Displaying 20 results from an estimated 200 matches similar to: "[PATCH]Extending user@host syntax"
2013 Apr 17
1
[Bug 1039] Incomplete application of HostKeyAlias in ssh
https://bugzilla.mindrot.org/show_bug.cgi?id=1039
Iain Morgan <imorgan at nas.nasa.gov> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |imorgan at nas.nasa.gov
--- Comment #13 from Iain Morgan <imorgan at nas.nasa.gov> ---
My apologies for
2002 Jul 17
2
[Patch] SSH through HTTP proxy using CONNECT
Hi,
I'm not a subscriber to this list so please CC: me in any replies.
I found myself in a situation where I was behind a corporate firewall
that allowed only web requests to the outside world (and furthermore
those requests had to be via their proxy server). Therefore, I couldn't
SSH to the outside world.
However, the HTTP proxy 'CONNECT' method, which is normally used to
2017 Jun 12
7
[Bug 2728] New: HostKeyAlias not respected for certificate authority host key validation
https://bugzilla.mindrot.org/show_bug.cgi?id=2728
Bug ID: 2728
Summary: HostKeyAlias not respected for certificate authority
host key validation
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: ssh
2004 Aug 26
2
OpenSSH PATCH: OpenCommand and CloseCommand
Hi,
the attached patch adds support for the keywords "OpenCommand" and
"CloseCommand" to ssh_config. They are commands which are executed before
the connection is established (or ProxyCommand started) and after the
connection has been closed (or ProxyCommand ended).
this is usefull for stuff like portknocking or (that's what I wrote the
patch for) talking with trapdoor2
2015 Feb 19
2
Proposal: Allow HostKeyAlias to be used in hostname check against certificate principal.
Howdy --
I have a number of servers with host keys validated by certificates.
These systems are behind a load-balanced frontend, and the
certificates are signed as valid for the DNS name used by that common
frontend address.
This works well for the primary use case of the systems; however, when
wishing to address only a single unit within the pool, the certificate
cannot be used to validate that
2009 Aug 22
0
expansion of %h in HostName field of ssh_config
Hi
It seems like a nice idea to expand a %h in the HostName field in
ssh_config to the host given as argument to ssh.
often one would have a entry in their ssh_config like:
camel*
User ...
It's okay if the system knows that the host camel01 fx points to the right host.
But what if the actual host is camel01.daimi.au.dk this is something
you wouldn't like to write in your terminal.
2001 Mar 07
1
patch to select pkalg
Suppose an SSH server has both RSA and DSA host keys for protocol 2, but I
only have the DSA key, and I want to use that. I'm stuck; the OpenSSH client
is hard-wired to offer both algorithms in the key exchange, and will select
ssh-rsa if it's available (see myproposal.h, KEX_DEFAULT_PK_ALG).
Below is a patch adding the client configuration option "PKAlgorithms" for
this
2001 Mar 11
0
patch to allow client to select rsa/dss
Here is a quick patch against openssh-2.5.1p1 to add a new config
option (pkalg) for the ssh client allowing the selection of which
public keys are obtained/verified.
--cut-here-
diff -c3 -r orig/openssh-2.5.1p1/key.c openssh-2.5.1p1/key.c
*** orig/openssh-2.5.1p1/key.c Mon Feb 5 18:16:28 2001
--- openssh-2.5.1p1/key.c Sun Mar 11 23:10:10 2001
***************
*** 534,539 ****
--- 534,567 ----
2001 Oct 24
4
snapshot problems on Mac OS X
Here are some problems with the latest snapshot on Mac
OS X:
I am by no means an autoconf expert, but here is what
happens after a "autoreconf":
autoconf: Undefined macros:
configure.in:1291:AC_CHECK_MEMBERS([struct
stat.st_blksize])
configure.in:2168:AC_CONFIG_FILES([Makefile
openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
configure.in:26:AC_SYS_LARGEFILE
2003 Sep 16
1
Problems with 3.7p1 on IRIX 6.5
$ uname -R
6.5 6.5.19m
$ cc -v
MIPSpro Compilers: Version 7.4
$ sshd -p 8022
[client]$ ssh -p 8022 -v [host]
$ par -s -SS -i -p [pid]
...
