1 of OpenSSH.
Thank you in advance for your response
Amba
(cd openbsd-compat && make)
2003 Jan 18
0
[Patch] User-dependent IdentityFile
Here is the user-dependent IdentityFile patch for openssh3.5 (BSD version),
which allows private key files to be placed system wide (for all users) in
a secure (non-NFS) mounted location.
This addresses an important security hole on systems where home directories
are NFS mounted, particularly if there are users who use blank passphrases
(or when lpd is tunneled through ssh on systems running lpd