similar to: Risk of StrictMode (but read only)

I'd like to propose a couple of tweaks to ssh-copy-id: o Change the default ID_FILE from identity.pub to id_dsa.pub or perhaps {id_dsa,id_rsa,identity}.pub to cover all the bases, although the patch below deals only with id_dsa.pub - it would need some more tweaking to deal with more than one (possibly non-existent) file. o If the destination authorized_keys file already contains the

I would like to suggest a logging enhancement that would contribute greatly to access auditing. Currently nothing is logged when a user connects to another server as a different user. The auditing trail is broken for tracing access. userA> ssh userB at hostB A simple syslog addition (for example) to ssh.c closes that gap. /* Log into the remote system. This never

Greetings, I have compiled OpenSSH-3.6.1p2 on SCO 3.2v4.2 and the following problem occurs: I am unable to login as root using when strictmode is set to yes. output of debug: Failed none for root from 192.168.1.1 port 1199 ssh2 debug1: userauth-request for user root service ssh-connection method publickey debug1: attempt 1 failures 1 debug2: input_userauth_request: try method publickey debug1:

Please consider adding the following features to sshd: 1. AlwaysDenyLogin - a setting that will result in always denying login regardless of the credentials given by the client. 2. LoginDelayTime - to specify a delay in milliseconds before the server responds to a client's login attempt. These would help to employ brute force bots. Regards

IF ssh is a replacement for rlogin,rsh etc I can accept it respecting rlogin=false as rlogin does and rsh does not, however scp is a replacement for rcp, and rcp does NOT use rlogin attribute, so the implementation is NOT standard as scp fails if rlogin=false, but rcp succeeds, as documented. thanks mark

https://bugzilla.mindrot.org/show_bug.cgi?id=1550 Summary: Move from 3DES to AES-256 for private key encryption Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: ssh-keygen AssignedTo:

First, all credit to Vladimir Parkhaev as this is his code. He may have submitted this before for all I know, but I for one definitely would like to see this end up in the codebase, so I'm submitting it. *** openssh-5.1p1/serverloop.c Fri Jul 4 09:10:49 2008 --- openssh-5.1p1-RCFHACKS/serverloop.c Thu Jan 29 08:56:11 2009 *************** *** 957,962 **** --- 957,968 ---- c =

Hi, After FreeBSD changed from using -O2 to using -O on their ARM port, I found that sshd stopped working. (gcc version 4.2.1 20070719 [FreeBSD]) I have downloaded openssh-SNAP-20080220.tar.gz and the code still look the same. Anyway looking into it, I found that the problem is in monitor_fdpass.c in the functions mm_send_fd and mm_receive_fd. Using -O2 used to align the tmp array on a 4 byte

Hi, I had developed a program which spawns a shell where i am trying to use ssh commands to log into a linux server. There is a pop up dialog window which is prompting me for key-ing the password. Actually i want to get rid of this pop up dialog box, as i don't want this to be visible in my program/code execution. Could you please let me know is there any way to resolve and stop this

How difficult would it be to enhance the client ssh_config file to allow command-based declarations similar to that provided by the "Host" keyword? The main reason I need something like this is when ssh is used via CVS and Subversion. I want all CVS/Subversion traffic to use a different SSH port and different authentication options. So... you might have an ssh_config file that

x11-ssh-askpass version 1.2.4 (code name: Boudin) is now available from the following locations: http://www.poboxc.com/~jmknoble/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH <http://www.openssh.com/> under the X Window System. Significant changes since version 1.2.2 include: - Minor

x11-ssh-askpass version 1.2.4 (code name: Boudin) is now available from the following locations: http://www.poboxc.com/~jmknoble/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH <http://www.openssh.com/> under the X Window System. Significant changes since version 1.2.2 include: - Minor

Greetings, This request is in the grey area between a bug report and an enhancement request. Request ------- Please apply the following diff (or something functionally similar) to file ``match.c'' in OpenSSH-5.1p1: 161a162,164 > } else { > if (negated) > got_positive = 1; /* Negative match, negated = Positive */ In case the lines above wrapped in the email

Dear all, I have enhanced scp to do the following. 1) Check the SHA1 checksums of the file fragments at the source and destination and resume file transfer from where it left off last time 2) If the file checksums match and size also matches, then the file is assumed to be identical and skipped, the user is also informed of the same 3) If the destination file size is larger than the source,

Hello, I'm running a sshd server using the -e flag so that I can capture its whole output and later send it to the user. I'm also setting LogLevel to DEBUG1 in the configuration file and I don't want to disturb syslogd. But the problem is that it doesn't work as expected (or as I expect, which I think should be the correct behavior). The log file ends up being empty because the

Appologise if this did make it to the list but I just subscribed and didn't see it come back... I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything seems to be working (not quite smooth sailing - I had to resort to precompiled RPM for OpenSSL). I did however get it "working." I generated a host key as root and then changed back to joe-user. I created a key for

I would like to put a patch in OpenSSH start lbxproxy on the server if both ends of the connection support LBX. I'm having difficulty figuring out where to put this code, specifically I can't seem to find where the X11 handshaking happens. Could someone help me out on this?? -Carl

http://bugzilla.mindrot.org/show_bug.cgi?id=219 ------- Additional Comments From dtucker at zip.com.au 2003-06-28 14:52 ------- Created an attachment (id=340) --> (http://bugzilla.mindrot.org/attachment.cgi?id=340&action=view) Change authorized_keys description. How about something like the attached? Or should this bug be closed as WONTFIX? ------- You are receiving this mail

I need ssh-add to fail cleanly if it tries and fails to read a key, rather than prompting the user. I can't seem to figure out how to do that. This is on a Linux 2.6.26 system, running OpenSSH 5.1p1 (as built on debian lenny/sid) First, the things i've tried: * i've unset the DISPLAY and SSH_ASKPASS environment variables, so no X11-style prompting should happen. * i've

https://bugzilla.mindrot.org/show_bug.cgi?id=69 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Alias| |generalised-askpass -- Configure bugmail: