similar to: Solaris console problem

I've been giving SSH_ASKPASS a hard look, and it's not clear to me how it's supposed to work. The documentation (ssh.1) seems explicit enough: SSH_ASKPASS If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute

I would like to use ssh-add to unlock a key with a password provided through a web interface. It seems even though ssh-add calls read_passphrase with RP_ALLOW_STDIN at ssh-add.c:173, stdin is not used as a last resort without a valid terminal or display. Is it an intended behaviour ? And if so, what are the security implications of using popen() to write the password to ssh-add (not using echo

We now give an example of how a before_fork hook can be used to incrementally migrate off the old code base without hitting a thundering herd (especially in the "preload_app false") case. Also comment on the per-worker listen usage in the RDoc, not just a hidden comment. --- I just pushed this out earlier, this example was inspired by Chris Wanstrath''s before_fork hook but

Moin, attached is a patch, which adds a new configuration option "PreferAskpass" to the ssh config. ssh{,-add,-keygen,-agent} will use ssh-askpass to prompt for passwords, if this option is set to "yes", and if ssh-askpass is available. Default for "PreferAskpass" is "no". Pacth is against current CVS. Sebastian -- signature intentionally left blank.

Damien, Here's a forwarded bug for you. Cheers, Phil. --[[message/rfc822]] Subject: Bug#52414: ssh-add uses ssh-askpass, but ssh doesn't Reply-To: David Huggins-Daines <dhd at plcom.on.ca>, 52414 at bugs.debian.org Resent-From: David Huggins-Daines <dhd at plcom.on.ca> Resent-To: debian-bugs-dist at lists.debian.org Resent-CC: Philip Hands <phil at hands.com>

Hi, Looks like it is possible to create an infinitely recursive struct type, llvm-as accepts this: %s = type { i32, i8, %s } define %s @foo(%s* %a) { %y = load %s* %a ret %s %y } %s2 = type { i32, %s3} %s3 = type { i8, %s2} declare %s3 @foo2(); Similarly it is doable via the API: create a named struct, create elements where one refers directly to the newly created struct (instead of

The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean

http://bugzilla.mindrot.org/show_bug.cgi?id=81 Summary: ssh cannot use ssh-askspass & passphrases as documented Product: Portable OpenSSH Version: 3.0.2p1 Platform: Sparc OS/Version: SunOS Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've patched my local OpenSSH (currently 2.9p2, but the same patch applies to 3.0.2) to allow the cipher 'none' for both SSH1 and SSH2 connections. With SSH1, there is already code to print a warning that any password you enter will be sent in plain text. However the userauth_passwd() in sshconnect2.c does not have any such warning. I

On Oct 5, 2011, at 4:58 AM, Török Edwin wrote: > Hi, > > Looks like it is possible to create an infinitely recursive struct type, llvm-as accepts this: > %s = type { i32, i8, %s } This should be illegal, and should probably be caught by the verifier. -Chris > > define %s @foo(%s* %a) { > %y = load %s* %a > ret %s %y > } > > %s2 = type { i32, %s3} >

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

Hello, I need to allow for some people to execute ssh with one shared private key for remote executing command on various machines. However, it is not possible to set group permissions for private keys and it is possible to have just one private key file for one user. Please, is it possible to add patches into openssh development tree like these, so that standard behavior of ssh is not changed,

Hi, I was looking around to find a way to connect to a serial console of a guest system. Lucky enough I''ve been told about hvm_serial VM configuration paramater that allows to pass arguments to "-serial" of qemu. Since one doesn''t really know where will the HVM execute, a proxy is needed, so the output of the console can be sent to a proxy, and then a client can

We''re using unicornctl restart with the default before/after hook behavior, which is to reap old Unicorn workers via SIGQUIT after the new one has finished booting. Unfortunately, while the new workers are forking and begin processing requests, we''re still seeing significant spikes in our haproxy request queue. It seems as if after we restart, the unwarmed workers get swamped by

Hi, I am having a problem with the issue of changing the password for an expired user (passed -f <user>). The version of Openssh is 2.9.9p3 compiled with gcc 2.95.3, configured --with-pam. The user can login fine when the password is not expired. Once the password is expired the user is connected and told the password has expired and is asked to change it. The user is prompted for the old

https://bugzilla.mindrot.org/show_bug.cgi?id=2539 Bug ID: 2539 Summary: Add missing sanity check for read_passphrase() in auth-pam.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: PAM support

this line seemed to have been dropped somewhere b/w 3.1 and 3.5 --- openssh-3.5p1/openbsd-compat/readpassphrase.c.orig Tue Sep 10 20:29:13 2002 +++ openssh-3.5p1/openbsd-compat/readpassphrase.c Tue Feb 4 08:30:06 2003 @@ -152,6 +152,7 @@ (void)sigaction(SIGTERM, &saveterm, NULL); (void)sigaction(SIGTSTP, &savetstp, NULL); (void)sigaction(SIGTTIN,

Two ideas, one more controversial than the other. First: auto-killing bloated workers.?My current app has some memory leakage that wasn''t really visible on our older passenger setup, since the auto-scaling meant that bloated workers got killed periodically. In a perfect world, we''d find and patch all of the leaks, but in the meantime (and as a safety net) I''d like to get

Hi, Sorry no core dumps, the sshd programme is perfectly happy just fails to consider changing the password. Cheers, Martyn -----Original Message----- From: Ed Phillips [mailto:ed at UDel.Edu] Sent: 06 November 2001 18:38 To: Roberts,M,Martyn,IVLH4 C Cc: openssh-unix-dev Subject: Re: Solaris 7 changing password via PAM On Tue, 6 Nov 2001 martyn.a.roberts at bt.com wrote: > Date: Tue, 6

(Sorry for the 2nd email Eli, I forgot to reply-all). > I'm not following how explicitly representing the return address of a call in the IR before isel actually solves any relevant issue. We already pass the return address implicitly as an argument to every call; you can retrieve it with llvm.returnaddress if you need it. Unfortunately the @llvm.returnaddress intrinsic does not solve