Displaying 20 results from an estimated 500 matches similar to: "Help with openssh: ssh application writing data > 131071 to socket causing message too long error"
2010 Jul 22
1
remote vs local window discrepancy
I am utilizing an openssh tunnel between two Linux boxes. On the client
box I issue the following commands to set up the tunnel;
- ssh -w0:0 root at x.x.x.x -v where x.x.x.x is the IP address of the Linux
system running sshd
- ip addr add 10.0.5.1/32 peer 10.0.5.2 dev tun0
- ip link set tun0 up
On the box running sshd I issue the following commands:
- ip addr add 10.0.5.2/32 peer 10.0.5.1 dev
2001 Oct 16
1
Defeating Timing Attacks Patch for OpenSSH 2.9.9p2 and 2.9p2
Hello,
In response to the timing analysis attacks presented by Dawn Song et.
al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html
we
at Silicon Defense developed a patch for openssh to avoid such
measures.
Timing Analysis Evasion changes were developed by C. Jason Coit and Roel
Jonkman of Silicon Defense.
These changes cause SSH to send packets unless request not to,
2004 Jul 13
1
channel->input buffer bug and patch
In our work with enabling large windows for openssh we found
1) that if a window > 0x10000 is advertised to openssh's sshd
2) the sshd tries to send more than 0x10000 bytes of data
3) the receiver does not consume them
4) the input buffer will grow larger than the size allowed by buffer.c
and fatal().
We believe the correct behavior is to limit reading into the channel
input buffer to
2007 Jul 26
1
Channel Handling Patch
The current code for channel.c creates an array of Channel structs
(initially set to NULL) which is then iterated through, in full, every
time a channel needs to be dealt with. If only one channel is in use,
which is relatively common, the code still loops through the entire array.
This patch creates a linked list of pointers to these structs and the
code steps through the linked list. Since
2004 Jul 14
1
New dynamic window patch (with limits)
As before, it is described on our website. This should apply fairly
cleanly to both portable and openbsd ssh.
http://www.psc.edu/networking/hpn-ssh/
Only in openssh-3.8.1p1-dynwindow: Makefile
diff -u openssh-3.8.1p1/buffer.c openssh-3.8.1p1-dynwindow/buffer.c
--- openssh-3.8.1p1/buffer.c 2003-11-21 07:56:47.000000000 -0500
+++ openssh-3.8.1p1-dynwindow/buffer.c 2004-07-12 07:49:29.000000000
2005 Jan 19
1
sshd hangs
using openssh-3.8.1p1 from sunfreeware.com on a SunOS XXX 5.8
Generic_117000-03 sun4u sparc SUNW,Sun-Fire-V240.
sshd seems to ignore or miss SIGCLD. this is a rare behaviour we observe
about once per week in a ssh intensive environment.
the process hangs here:
truss:
24453: poll(0xFFBEEF28, 2, -1) (sleeping...)
gcore, mdb:
libc.so.1`_poll+4(b, 0, 0, ffbeef38, 6fc40,
2001 Feb 22
3
intermittent stderr
The command "ssh ls -l /doesnotexist" gives various responses:
Running from a 200 MHz PentiumPro with dsa key added to ssh-agent:
Mistakes worst to fast machine:
To a faster 600 MHz dual processor i686 600 MHz machine:
ls: /doesnotexist: No such file or directory -- correct
nothing at all -- wrong
ls: select: Bad file descriptor -- wrong
2012 Oct 22
1
[PATCH] Implement remote dynamic TCP forwarding
Hi all,
This is a client side only implementation of reversed dynamic (SOCKS) TCP
forwarding, which means it is compatible with any existing servers
have 'remote forward' capability.
To establish such forward, use "ssh -R [BIND_ADDRESS:]PORT ...".
The server will listen on that port and address and accept SOCKS
traffics.
Hope this will be useful for you.
There was an
2001 Oct 06
1
Defeating Timing Attacks
Hello,
In response to the timing analysis attacks presented by Dawn Song et.
al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html
we
at Silicon Defense developed a patch for openssh to avoid such
measures.
