similar to: "User child pid" logging

Hi! I sent a mail a while ago wondering if it was possible to change the loglevel for the "User child is on pid"-message from debug2 to verbose. It would make it easier to trace a connection in the logs when privilege separation is used and sshd uses the user child pid to report that the connection is closing . Is it possible to change this or would it violate the privacy of the users?

Hi, This diff (for portable) makes the chrooted preauth privsep process log via the monitor using a shared socketpair. It removes the need for /dev/log inside /var/empty and makes mandatory sandboxing of the privsep child easier down the road (no more socket() syscall required). Please test. -d Index: log.c =================================================================== RCS file:

https://bugzilla.mindrot.org/show_bug.cgi?id=2225 Bug ID: 2225 Summary: sshd core dumps when used in high scaled environments. Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-bugs at

I've been trying to cut down the size of openssh so I can run it on my Nokia 770. One thing which helps a fair amount (and will help even more when I get '-ffunction-sections -fdata-sections --gc-sections' working) is to have the option of compiling out privilege separation... Is it worth me tidying this up and trying to make it apply properly to the OpenBSD version? Does the openbsd

Occasionally, we're noticing that sshd is core dumping on our IRIX 6.5.18f machine. The only time we've really noticed it is when users are logging in with putty from offsite (although I'm not really sure it's a client issue). The user manages to log in, sshd apparently core dumps, but the user is not logged out, the privilege separated user is still running their own

Hello Steve, Hello OpenSSH-portable developers, I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe operating system, and I noticed you do the same for OS/390. Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2 or some such), I thought it was fair enough to help with a little co-operation; we might come up with a unified EBCDIC patch which could be contributed to

Hi, About a year and a half ago I brought up the topic of encrypted hostkeys and posted a patch (http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the general reaction seemed receptive to the idea, a few problems were pointed out with the implementation (UI issues, ssh-keysign breakage). I've finally had some spare time in which to get back to this, and I've

Hi, This patch (relative to -HEAD) defines an API to allow sandboxing of the pre-auth privsep child and a couple of sandbox implementations. The idea here is to heavily restrict what the network-face pre-auth process can do. This was the original intent behind dropping to a dedicated uid and chrooting to an empty directory, but even this still allows a compromised slave process to make new

https://bugzilla.mindrot.org/show_bug.cgi?id=2167 Bug ID: 2167 Summary: Connection remains when fork() fails. Product: Portable OpenSSH Version: 5.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

http://bugzilla.mindrot.org/show_bug.cgi?id=225 Summary: Supression of login warning banner for noninteractive commands Product: Portable OpenSSH Version: 3.0.2p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P4 Component: ssh AssignedTo:

There are a couple of niggles with the sandboxing of the unprivileged child in the privsep code: the empty directory causes namespace pollution, and it requires care to ensure that it is set up properly and remains set up properly. The patch below (against the portable OpenSSH, although the patch against the OpenBSD version is very similar) replaces the fixed empty directory with one that is

Hello, The below patch fixes a memory leak I noticed in monitor_read_load() when the child's log pipe is closed. Thanks, Zev Weiss -- diff --git a/monitor.c b/monitor.c index a166fed..6464eec 100644 --- a/monitor.c +++ b/monitor.c @@ -510,6 +510,7 @@ monitor_read_log(struct monitor *pmonitor) debug("%s: child log fd closed", __func__); close(pmonitor->m_log_recvfd);

Hello, we've run a coverity scan on the openssh sources and it found several issues. Although the scan was run on patched rhel sources, some results are applicable to vanilla sources too. * servconf.c:1458:dead_error_line ? Execution cannot reach this statement "*intptr = *intptr + 1;" --- a/servconf.c +++ b/servconf.c @@ -1451,12 +1451,8 @@

Due to difficulties in getting PAM (with krb5) password expiry working consistently on multiple platforms, I'd like to see if I could hack something into auth-krb5.c to do so. Here's a backtrace when stopped in auth_krb5_password: #0 auth_krb5_password (authctxt=0x8e148, password=0x90250 "XXXXXXXX") at auth-krb5.c:270 #1 0x274d8 in auth_password (authctxt=0x8e148,

I tried replacing readpassphrase() for v2.9.9p2 on Sol8 with a different version that just calls getpassphrase(). It appears to solve the echo problem when the user tries to login in interactive mode and needs to change their password. Can anyone else try this with v2.9.9p2 on Solaris? Be sure to add: #define HAVE_GETPASSPHRASE ... to config.h when compiling (since it's not a configurable

Hi, sifting through my system's logs, I noticed many break-in attempts by rogue ssh clients trying long lists of common passwords. For some time now I pondered different approaches to counter these, but could not come up with a solution that really satisfied me. I finally reached the conclusion that any countermeasures required support in sshd itself, and created the attached patch. If

I connect to my OpenSSH 3.8.1p1 server and when the password dialog shoes up I wait a min or so, long enough for the "Timeout before authentication for %s" alarm to trigger. If at that point I enter my password ssh will just sit there: debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad

http://bugzilla.mindrot.org/show_bug.cgi?id=585 ------- Additional Comments From dtucker at zip.com.au 2003-07-07 00:32 ------- dmalloc (http://dmalloc.com/) claims to work on IRIX. It's likely to increase the CPU and memory load, though. I've built with dmalloc on Linux thusly: LDFLAGS=-ldmalloc ./configure && make eval `dmalloc -l /path/to/log high` ./sshd [options]

Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes PAM kbd-int work with privilege separation. Contrary to what I have previously stated - it *does* handle multiple prompts. What it does not handle is multiple passes through the PAM conversation function, which would be required for expired password changing. I would really appreciate some additional eyes over the

Hi All. Attached is a patch that implements password expiry with PAM and privsep. It works by passing a descriptor to the tty to the monitor, which sets up a child with that tty as stdin/stdout/stderr, then runs chauthtok(). No setuid helpers. I used some parts of Michael Steffens' patch (bugid #423) to make it work on HP-UX. It's still rough but it works. Tested on Solaris 8 and