Displaying 20 results from an estimated 1000 matches similar to: "SCP"
2008 Aug 21
2
IP options
I'm seeing something similar to bug 1179
(https://bugzilla.mindrot.org/show_bug.cgi?id=1179), even with the
reordered IP options check.
For some reason, getsockopt is returning an IP options of length 2,
value 00 00.
Would Mark Weindling's original patch
(https://bugzilla.mindrot.org/attachment.cgi?id=1105) break anything if
I incorporated it?
Platform: HP NonStop S7000 series
2009 Aug 31
1
mput/mget misbehavior
A couple of notes about mget/mput in SFTP (5.1p1).
1. They aren't documented in the SFTP man page
2 They misbehave --
"mput a.txt b.txt" copies a.txt to b.txt on the server
"mput *.txt b.txt" copies the first wildcard match to b.txt on
the server
"mput a.txt b.txt c.txt" copies a.txt to b.txt on the server
"mput a.txt
2016 Aug 09
3
Equivalent ssh_config setting for "ssh -N"
Oops. That's -T. From the man page, it doesn't really look like there's an ssh_config option for -N.
-----Original Message-----
From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org] On Behalf Of Scott Neugroschl
Sent: Tuesday, August 09, 2016 1:04 PM
To: Volker Diels-Grabsch; openssh-unix-dev at mindrot.org
Subject: RE: Equivalent ssh_config
2015 Jul 22
2
Keyboard Interactive Attack?
You need to disable ?ChallengeResponse? (aka keyboard-interactive) authentication, not password authentication, to protect against this attack.
On Jul 22, 2015, at 1:56 PM, Bostjan Skufca <bostjan at a2o.si> wrote:
>
> And to answer your question about what to do, you have three options:
> - disable access to ssh with a firewall
> - disable password authentication
> -
2015 Feb 27
2
remote-remote scp
Hi everyone,
I know scp is kind of the red-headed stepchild of the suite, but I'd like to propose an extension to the syntax for remote-remote passthrough using the "-3" option.
Currently the syntax is essentially
scp -3 [ -P port ] [user@]host1:file [user@]host2:file
This is great, as long as both remotes are on the same port. It causes difficulties if host1 and host2 are not
2015 Jul 22
7
Keyboard Interactive Attack?
I read an article today about keyboard interactive auth allowing bruteforcing.
I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2014 Mar 06
2
Without OpenSSL?
Quoth Iain:
>I'm not sure if the work being done to allow OpenSSH to be built without OpenSSL includes SHA-1 support.
Hi Iain. I haven't heard of this effort before. Can you give a few more details?
Thanks,
ScottN
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2013 Sep 24
1
Port Knocking?
I haven't been keeping up with the internals, I'm afraid. Does OpenSSH have support for Port Knocking?
I might be interested in looking into that, as a way of reacquainting myself with the current code base.
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2017 Apr 21
2
Include for sshd_config
On Thu, Apr 20, 2017 at 11:00 AM, Scott Neugroschl <scott_n at xypro.com> wrote:
>
> On Wed, Apr 19, 2017 at 1:02 PM, navern <livingdeadzerg at yandex.ru> wrote:
>
>> Is there any available tool with this for pre-evaluating the resulting sshd_config for fatal errors? I'm not demanding: I'm thinking "that could be really, really useful".
>
>
2010 Apr 15
4
Limit number of connections per user?
I'm working from modified 5.0p1 codebase.
What I'm looking for is a mechanism to limit the number of simultaneous
connections on a per-user/IP basis.
That is, disallow multiple simultaneous logins/authentication of the
same user from different IP addresses.
e.g.:
fred from 10.1.1.1 - accept
fred from 10.1.1.2 -- reject while fred is still connected from 10.1.1.1
fred from 10.1.1.1 - OK
2008 Jun 10
1
ibuf_empty delayed efd
I'm seeing something unusual in 5.0p1. Let me start by saying that I'm
on kind of an oddball
system (HP NonStop).
What I'm seeing is that at the end of an scp session, the server gets
stuck in a loop.
First I see a shutdown failure, followed by looping on an "ibuf_empty
delayed efd 9/(0)" condition.
This may have to do with some minor semantic differences in the way the
2008 Aug 11
1
dynamic allocation in bsd-poll.c?
I'm wondering about the rationale behind the allocation of the fd_set
for the select() call in bsd-poll.c.
Is there a reason we're dynamically allocating the fd_sets using nmemb,
rather than simply putting three fd_set variables on the stack, followed
by FD_ZERO calls?
This seems to make life more difficult, as evidenced by the "goto out"
statement, needed to free the memory.
2009 Mar 04
1
Yet another "none" request
Does anyone have a patch (doesn't have to be official) to enable the
"none" cipher? I need to examine some wire protocol stuff
----
Scott Neugroschl
XYPRO Technologies
scott_n at xypro.com
805-583-2874 x133
2010 Oct 08
1
IPV6_V6ONLY
Is there a particular reason that sshd sets IPV6_V6ONLY on listen
sockets?
----
Scott Neugroschl
XYPRO Technology Corporation
scott_n at xypro.com
805-583-2874
2018 Apr 13
3
OpenSSH 7.7 t1 script breakage
On 13/04/18 07:59, Josh Soref wrote:
> Randall S. Becker <rsbecker at nexbridge.com> wrote:
>
>> -REGRESSTMP = "$(PWD)/regress"
>> +REGRESSTMP = `pwd`
>>
>> ? tests interop-tests t-exec unit: regress-prep regress-binaries
>> $(TARGETS)
>>
> It looks like the problem is that pwd is in uppercase, not so much the
> distinction between
2013 Jun 04
1
PTY allocation?
I'm running a 5.0p1 derivative SSH server (that for various reasons I
can not upgrade), on a host system that does not support PTYs.
Attempts to connect to that sshd via sftp are failing due to an
inability to allocate a pty. I can't really see a reason that an sftp
session requires a pty. Is this addressed in later versions? Should
I patch my system to avoid even trying to
2015 Feb 06
3
Re: Creating users "on - the - fly"
>> However - as I got into that - I realized that I have no way to "find"
>> just the keys for a single user. Since the only argument to that ssh
>> keys command, is the username. It's not HTTP so I couldn't point at a
>> subdomain and use that to look up the information.
>You may be interested in the bug report "extend the parameters to the
2009 Dec 02
0
ENGINE support?
I'm trying to add an ENGINE to OpenSSH, and am looking at scard.c and
scard-opensc.c as an example.
I have a couple of questions --
1. in both of them, in sc_get_engine(), the returned ENGINE is
declared static, but it's overwritten each call. Is sc_get_engine
intended to be called only once? When is ENGINE_free() called?
2. Where is the returned ENGINE used? Where is
2008 Aug 22
0
REPOST: IP options
[reposted because original was sent in HTML by mistake]
I'm seeing something similar to bug 1179
(https://bugzilla.mindrot.org/show_bug.cgi?id=1179), even with the
reordered IP options check.
For some reason, getsockopt is returning an IP options of length 2,
value 00 00.
Would Mark Weindling's original patch
(https://bugzilla.mindrot.org/attachment.cgi?id=1105) break anything
2008 Sep 23
0
Off-topic question
Has anyone else on this list seen an uptick in fake "delivery failure
notification" spam?
I'm getting them at my return address here, and this is one of the two
places where that address is public.
Thanks
----
Scott Neugroschl
XYPRO Technologies
scott_n at xypro.com
805-583-2874 x133