similar to: Solaris 8 sshd seg fault with 4.2p1 & PAM

Hello, I found that in the new FreeBSD 9.2 (probably in 10 also) updated OpenPAM sources. The big embarrassment was in pam_get_authtok.c. The problem is that even without a valid SSH login it's possible to know the server's hostname. az at az:/home/az % ssh 1.2.3.4 Password for az at real.hostname.com: Changes made by "des":

http://bugzilla.mindrot.org/show_bug.cgi?id=859 Summary: getaddrinfo(host, "0", &hints, &res) may take extra cycles Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

Hi everyone, I have a repeatable core dump when running dovecot on FreeBSD in the specific scenario described below. Dovecot is linked against MIT kerberos in /usr/local/lib/, whilst PAM is linked against Heimdal in /usr/lib/. My expectation was that dovecot authentication using GSSAPI would use MIT kerberos in /usr/local/lib, whereas PAM authentication is independent from dovecot and would

Hi All. We are planning on doing one of our regular OpenSSH releases (4.6/4.6p1) some time next week. This is a mostly a bugfix release, but there is one new feature: sshd now allows the enabling and disabling of authentication methods on a per user, group, host and network basis via the Match directive in sshd_config. The bugs fixed are: #52 ssh hangs on exit. #1252 sftp returns 0 when

On Sun, Dec 24, 2017 at 9:54 PM, David Newall <openssh at davidnewall.com> wrote: > On 25/12/17 00:11, John Devitofranceschi wrote: >> >> Besides ssh.com?s PrivX product, has anyone created a web service that can >> be used to issue temporary certkeys to authenticated users? >> >> Any pointers appreciated! > > > I expect that what I'm about to

Hi, I tried building the version 4.2p1 on the FreeBSD box. Even if I executed the configure script with --with-rpath and --with-libedit=/path/to/libedit the -R options for libedit are NOT added in linking although that for zlib and OpenSSL are correctly done. This problem can be easily avoided by editing openssh-4.2p1/Makefile after executing the configure script. This means that you

Good day and well met. I'm trying to compile and install openssh-4.2p1 on a Sun Ultra-250 running Solaris 8. It's not happy about something. I've searched the bug list and the mail archives but haven't seen another posting about this. Apologies if there is one and my eyes just slid right over it. I've run a configure with the following options, and with no options at

Hello OpenSSH developers, openssh 4.2p1 breaks old openssh clients up to 3.4p1 when they try to use compression: # ssh-3.4p1 -C remote-host-with-4.2p1 pwd no matching comp found: client zlib server none,zlib at openssh.com option "-vv" shows ... debug2: kex_parse_kexinit: zlib ... debug2: kex_parse_kexinit: none,zlib at openssh.com ... debug2: mac_init: found hmac-md5 no

In an environment where users use smart cards to authenticate on Windows and then use ssh to login to UNIX systems via GSSAPI, it is nigh impossible to renew/refresh the Kerberos credentials in the UNIX session. If the user fails to renew their credentials before they expire, the user is stuck and must log out and log back in to get valid tickets. Meanwhile it is entirely likely that on the

http://bugzilla.mindrot.org/show_bug.cgi?id=1145 vapier at gentoo.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED Summary|cross compiling openssh |cross compiling openssh

There seems to be a change in the logic that sshd uses in selecting interface to bind for LocalForward requests from the client. I have the following setup: ssh client (10.0.0.1) configured with "LocalForward 1080 127.0.0.1:1080" is connecting to sshd server (192.168.0.1). Before installing openssh-4.2p1 sshd would successfully establish a forwarding connection for the client:

http://bugzilla.mindrot.org/show_bug.cgi?id=1131 Summary: buffer_append_space: alloc not supported Error with V 4.2p1 Product: Portable OpenSSH Version: 4.2p1 Platform: Sparc OS/Version: Solaris Status: NEW Keywords: help-wanted Severity: normal Priority: P3 Component: sftp

Dear Openssh Team, I am using openssh 4.2p1 on SuSE 10.2. When ever I run sshd with a port greater than 999 I receive an error on start of sshd of "error: getnameinfo failed". SSHD does seem to run properly it just throws the error. Is there a work-around for this problem or do I just ignore it? Thanks in advance! Paul

Hi, I'm using OpenSSL 0.9.8 with OpenSSH 4.2p1 I can ssh <hostname> and connect successfully. The very next time I get a crash and core file. The next time is successful. The next time a crash. I'm using the authmethod gssapi-with-mic using Windows 2000 as the KDC running ssh and sshd from a Solaris 9 box. Here's the backtrace from the core file: (gdb) bt #0 0xff1ff3d4

Hi, This is to announce the availability of a new version of my GSSAPI key exchange patch for OpenSSH. The code is available from http://www.sxw.org.uk/computing/patches/openssh.html Changes since the last release are: *) Implement GSS group exchange *) Disable DNS canonicalization of the hostname passed to the GSSAPI library - an option is provided to allow this to be overriden on

I see that lots of improvements have happened in cross configure support compared to version 3.8p1 but a couple of problems remain 1) The check that openpty does not reacquire controlling terminal (line 1326 in configure.ac) does not have a default value - I ran the test on my target and checked it was OK but I'm not sure what is the best default for others. 2) The etc_default_login

http://bugzilla.mindrot.org/show_bug.cgi?id=1131 ------- Comment #4 from dtucker at zip.com.au 2006-01-11 23:07 ------- It sounds like either the client is sending a 10MB(!) packet, or there's some bug some other place. Does disabling compression (either by turning it off in the client or setting Compression no in sshd_config) prevent the error? ------- You are receiving this mail

http://bugzilla.mindrot.org/show_bug.cgi?id=1080 Summary: 4.1p1 to 4.2p1 broke UsePrivilegeSeparation on HPUX Product: Portable OpenSSH Version: 4.2p1 Platform: HPPA OS/Version: HP-UX Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org

Howdy, As a note, we now have HPN patch for OpenSSH 4.2 at http://www.psc.edu/networking/projects/hpn-ssh/ Its still part of the last set of patches (HPN11) so there aren't any additional changes in the code. It patches, configures, compiles, and passes make tests without a problem. I've not done extensive testing for this version of openssh but I don't foresee any problems. I

hello, I have just installed openssh 4.2p1 and it seems that sshd child process crash if /var/empty/usr/lib do not exist. Here is a strace log ( before creating this directory): 26787 open("/etc/protocols", O_RDONLY) = -1 ENOENT (No such file or directory) 26787 getsockopt(3, SOL_IP, IP_OPTIONS, "", [0]) = 0 26787 socket(PF_UNIX, SOCK_STREAM, 0) = 6 26787 connect(6,