12mS sshd(3664039): fork()
12mS sshd(3664039): END-fork() = 3639808
12mS sshd(3639808): END-fork() = 0
13mS sshd(3639808): close(5) OK
13mS sshd(3639808): getuid() = 0, euid=0
14mS
2014 Jun 23
1
-h, --help option
Hi,
tmux author refuses to add -h, --help option, because OpenSSH
does not have it [1]. I don't see why convenience features of tmux
should depend on OpenSSH, but because I have no other choice
(and got curious) I ask here - why OpenSSH doesn't provide -h or
--help option?
I use PuTTY as my client, which processes --help option, and for
`ssh` binary I usually use Google + StackOverflow.
2012 Sep 15
2
ssh(1) documentation for -L and -R
I found that the documentation for -L and -R was hard to understand.
So I made some changes to try to make it clearer. I started with Revision
1.328 from http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.1
Comments welcome.
================ ssh.1.patch ================
--- ssh.1 2012/09/15 16:08:48 1.1
+++ ssh.1 2012/09/15 20:23:35
@@ -51,13 +51,13 @@
.Op Fl F Ar configfile
.Op Fl I
2014 Jun 19
0
[PATCH] permitremoteopen - to limit remote port forwarding per user
Hi,
Here is a patch to limit reverse port forwarding(-R) per user/key on the server.
For example add:
permitremoteopen="8023" ssh-dss AAAAB3NzaC1kc3MAAACBAOUE..
in user's ~/.ssh/authorized_keys server will limit -R to port 8023 only.
an example of violation.
ssh -v -R 8022:127.0.0.1:22 -i.ssh/id_dsa foo at 10.0.0.1
debug1: Remote: Server denied remote port forward request.
2024 Nov 12
1
openssh-9.9p1 problem with faillock pam module
Dear developers,
Our server implements two SSH services on ports 22 & 8022, with
different PAM settings.
The daemon is built from source of OpenSSH portable releases.
Following the instructions in the INSTALL file, we made a copy of
"<prefix>/sbin/sshd" (for port 22) as "<prefix>/sbin/sshd2" (for port
8022), created a separate "sshd2_config" file,
2012 May 16
2
Idea for feature recursive ssh: "scp file user1@gateway:user2@server:"
[I sent this email to the list in January but haven't seen it appear.
Maybe it didn't get through moderation?]
How many times have I typed in one window
ssh -L 8022:server:22 user1 at gateway
only so that I can type (in another window!)
scp -P 8022 file user2 at localhost:
This is a pain:
* cumbersome
* requires two commands windows
* confuses ssh's host key
2009 Jul 09
0
[PATCH] Allow binding to a local port (OpenSSH 5.2)
OpenSSH supports the -b bind_address argument for binding to a local
IP address when connecting to a remote host.
It's however currently not possible to specify a local port to bind
to, something I've found useful at several occasions.
Below is an unified diff that introduces the [-B bind_port] option to
ssh(1) and a ssh_config(5) style option "BindPort bind_port".
This allows
2006 Feb 04
1
Mixed models and missing p-value...
Dear R-users,
I computed a simple mixed models which was:
mod<-lmer(nb ~ site + (1|patelle),tr)
The output was:
Linear mixed-effects model fit by REML
Formula: nb ~ site + (1 | patelle)
Data: tr
AIC BIC logLik MLdeviance REMLdeviance
1157.437 1168.686 -574.7184 1164.523 1149.437
Random effects:
Groups Name Variance Std.Dev.
patelle
2020 Jun 01
1
[Bug 3176] New: can't figure out how to test StrictHostKeyChecking accept-new
https://bugzilla.mindrot.org/show_bug.cgi?id=3176
Bug ID: 3176
Summary: can't figure out how to test StrictHostKeyChecking
accept-new
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2015 Jul 29
2
[PATCH] ssh: Add option to present certificates on command line
Allow users to specify certificates to be used for authentication on
the command line with the '-z' argument when running ssh. For
successful authentication, the key pair associated with the certificate
must also be presented during the ssh.
Certificates may also be specified in ssh_config as a
CertificateFile.
This option is meant the address the issue mentioned in the following
2002 Aug 13
1
[PATCH] global port forwarding restriction
Here's another patch for people providing ssh access to restricted
environments.
We allow our users to use port forwarding when logging into our mail
servers so that they can use it to fetch mail over an encrypted channel
using clients that don't support TLS, for example fetchmail. (In fact,
fetchmail has built-in ssh support.) However we don't want them connecting
to other places