Displaying 20 results from an estimated 200 matches similar to: "fixed: [patch] fix to ForceCommand to support additional arguments to internal-sftp"
2008 Aug 19
1
[patch] fix to ForceCommand to support additional arguments to internal-sftp
Hi,
This patch makes things like ForceCommand internal-sftp -l INFO work
(current code in 5.1 would just end the session). Please consider for
inclusion into mainline.
Michael.
--- /var/tmp/session.c 2008-08-18 21:07:10.000000000 -0700
+++ session.c 2008-08-18 21:12:51.000000000 -0700
@@ -781,7 +781,7 @@
if (options.adm_forced_command) {
original_command = command;
2009 May 18
6
[Bug 1599] New: "ForceCommand internal-sftp" not working as expected
https://bugzilla.mindrot.org/show_bug.cgi?id=1599
Summary: "ForceCommand internal-sftp" not working as expected
Product: Portable OpenSSH
Version: 5.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2012 May 17
2
New Subsystem criteria for Match option block in OpenSSH server
Hello everybody,
I'm a C/C++ consultant working for Ericsson.
I changed the OpenSSH-Portable code to add a new criteria
into the Match sshd_config option read by the sshd server.
The new criteria is "Subsystem"; so a conditional block based
on subsystem client request can now be added to the sshd_config
configuration server file to override settings in its global
section.
2009 Jun 11
6
[Bug 1606] New: internal-sftp does not drop conections properly, it will hang
https://bugzilla.mindrot.org/show_bug.cgi?id=1606
Summary: internal-sftp does not drop conections properly, it
will hang
Product: Portable OpenSSH
Version: 5.2p1
Platform: Itanium
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2007 May 16
2
Disabling ForceCommand in a Match block
Hello,
I am trying to force a command for all users *except* for users in the
"wheel" group. My idea was to do the following in sshd_config:
ForceCommand /usr/bin/validate-ssh-command
Match Group wheel
ForceCommand
But obviously this doesn't work, because ForceCommand requires an
argument. I couldn't find a way to achieve what I want.
I wrote a patch that adds a
2008 Mar 24
1
ForceCommand and NFS-shared home directories
> > On Mar 22, 2008, at 3:32 PM, Chris Wilson wrote:
> >
> >> As I understand the "ForceCommand" in the sshd_confing file is meant to
> >> ignore any command supplied by the client, but if user's home is shared
> >> by server and client machines over network (ex. NFS) then user can
> >> still put something else into ~/.ssh/rc file and
2001 Oct 23
1
Compilation error on Solaris Workshop 6 (+patch)
Hi!
At compilation of the openssh-2.9.9p2 with Solaris WorkShop 6.01 the
following compilation error was given out.
/opt/SUNWspro/bin/cc -Xa -xF -xCC -xildoff -xarch=v9 -xchip=ultra
-dalign -I/usr/include/v9 -D_REENTRANT -xO2 -I. -I.
-I/usr/local/include -DETCDIR=\"/etc/ssh\"
-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
2008 Mar 20
1
ForceCommand and ~/.ssh/rc
Hi,
As I understand the "ForceCommand" in the sshd_confing file is meant to
ignore any command supplied by the client, but if user's home is shared by
server and client machines over network (ex. NFS) then user can still put
something else into ~/.ssh/rc file and overcome this limitation. Is it
possible to disable execution of the ~/.ssh/rc file in such a case?
Thaks,
Mike
2009 Aug 28
8
[Bug 1637] New: Change the context when starting internal-sftp
https://bugzilla.mindrot.org/show_bug.cgi?id=1637
Summary: Change the context when starting internal-sftp
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at mindrot.org
2010 Apr 08
17
[Bug 1750] New: Sftp hangs if stderr is used.
https://bugzilla.mindrot.org/show_bug.cgi?id=1750
Summary: Sftp hangs if stderr is used.
Product: Portable OpenSSH
Version: 5.4p1
Platform: Other
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: jchadima at
2007 Feb 13
0
[Bug 1284] allow sftp when rlogin=false
http://bugzilla.mindrot.org/show_bug.cgi?id=1284
Summary: allow sftp when rlogin=false
Product: Portable OpenSSH
Version: v4.5p1
Platform: Other
OS/Version: AIX
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at
2001 Aug 13
0
Latest won't compile under Solaris 8
Here the setup:
# cat ecn
rm config.cache
CC="cc -O -xarch=v9" ./configure \
--prefix=/opt/openssh \
--sysconfdir=/var/ssh \
--with-rsh=/usr/local/etc/rsh \
--with-ipv4-default \
--with-ssl-dir=/usr/local/ssl \
--with-pam \
--with-ipaddr-display \
--with-pid-dir=/var/ssh
ALthough I have tried several different configs, all
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful
in an environment where users do not have a regular shell login.
It allows you to selectively disable certain features on a
system-wide level for users with a certain shell; it also allows
you to control and audit TCP forwarding in more detail.
Our system is an email server with a menu for the login shell;
we selectively allow port
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2681
Bug ID: 2681
Summary: postauth processes to log via monitor
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2017 Jun 16
2
[PATCH] allow relative path in streamlocal forwarding
When forwarding a Unix-domain socket, the remote socket path must be
absolute (otherwise the forwarding fails later). However, guessing
absolute path on the remote end is sometimes not straightforward,
because the file system location may vary for many reasons, including
the system installation, the choices of NFS mount points, or the
remote user ID.
To allow ssh clients to request remote socket
2002 Jan 26
7
[PATCH] Added NoDelay config option and nodelay subsystem option
Hello again!
Since there was some resistance against adding TCP_NODELAY uncontionally,
I've made another patch. The new patch contains the following:
* Added a NoDelay yes/no (default no) config option to ssh and sshd
* Added -oNoDelay=yes to the ssh command line for sftp.
* Changed the sshd subsystem config option syntax from
Subsystem name path
to
Subsystem name options path
2002 May 09
0
functions : server_input_channel_req userauth_pubkey
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
I am not sure if this is the correct place to ask these question,
if I am at the wrong place please advise.
I am currently working on some modifications to openssh
which record the users rsa/dsa identity comment file to
a log file when the user logs in (password authentication
is disabled).
The ssh1 portion of the modification works
2008 Apr 21
3
FIPS 140-2 OpenSSL(2007) patches
Hi,
I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with
FIPS 140-2 OpenSSL.
These are based on previously reported patches by Steve Marquess
<marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>,
for ver. OpenSSH 3.8.
Note that these patches are NOT OFFICIAL, and MAY be used freely by
anyone.
Issues [partially] handled:
SSL FIPS Self test.
RC4,
2007 Dec 20
1
ForceCommand - Subsystem
Hi All
First of all apologize for my bad English ? it is not my native language.
I'm using ssh for my everyday work. And I have noticed strange behaviour
in sshd daemon.
In sshd_config file there is option ForceCommand, and if I'm making sftp
connection it look like command is also executed, I receive error
message and connection is lost. In my opinion ForceCommand should not be