similar to: two minor memory leaks

Hi, Openssh sshd opens the socket that forwards users requested port forwards as root, so the connection seems to come from root. Is it enough to open the socket as normal user so the connection would appear to come from that user ? (On Linux this seems to work, but what about other OS's ?) I tested this briefly by wrapping the channel_connect_to(target,target_port); (in

Hi, Running openssh-2.9p2 on Linux. If server is run with 'sshd -6' (to enable ipv6 easily on server end), ie all IPv4 are represented as mapped addresses, port forwarding will not work; just running plain ol' IPv4 fixes this of course. The server error, when forwarding from the client '143:localhost:143' and connecting to localhost 143 is: debug1:

Hello Steve, Hello OpenSSH-portable developers, I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe operating system, and I noticed you do the same for OS/390. Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2 or some such), I thought it was fair enough to help with a little co-operation; we might come up with a unified EBCDIC patch which could be contributed to

this (uncomplete) patch makes various features compile time options and saves up to 24K in the resulting ssh/sshd binaries. i don't know whether this should be added to the CVS since it makes the code less readable. perhaps WITH_COMPRESSION should be added, since it removes the dependency on libz -m Index: Makefile.inc =================================================================== RCS

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

Hi, I'm not on the openss-unix-dev mailing list, but I want to ask about a feature that I've put into my local implementation of OpenSSH the past year or so, and I wanted to know if it was worthwile to add it to the sources so that I don't have to add it myself each time I upgrade... About a year ago I was working for a company that wanted to use OpenSSH as a server (on a Linux

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

I just want to make sure I'm interpreting this correctly. In 5.0 channel_connect_to would only return the requested socket. You'd then need to use this socket to create the channel with with channel_new. In 5.1 channel_connect_to doesn't return the socket but rolls in channel_new and now returns the channel directly. The usage of channel_new hasn't changed though, only

Patch is below : diff -nru openssh-3.8.1p1/auth-options.c openssh-3.8.1p1-devs//auth-options.c --- openssh-3.8.1p1/auth-options.c Tue Jun 3 02:25:48 2003 +++ openssh-3.8.1p1-devs//auth-options.c Mon Feb 21 16:56:49 2005 @@ -265,6 +265,81 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is

The patch to enable FIPS mode for openssh 6.0p1 missed two instances of the ssh client trying to use MD5. It causes pubkey-based authentication to fail in FIPS mode. I have copied the missing changes from auth2-pubkey.c into sshconnect2.c. Here is a patch: diff -cr openssh-6.0p1/sshconnect2.c openssh-6.0p1-patched/sshconnect2.c *** openssh-6.0p1/sshconnect2.c Sun May 29 07:42:34 2011 ---

My port forwarding changes require an authorization (authentication) context in channel_connect_to(). I'd like to change the dispatch_* functions so that they accept an Authctxt * instead of a void * (this parameter is already used this way). In addition, I'd have to pass the authctxt all the way down to channel_connect_to(). As a side effect, it's possible to get rid of the global

Hi, I'm a little stuck on getting reverse connection working reliably from embedded devices running dropbear 0.51 to Ubuntu 8.x openssh. Connecting to local reverse socket often fails (not always) with "ssh_exchange_identification: Connection closed by remote host" My devices can reverse ssh and open a port on my server always, but often when the server is creating the reverse

Initially send this mail to user group. then realized this is more apt place. Apologies for posting in both groups... Hi all, We're using openssh version 4.7p on our linux 2.6-22 kernel. We have a Java based GUI that opens a secure shell connection to this linux box. To do something over the connection, the GUI opens a session (some times 3-4 simultaneous sessions) & once done, it will

This patch against OpenBSD -current adds a simple form of PKI to OpenSSH. We'll be using it at work. See README.certkey (the first chunk of the patch) for details. Everything below is BSD licensed, sponsored by Allamanda Networks AG. Daniel --- /dev/null Wed Nov 15 15:14:20 2006 +++ README.certkey Wed Nov 15 15:13:45 2006 @@ -0,0 +1,176 @@ +OpenSSH Certkey + +INTRODUCTION + +Certkey allows

Hello, I have the following problem: On our internet host I have running rsync-static-2.5.7-1 (I have to use the static one as our web hoster had installed a limited Suse 9.1 vserver system) On our local server which I would like to rsync I have running rsync version 2.6.8 protocol version 29. I can remotely execute applications throungh ssh without a password. But rsync won't run. On

Because OpenSSH_5.4 doesn't build on my OpenBSD 4.2 box, I tried OpenSSH_5.4p1 which builds and installs fine. After starting server with sudo /opt/sbin/sshd -p 2222 -d, my ssh client can connect, but the session is closed by server as soon as it is started: [...] User child is on pid 10318 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1:

http://bugzilla.mindrot.org/show_bug.cgi?id=1264 Summary: Channel not close by sshd Server Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: HP-UX Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: ajain at hp.com

Hi, I'm trying to use connect to an openssh server, setting some terminal modes, and they don't seem to do what I want. Specifically, I'm trying to disable echo from the server - hence the four modes in the sshd trace below (53 for example is ECHO). I've looked at the code. 0 would indicate that the option is negated in the c_lflag field. And it seems like the modes are

Hi, I use openssh-2.9p2 on LynxOS i386 system. sshd runs on LynxOS and ssh client on Redhat 7.0 Linux system (openssh-2.9p2 ssh client). The ssh client hangs on exit 90% of times. I don't think this is the usual hang-on-exit bug, because, there are no background processes running, I suppose. I attach the server debug messages. $ssh -V hari at lynx (From Linux) ... Password: ... lynx>

Hi, I posted this before (I thought) but I'll give it another try (looks like it arrived on the list on Saturday). :-( I'm trying to connect to an openssh server, and setting some terminal modes. However, they don't seem to do what I want. Specifically, I'm trying to disable echo from the server - hence the four modes in the sshd trace below (53 for example is ECHO).