similar to: Changes in channel_connect_to

Hi all, This is a client side only implementation of reversed dynamic (SOCKS) TCP forwarding, which means it is compatible with any existing servers have 'remote forward' capability. To establish such forward, use "ssh -R [BIND_ADDRESS:]PORT ...". The server will listen on that port and address and accept SOCKS traffics. Hope this will be useful for you. There was an

Patch is below : diff -nru openssh-3.8.1p1/auth-options.c openssh-3.8.1p1-devs//auth-options.c --- openssh-3.8.1p1/auth-options.c Tue Jun 3 02:25:48 2003 +++ openssh-3.8.1p1-devs//auth-options.c Mon Feb 21 16:56:49 2005 @@ -265,6 +265,81 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is

Hi ! Here's a patch to add remote port forwarding support (protocol 2) for openssh. I have tried to test that it works like it should but a more thorough testing is needed. This patch adds both client/server support. The patch should be applied to openssh-2.1.1p4 source tree. Also included is a PortForwarding sshd_config option, new ./configure option --disable-forwarding that should make it

My port forwarding changes require an authorization (authentication) context in channel_connect_to(). I'd like to change the dispatch_* functions so that they accept an Authctxt * instead of a void * (this parameter is already used this way). In addition, I'd have to pass the authctxt all the way down to channel_connect_to(). As a side effect, it's possible to get rid of the global

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

https://bugzilla.mindrot.org/show_bug.cgi?id=1513 Summary: CIDR address/masklen matching support for permitopen= Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org

I think I've found two minor memory management issues (neither exploitable in any way) in OpenSSH 3.7.1p2 that should probably be addressed. In serverloop.c, function server_input_channel_open(), the ctype variable is a char *, dynamically allocated in packet_get_string. It's xfree'd at the end of the function. However, before that, it's passed to

Hi all, I'm very new in this list, as looking for codes to plug up the lack of functionality of "Protocol 2 Remote Forwardig". Fortunately, I could find it in MARC's archive. Mr. Jarno Huuskonen posted the codes in Sept, last year, and I tried applying it to my FreeBSD box environment. I couldn't apply an original patch, of course, for incompatibility of virsion. The

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

Hi ! Here's an experimental patch for openssh-2.1.1p4 to add support (to openssh client) for -R (protocol 2). So if you have access to a commercial ssh2 server (that allows port forwardings) could you test this patch. (Note the openssh server doesn't have support for -R with protocol 2 so testing with openssh server won't do much good). To test remember to use -o "Protocol

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

Hello, Today I tried using "dynamically assigned" port for remote listener, by requesting listener on port 0. This is supposed to create a listener on a port choosen by server. Everything seemed OK (the choosen port was sent back to client), but forwarding was refused. So I checked the source. in channels.c, function: channel_setup_fwd_listener /* *

Hi, we are using ferret and acts_as_ferret in a single server setup. We have 2 models that use acts_as_ferret. We are running into problems where a create or update of the models cause a ferret error Ferret::FileNotFoundError occured at <except.c>:117 in xpop_context Error occured in fs_store.c:329 - fs_open_input Where the file that needs to be opened isn''t there. The error

https://bugzilla.mindrot.org/show_bug.cgi?id=1552 Summary: Patch to log tunnel information Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: jblaine at

Howdy, After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f) I'm unable to ssh between two systems any more (the two that I've upgraded). I've recompiled from the original source several times, each time with no errors, regenerated host keys, regenerated client keys (using rsa), etc., to no avail. Below are some relevant snippets of debugging output

Is this a known issue? (ignore the pervasive MS-outlook capitalization) Ssh-agent /bin/ksh Ssh-add /root/.ssh/id_rsa Blah blah Ssh -vvv some_server date ... debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: Enabling compression at level 6. debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1:

Ok.. While helping someone else out with a Solaris 6 issue.. I'm noticing something is broken on Solaris 7.. I've not verified it on Linux.. That is my next step. But this is what I'm seeing. I installed the latest CVS snapshot (actually from the Developer's tree but no changes have been made since 21th), compiled, and installed.. and now: ssh localhost "ps -ef" does

We have developed a patch that enables changing the SSH window size using the tcp window size as the source. This allows SSH to obtain maximum use of the bandwidth on high BDP links. We also have a page that describes the changes and performance. http://www.psc.edu/~rapier/hpn-ssh/ The patch against CVS is included here. Common subdirectories: src/usr.bin/ssh/CVS and ssh/CVS diff -u

channel_new() doesn't free remote_name since 2003/05/11 20:30:25 (git commit b1ca8bb) --- ChangeLog | 4 ++++ channels.c | 3 +-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4e6b8b2..8f203aa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20140323 + - [channels.c] Remove wrong channel_new() comment + channel_new doesn't free

Attached is a patch to allow a user to turn on TCP keepalives for port forwarded connections. It's mainly useful when the connections to the ssh listener are coming from many different boxes, some of which crash, leaving the service on the other side of the port forwarder waiting on connections indefinitely. It creates a new option named "KeepAliveForward" to control this behavior.