similar to: Multiple log entries for successful pubkey authentication

Hi all. As Corinna pointed out, there are some cases where sshd will log some authentications twice when privsep=yes. This can happen on any platform although it seems most obvious on the ones that don't do post-auth privsep. It also occurs when sshd logs to stderr (eg running under daemontools) or when you have a /dev/log in the privsep chroot. The patch below attempts to solve this for

http://bugzilla.mindrot.org/show_bug.cgi?id=1011 ------- Comment #4 from djm at mindrot.org 2006-07-12 07:43 ------- Is this still the case? (try a current snapshot from http://www.mindrot.org/openssh_snap) Darren fixed some bugs in this area back in May ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1011 Summary: Multiple log entries for successful pubkey authentication Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at

On Jan 26 22:00, Nico Kadel-Garcia wrote: > On Sat, Jan 26, 2019 at 6:30 PM Corinna Vinschen <vinschen at redhat.com> wrote: > > > > On Jan 26 18:12, Nico Kadel-Garcia wrote: > > > On Sat, Jan 26, 2019 at 5:07 PM Corinna Vinschen <vinschen at redhat.com> wrote: > > > > > > > > Microsoft hijacked the sshd service name without asking. >

On Aug 13 13:19, Corinna Vinschen wrote: > On Aug 10 11:16, Damien Miller wrote: > > Hi, > > > > OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > > Problems building on Cygwin, partially a result of a new GCC version. > I'm still collecting and fixing. I

On Jan 26 18:12, Nico Kadel-Garcia wrote: > On Sat, Jan 26, 2019 at 5:07 PM Corinna Vinschen <vinschen at redhat.com> wrote: > > > > Microsoft hijacked the sshd service name without asking. > > How many people use the SSH daemon from Cygwin, versus using only the > client? I did some work with the daemon with rsync and tar, trying to > link it to Linux backup

On Mar 13 10:53, Darren Tucker wrote: > On Wed, 13 Mar 2019 at 00:59, Corinna Vinschen <vinschen at redhat.com> wrote: > [...] > > Great idea. I just built and tested it. Please go ahead. > > Applied, thanks. > > > What about my other patch to contrib/cygwin/ssh-host-config? > > The last message I have said "The commit message isn't quite right,

Attached is a patch which adds a new config option, AuthOrder2, to sshd_config.c. The syntax is: AuthOrder2 AuthMethod1[:SubAuthMethod1[:SubAuthMethod2...]][,AuthMethod2...] An example, requiring users to enter a public key _and_ a password, in that order: AuthOrder2 publickey:password The current default behaviour: AuthOrder2 password,publickey,keyboard-interactive Require a public key,

Quite a few changes here, please test. http://www.mindrot.org/misc/openssh/openssh-SNAP-20000916.tar.gz -d 20000916 - (djm) New SuSE spec from Corinna Vinschen <corinna at vinschen.de> - (djm) Update CygWin support from Corinna Vinschen <vinschen at cygnus.com> - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. Patch from Larry Jones <larry.jones at

Hi, I have a problem with a Linux box which I updated from 2.5.2p2 to 2.9p2 recently. It's running a tunnel started via inittab using a script which starts ssh -2 -N -o 'ConnectionAttempts 3600' -L <tunnel> $host This has run reliable with 2.5.2 over the last months. Now, after I have upgraded to 2.9p2, the tunnel is closed right after each attempt of an application to use

On 24 March 2018 at 03:03, Corinna Vinschen <vinschen at redhat.com> wrote: [...] > session opened for local user corinna from [UNKNOWN] > received client version 3 > debug2: Permitting whitelisted realpath request > debug3: request 1: realpath > realpath "." > debug1: request 1: sent names count 1 > Refusing non-whitelisted statvfs request >

Hi, as the subject says, the below patch just simplifies the host key generation in the Cygwin-specific ssh-host-config script. Rather than testing and generating each key, call ssh-keygen -A. Could somebody with checkin rights please apply? Thanks, Corinna Index: contrib/cygwin/ssh-host-config =================================================================== RCS file:

Hi, the Cygwin specific workaround to sleep a second in daemon() isn't needed anymore. We can eliminate it from the OpenSSH sources. Index: daemon.c =================================================================== RCS file: /cvs/openssh_cvs/openbsd-compat/daemon.c,v retrieving revision 1.1 diff -u -p -r1.1 daemon.c --- daemon.c 2001/01/31 21:52:03 1.1 +++ daemon.c 2001/08/30 08:41:39 @@

On Mar 12 11:32, Darren Tucker wrote: > On Fri, Feb 22, 2019 at 10:29:46AM +0100, Corinna Vinschen wrote: > > On Feb 22 16:02, Darren Tucker wrote: > [...] > > > How's this? If we push the match_usergroup_pattern_list() function up > > > to OpenBSD it should mean most future diffs will apply cleanly. > > > > I like this a lot. > > > >

On Mar 7 02:14, Damien Miller wrote: > On Wed, 6 Mar 2024, Corinna Vinschen wrote: > > > Hi Damien, > > > > On Mar 5 11:24, Damien Miller wrote: > > > > > > Hi, > > > > > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > > > on as many platforms and systems as possible. This is a bugfix release.

Hi, as it turned out on the Cygwin mailing list, the special handling of empty password in auth-passwd.c when running under Windows NT results in problems. Cause: The authentication methode "none" calls auth_password() with an empty password. A piece of HAVE_CYGWIN code allows empty passwords even if PermitEmptyPasswords is set to "no". This in turn results in calling

Hi, the following patch checks if OpenSSH is running under a Cygwin version >= 1.3.2 which allows switching user context without password. Otherwise sshd allows changing the user context only if password authentication is used as it was before. Corinna Index: openbsd-compat/bsd-cygwin_util.c =================================================================== RCS file:

Hello Darren, Could you comment on this issue being raised by myself and Corinna Vinschen? This will create big problems for me. I'm not clear if this is a conscious decision supported by solid reasons or if it is just collateral damage. Thank you for all you work! Jack DoDDs -------- Original Message -------- Date: Mon, 27 Mar 2017 16:31:03 +0200 Subject: Re: Announce: OpenSSH 7.5

Hi, the following patch is needed on Cygwin to link OpenSSH against OpenSSL 0.9.7 Corinna Index: configure.ac =================================================================== RCS file: /cvs/openssh_cvs/configure.ac,v retrieving revision 1.97 diff -u -p -r1.97 configure.ac --- configure.ac 9 Jan 2003 01:22:59 -0000 1.97 +++ configure.ac 9 Jan 2003 22:12:43 -0000 @@ -84,6 +84,7 @@ case

Hi, the following patch by Pierre A. Humblet <Pierre.Humblet at ieee.org> allows to use more than one uid on 9x/Me boxes which is currently blocked due to the behaviour of Cygwin's security code. After this patch is applied to sshd, we can safely change the affected code in Cygwin. Thanks, Corinna Index: session.c ===================================================================