Displaying 20 results from an estimated 200 matches similar to: "ServerLiesWarning"
2003 Nov 27
2
Question about adding another parameter for OpenSSH
Hello,
I need to allow for some people to execute ssh with one shared private
key for remote executing command on various machines. However, it is not
possible to set group permissions for private keys and it is possible
to have just one private key file for one user. Please, is it possible
to add patches into openssh development tree like these, so that standard
behavior of ssh is not changed,
2009 Jul 09
0
[PATCH] Allow binding to a local port (OpenSSH 5.2)
OpenSSH supports the -b bind_address argument for binding to a local
IP address when connecting to a remote host.
It's however currently not possible to specify a local port to bind
to, something I've found useful at several occasions.
Below is an unified diff that introduces the [-B bind_port] option to
ssh(1) and a ssh_config(5) style option "BindPort bind_port".
This allows
2011 Jul 17
2
openSSH 5.8p2 BindPort patch
Hi, i have written a patch for openSSH 5.8p2 which allows the user to
set the local source port. The patch is as follows:
diff -rupN openssh-5.8p2//readconf.c openssh-5.8p2-srcport//readconf.c
--- openssh-5.8p2//readconf.c 2010-11-20 04:19:38.000000000 +0000
+++ openssh-5.8p2-srcport//readconf.c 2011-07-17 20:57:52.385044096 +0100
@@ -125,7 +125,7 @@ typedef enum {
oGlobalKnownHostsFile2,
2001 Jul 05
1
Patch to workaround host key size mismatch bug in old SSH sshd
Below is a patch against the current OpenBSD OpenSSH CVS to workaround a
behavior I have observed when converting from SSH 1.2.27 to OpenSSH while
using the same old RSA1 host key for protocol 1. In several cases I saw
that old SSH sshd reported a host key size of 1024 bits when OpenSSH saw it
as 1023 bits. Without the patch, when OpenSSH's ssh client connects to an
old SSH sshd it warns
2005 Jun 23
0
ControlPersist.
This is a better approach to persistent control masters than my previous
attempt. Instead of forking before we make the connection, do so only
when the original session has closed -- much like the code for '~&'
backgrounding already does.
My earlier patch for 'ControlPath none' still applies and is required, btw.
--- openssh/clientloop.c~ 2005-06-17 03:59:35.000000000 +0100
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
In the current implementation, ssh always uses the hostname supplied by
the user directly for the SSHFP DNS record lookup. This causes problems
when using the domain search path, e.g. I have "search example.com" in my
resolv.conf and then do a "ssh host", I will connect to host.example.com,
but ssh will query the DNS for an SSHFP record of "host.", not
2013 Mar 22
1
[PATCH] Allow matching HostName against Host entries
It would be useful to allow matching HostName entries against Host
entries. That's to say, I would find it very convenient to have an
ssh_config like:
Host zeus
HostName zeus.greek.gods
User hades
Host hera
HostName hera.greek.gods
# [ ... ]
Host *.greek.gods
User poseidon
UserKnownHostsFile ~/.ssh/known_hosts.d/athens
# [ Default settings for *.greek.gods ]
where I
2009 Mar 02
0
[PATCH 5 of 13] exploiting the new interface in vnc.c
Import "exploiting the new interface in vnc.c" from qemu mainstream.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6337 c046a42c-6fe2-441c-8c8c-71466251a162
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
---
diff -r 07a126ac0425 console.c
--- a/console.c Mon Feb 16 11:39:06 2009 +0000
+++ b/console.c Mon Feb 16 12:07:19 2009 +0000
@@ -1310,6 +1310,9
2006 Feb 10
0
OpenSSH ControlAllowUsers, et al Patch
Attached (and inline) is a patch to add the following config options:
ControlBindMask
ControlAllowUsers
ControlAllowGroups
ControlDenyUsers
ControlDenyGroups
It pulls the peer credential check from client_process_control() in ssh.c,
and expounds upon it in a new function, client_control_grant().
Supplemental groups are not checked in this patch. I didn't feel comfortable
taking a shot
2019 Mar 01
1
issue with sample in R 3.6.0.
Hello,
I think there is an issue in the sampling rejection algorithm in R 3.6.0.