Timing Analysis Evasion changes were developed by C. Jason Coit and Roel
Jonkman of Silicon Defense.
These changes cause SSH to send packets unless request not to,
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly:
http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html
<quote>
The paper concludes that the keystroke timing data observable from
today's SSH implementations reveals a dangerously significant amount of
information about user terminal sessions--enough to locate typed
passwords in the session data stream and reduce the
2001 Oct 24
2
disable features
this (uncomplete) patch makes various features compile time
options and saves up to 24K in the resulting
ssh/sshd binaries. i don't know whether this
should be added to the CVS since it makes
the code less readable.
perhaps WITH_COMPRESSION should be added, since
it removes the dependency on libz
-m
Index: Makefile.inc
===================================================================
RCS
2003 Oct 08
4
OS/390 openssh
Hello Steve, Hello OpenSSH-portable developers,
I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe
operating system, and I noticed you do the same for OS/390.
Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2
or some such), I thought it was fair enough to help with a little
co-operation; we might come up with a unified EBCDIC patch which could
be contributed to
2008 Sep 15
0
No subject
hello..
i am running openssh-3.7.1p2. on linux.It is working successfully..and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem.?i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server
?in sshd main
before
2008 Sep 18
2
SSHD_PROBLEM
hello..
i am running openssh-3.7.1p2. on linux.It is working
successfully.and daemon is running &client also connecting.But the
problem is with the mips architecture when i connecting this server
from remote syytem. i got an error of buufer_get:trying to get more
bytes 1 than buffer0.And client is not connecting from remote system.My
out is as follows on my server
in sshd main
before
2000 Aug 23
1
Protocol 2 remote forwarding patch
Hi !
Here's a patch to add remote port forwarding support (protocol 2) for
openssh. I have tried to test that it works like it should but a more
thorough testing is needed. This patch adds both client/server support.
The patch should be applied to openssh-2.1.1p4 source tree.
Also included is a PortForwarding sshd_config option, new ./configure
option --disable-forwarding that should make it
2000 Aug 05
0
Protocol 2 and fork
Hello !
Like Edmund EVANS reported openssh-2.1.1p4 won't fork to background when
using protocol 2.
I managed to hack a little patch that might work ...
What is the -N command line option supposed to do ? I gather it should work
only with protocol2 and without any command to run on the server (and with
some port forwardings ??)
Anyway in the patch I put some code to check that -N is used
2001 Oct 17
3
Bug when flushing data in openssh 2.9
Hi!
I am use SuSe 7.2 x86 and openssh-2.9p1-7.rpm
I got a problem using bitkeeper on my laptop where bitkeeper
reported an I/O error while reading data from 'ssh'.
After much debugging, and some help from the bitkeeper people, I found
out that that clientloop.c doesn't handle interrupts gracefully.
(It died when it got an EAGAIN error when writing to the application)
After applying
2011 Jun 02
2
preauth privsep logging via monitor
Hi,
This diff (for portable) makes the chrooted preauth privsep process
log via the monitor using a shared socketpair. It removes the need
for /dev/log inside /var/empty and makes mandatory sandboxing of the
privsep child easier down the road (no more socket() syscall required).
Please test.
-d
Index: log.c
===================================================================
RCS file:
2010 Jan 14
1
ssh(1) multiplexing rewrite
Hi,
At the n2k10 OpenBSD network hackathon, I finally got some time to clean
up and rewrite the ssh(1) client multiplexing code. The attached diffs
(one for portable OpenSSH, one for OpenBSD) are the result, and they
need some testing.
The revised multiplexing code uses a better protocol between the master
and slave processes and I even bothered to write it up :) It tracks the
control sockets
2000 Jan 07
2
possible clue on tcp forwarding problems
When I encounter the problem with TCP port forwarding locking up, I'll
see this on the client window (if I haven't invoked ssh with -q):
chan_shutdown_read failed for #1/fd6: Transport endpoint is not connected
chan_shutdown_read failed for #1/fd6: Transport endpoint is not connected
This is with Blowfish encryption. I have to kill and restart the client
when this happens.
Phil