similar to: Changes in tonights snapshot

Hi All. After one false start, I now have a Tinderbox up and running for the OpenSSH portable tree. For those not familiar with it, Tinderbox is a tool for automatically displaying the status of builds and tests. At the moment, I do 1 update and 4 builds hourly. It's not fully functional yet but the basics work. It can be found at http://dodgynet.dyndns.org/tinderbox/OpenSSH_Portable/ (I

http://www.mindrot.org/~djm/openssh/openssh-newpam-20030123.tar.gz Is a snapshot of the new PAM-via-KbdInt authentication support from FreeBSD's OpenSSH tree. Please test this now. I can only surmise by the silence that has greeted my previous requests for testing that the code works perfectly. -d

The Cray and tru64 patches I have, have been applied. Unless there is any major "oh my god it does not work". I believe 3.6 should now be ready for release soon. I'd like to thank everyone for providing feedback on the status of their their platform. Hopefully, we have not missed any platform that is commonly used. - Ben

On 12/16/2013 08:01 PM, Charles Lepple wrote: > On Dec 16, 2013, at 4:19 PM, David C. Rankin wrote: > >> > Dec 16 14:05:16 phoinix upsd[369]: getaddrinfo: Servname not supported for >> > ai_socktype > [...] >> > The kernel update was from linux (3.12.1-3 -> 3.12.5-1), I don't see what >> > could have changed. How do I attempt to further

On Dec 16, 2013, at 10:11 PM, David C. Rankin wrote: > On 12/16/2013 08:01 PM, Charles Lepple wrote: >> On Dec 16, 2013, at 4:19 PM, David C. Rankin wrote: >> >>>> Dec 16 14:05:16 phoinix upsd[369]: getaddrinfo: Servname not supported for >>>> ai_socktype >> [...] >>>> The kernel update was from linux (3.12.1-3 -> 3.12.5-1), I don't

Hi, Dear OpenSSH support, I'm writing to ask whether this bug is fixed in your openSSH 6.0. If no, do you have any plan? https://bugzilla.redhat.com/show_bug.cgi?id=640857 Regards, Carol

Changes since OpenSSH 6.4 ========================= This is a feature-focused release. New features: * ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange method is the default when both the client and server support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a

In socket.c, the variable error is unitilialzed. Also the variable length should be an unsigned int. EAGLE> type socket.gdiff --- ref_src:socket.c Sat Jan 5 13:27:07 2002 +++ lcl_src:socket.c Sun Jan 6 08:40:51 2002 @@ -1,3 +1,4 @@ +/* Converted by prj_src:unix_c_to_vms_c.tpu AND prj_src:socket.tpu on 6-JAN-20 02 08:40:51.01 OPENVMS_AXP */ /* -*- c-file-style: "linux"

On Thu, 26 Feb 2015, Darren Tucker wrote: > I noticed this error log spam on the tinderbox when looking at one of the > failures. It happens with Unix domain socket forwarding is requested: > > debug1: channel 1: new [forwarded-streamlocal at openssh.com] > get_socket_address: getnameinfo 1 failed: ai_family not supported > get_sock_port: getnameinfo NI_NUMERICSERV failed:

Hi, all -- Here's a small patch that gives better diagnostics on the daemon side if it fails to start up due to inability to create or bind the socket. Presently, it gives a log entry indicating that no sockets could be bound, but crucially does *not* have the system error message (i.e. errno) from the failed call, making it difficult or impossible to determine the problem. I do have a

Hi All. I (actually the tinderbox[1]) found a problem with the fix for bug #422: when PAM is enabled on a platform that uses /etc/shadow, the variable "passwd" in auth.c is used uninitialized. There's a simple patch attached to fix this. The question is: should the locked account test be done when PAM is enabled or should we rely on PAM to do the right thing? In theory they

I had to apply the following patch to the clientname.c check_name() function before I could successfully use "hosts allow" in rsyncd.conf. Without the patch I kept getting "rsync: forward name lookup for ... failed: Host not found" errors. These errors were produced by the rsync daemon, and putting in a debugging statement revealed that the port_buf being used had a large

GCC is concerned that if we never go round the loop then fd will be uninitialized. By asserting that getaddrinfo set result != NULL we can avoid this. nbd.c: In function ‘nbd_open_handle’: nbd.c:974:5: error: ‘fd’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 974 | close (fd); | ^~~~~~~~~~ nbd.c:954:7: note: ‘fd’ was declared here 954 | int fd;

I was wondering what everyone's thoughts were on a simpler way to exclude addresses from having listeners on them. I know a lot of people have multiple subnets, especially larger corporations. Some networks are non-route-able, and therefor unsuitable for use with SSH, aside from communication between other servers on the same subnet. Given that we may want to exclude those non-route-able

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

As the subject says, support socket activation in virt-p2v. I have added upstream support for socket activation to nbdkit already: https://github.com/libguestfs/nbdkit/commit/7ff39d028c6359f5c0925ed2cf4a2c4c751af2e4 I posted a patch for qemu-nbd, still waiting on more reviews for that one: https://www.mail-archive.com/qemu-devel@nongnu.org/msg427246.html I tested this against old and new qemu

diff -u -r -N openssh-2.9p1/channels.c openssh-2.9p1-ajf.1/channels.c --- openssh-2.9p1/channels.c Tue Apr 17 14:14:35 2001 +++ openssh-2.9p1-ajf.1/channels.c Wed Jun 6 23:25:36 2001 @@ -1815,13 +1815,25 @@ /* * getaddrinfo returns a loopback address if the hostname is * set to NULL and hints.ai_flags is not AI_PASSIVE + * + * Oh yeah? Setting hostname to NULL and hints.ai_flags to +

On Fri, 30 Apr 2004, YOSHIFUJI Hideaki / [iso-2022-jp] $B5HF#1QL@(B wrote: > In article <Pine.BSO.4.44.0404292059520.953-100000 at etoh.eviladmin.org> (at Thu, 29 Apr 2004 21:00:26 -0500 (CDT)), Ben Lindstrom <mouring at etoh.eviladmin.org> says: > > > Be that true.. then one should review the usage of it in sshconnect.c > > which is the other place we do it. >

On Tue, Nov 05, 2002 at 08:37:00AM -0800, Martin Pool wrote: > On 10 Oct 2002, "Green, Paul" <Paul.Green@stratus.com> wrote: > > No new CVS messages have appeared on the rsync-cvs archives since August > > 30th. This seems rather odd-- perhaps a daemon stopped working? If there > > has truly been no activity since that date, I apologize for > >

AI_CANONNAME is only relevant when the resulting official name is used, which is not the case in tftpd for the address to bind to. Also AI_ADDRCONFIG isn't helpful. This flag is good for sockets used to connect(2) somewhere. But for listening sockets it makes tftpd fail to start when -a 0.0.0.0:69 is passed and no network device is up yet. This addresses Debian bug