The do_sample2 function in src/main/unique.c still has 4.5e15 as an
upper limit, implying that numbers greater than INT_MAX are still to
be supported by sample in base R.
Please review the examples below:
set.seed(123)
max(sample(2^31, 1e5))
[1] 2147430096
set.seed(123)
max(sample(2^31 + 1, 1e5))
[1] 1
2004 Oct 03
3
[PATCH] PreferAskpass in ssh_config
Moin,
attached is a patch, which adds a new configuration option
"PreferAskpass" to the ssh config.
ssh{,-add,-keygen,-agent} will use ssh-askpass to prompt for passwords, if
this option is set to "yes", and if ssh-askpass is available.
Default for "PreferAskpass" is "no".
Pacth is against current CVS.
Sebastian
--
signature intentionally left blank.
2007 Feb 08
1
"Out of memory" error looking up SSHFP records
Hi,
we're currently considering making use of RFC4255 SSHFP records,
but are hitting a problem with a 4.4p1 client running on Tru64 5.1A:
[...]
debug3: verify_host_key_dns
DNS lookup error: out of memory
[...]
No matching host key fingerprint found in DNS.
A 4.3p2 linux client gives the following :
[...]
debug3: verify_host_key_dns
debug1: found 1 insecure fingerprints in DNS
debug1:
2018 Jan 10
4
sshfp/ldns still having issues in 7.6
I have been running openSSH 7.4p1 for a while now. When I upgraded to 7.5 a
year or so ago I ran into the problem listed in this bug report:
Bug report: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218472
The release notes for 7.6 release notes indicate that the fix patch was
included: https://www.openssh.com/txt/release-7.6
I tried 7.6 and I still cannot connect without a prompt wondering
2010 Nov 04
0
[Bug 1296] VerifyHostKeyDNS default domain
https://bugzilla.mindrot.org/show_bug.cgi?id=1296
Karl P <barnaclebob at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |barnaclebob at gmail.com
Version|5.1p1 |5.6p1
Status|CLOSED
2007 Aug 22
0
Patch to allow checking of v1 keys on remote host.
The attached patch for 4.6p1 adds a feature (-u) that will check to
see if a key exists on a remote host. I use this for auditing my
users transition to v2 keys very useful. If there is any interest
I'll provide a patch for v2 ssh keys also.
http://vapid.dhs.org/dokuwiki/doku.php?id=vapidlabs:openssh_check_key_patch
-- Thanks
Larry
--- orig/openssh-4.6p1/sshconnect1.c 2006-11-07
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2012 Jan 04
0
ECDSA, SSHFP, and "Error calculating host key fingerprint."
When connecting to a host that provides an ECDSA host key and the
client has "VerifyHostKeyDNS" set to 'yes' or 'ask' SSH outputs a
mysterious and undocumented message "Error calculating host key
fingerprint." This error actually seems to be generated by
verify_host_key_dns(const char *hostname, struct sockaddr *address,
Key *hostkey, int *flags) in dns.c, but
2006 Feb 04
2
[PATCH] allow user to update changed key in known_hosts
Hi list,
I use ssh a lot and I often need to connect to hosts whose host key has
changed. If a host key of the remote host changes ssh terminates and the
user has to manually delete the offending host key from known_hosts. I
had to do this so many times that I no longer like the idea ;-)
I would really like ssh to ask me if the new host key is OK and if I
want to add it to known_hosts.
I talked
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
Hi,
I found a small issue with DNSSEC validation of SSHFP lookups. (For reference
I used OpenSSH 6.8p1 on FreeBSD 10.1).
The issues is that when DNSSEC valiation fails, ssh displays a confusing
message to the user. When DNSSEC validation of a SSHFP record fails, ssh
presents the user with
"Matching host key fingerprint found in DNS.
"Are you sure you want to continue connecting
2002 Jan 29
2
Key fingerprint logging
Hello there!
I have made a patch against OpenSSH 3.0.2p1 which allows the fingerprint of
the accepted key to be printed in the log message. It works with SSH1-RSA and
SSH2 pubkey (DSA+RSA) authentication.
This feature is controllable by the LogKeyFingerprint config option (turned
off by default).
Michal Kara
-------------- next part --------------
diff -u5