Displaying 20 results from an estimated 600 matches similar to: "ssh client and privileged ports"
2002 Jul 04
1
[PATCH]: Remove HAVE_CYGWIN in favor of NO_IPPORT_RESERVED_CONCEPT
Hi,
I've sent that patch once already but it seems more or less forgotten
in the tumultuous days of the latest vulnerability.
It adds a new define NO_IPPORT_RESERVED_CONCEPT which can be defined
on platforms not supporting the concept of "privileged" ports only
accessible by privileged users but which allow everyone to use these
ports.
This patch removes some Cygwin dependencies
2004 Aug 05
1
LocalForward and RemoteForward bind patch
FINALLY, it's here.
You can now tell SSH which address to bind to for every single port
forwarding option! This patch allows you to pass the following as ssh
command line options:
ssh -L 192.168.1.55:1234:localhost:80 -R ::11:22:aa:bb/80/localhost/80
etc.
Or as normal config file options:
LocalForward ::11:22:33/1234 localhost/80
RemoteForward 1.2.3.4:80 localhost:80
It will also
2009 Oct 21
1
Patch to fix dynamic -R forwarding when not root
Hi!
Sorry if this has already been reported or even fixed, I didn't search
very thoroughly. Here's a patch to make dynamic -R remote port
allocation work even when not connecting as root. Without the patch I
got that "Server has disabled port forwarding." message visible in the
patch.
OpenSSH version I'm using is openssh-5.2p1, compiled from official
source package,
2002 Jun 07
4
openssh for UWIN
I am enclosing a context diff of the changes that I made to get
openssh working on UWIN. UWIN is a UNIX operating system layer
that runs on Win32 systems. For more information on UWIN
go to http://www.research.att.com/sw/tools/uwin/.
I also ran configure using -with-cppflags=-D_BSDCOMP=2. I don't
know where that information would go with the source code.
Let me know if you need more
2008 Aug 12
0
IPPORT_RESERVED
FreeBSD doesn't have a fixed range of reserved ports, although it still
has IPPORT_RESERVED for compatibility; instead, the last reserved port
number is indicated by the net.inet.ip.portrange.reservedhigh sysctl,
which defaults to IPPORT_RESERVED - 1.
The attached patch modifies add_local_forward() to use this sysctl
instead of IPPORT_RESERVED on FreeBSD.
DES
--
Dag-Erling Sm?rgrav - des at
2012 May 03
5
[PATCH/RFC 0/6] New mux client request to list open tcp forwardings.
These patches implement a new mux client request to list the currently opened
TCP forwardings. It also removes some todos regarding keeping the list
of forwardings in the options up-to-date.
Bert Wesarg (6):
attach the forwarding type to struct Forward
merge local and remote forward lists
generate unique ids for forwardings to be used for identification
remove closed forwardings from
2001 Feb 10
3
Protocol 2 remote forwarding patch
Hi all,
I'm very new in this list, as looking for codes to plug up the lack of
functionality of "Protocol 2 Remote Forwardig".
Fortunately, I could find it in MARC's archive. Mr. Jarno Huuskonen
posted the codes in Sept, last year, and I tried applying it to my
FreeBSD box environment.
I couldn't apply an original patch, of course, for incompatibility of
virsion. The
2001 Apr 12
1
ssh not using priv port if target prot not priv
The openSSH ssh command appears to not use a source privileged port
(no matter what the options/configs) if the target port
isn't a privileged port.
For example:
ssh -p 22222 foo.ucla.edu
would never try to connect from a privileged port. Even with
useprivilegedport=yes. This disallows .shosts RSA host authentication
without a password.
This breaks compatability with ssh-1.2.27 and
2001 Dec 05
1
permitopen for -R connections?
It looks like there is good support for limiting connections on the
server side when the client uses the -L flag. What about support for
server side connections (listens) when the client uses the -R flag?
I am looking for an equivalent to permitopen that says what ports are
valid for the remote host when using the -R flag. As it sits now, an
unscrupulous ssh user can bind to any port above 1024
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful
in an environment where users do not have a regular shell login.
It allows you to selectively disable certain features on a
system-wide level for users with a certain shell; it also allows
you to control and audit TCP forwarding in more detail.
Our system is an email server with a menu for the login shell;
we selectively allow port
2000 Aug 23
1
Protocol 2 remote forwarding patch
Hi !
Here's a patch to add remote port forwarding support (protocol 2) for
openssh. I have tried to test that it works like it should but a more
thorough testing is needed. This patch adds both client/server support.
The patch should be applied to openssh-2.1.1p4 source tree.
Also included is a PortForwarding sshd_config option, new ./configure
option --disable-forwarding that should make it
2003 Aug 12
1
[PATCH] Minor nit: -D is now "socks" not "socks4"
Hi all.
I was getting something working over socks5 and was trying to figure out
why it kept using socks4. It wasn't, it was just a misleading debug
message....
Patch applies to either OpenBSD or Portable.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
2011 Sep 08
1
Dynamic port remote listener - a BUG?
Hello,
Today I tried using "dynamically assigned" port for remote listener, by
requesting listener on port 0. This is supposed to create a listener on a
port choosen by server. Everything seemed OK (the choosen port was sent back
to client), but forwarding was refused. So I checked the source.
in channels.c, function: channel_setup_fwd_listener
/*
*
2016 Jul 22
2
Call for testing: OpenSSH 7.3
On Fri, Jul 22, 2016 at 12:05:53PM +0200, Corinna Vinschen wrote:
[...]
> This version doesn't build on Cygwin anymore. The reason is that
> various configure tests fail.
>
> The culprit is the new definition of IPPORT_RESERVED to 0 in configure.ac.
Sigh.
How about putting it in defines.h instead? includes.h includes
netinet/in.h from whence the definition of IPPORT_RESERVED
2014 Feb 21
0
Failed cleanup on peer probe tmp file causes volume re-initialization problems
Hi everybody,
This is more of a part of a larger wishlist:
I found out that when a peer probe is performed by the user,
mgmt/glusterd write a file named after the hostname of the peer in
question. On successful probes, this file is replaced with a file named
after the UUID of the glusterd instance on the peer, while a failed
probe causes the temp file to simply get deleted.
Here's an
2010 Mar 06
0
Failure joining to Samba 3.4.5 Domain
Hello,
I am attempting to join a Windows 7 computer to a Samba 3.4.5 I setup. When
I attempt to join the domain the Windows 7 computer says: "A device attached
to this system is not functioning." There are no obvious errors in the
system logs on the Windows 7 machine or the samba PDC.
I can browse/map a drive to the PDC and access the files.
Does anyone know what is going on?
*
2000 Aug 15
0
Experimental -R support patch for openssh client
Hi !
Here's an experimental patch for openssh-2.1.1p4 to add support
(to openssh client) for -R (protocol 2).
So if you have access to a commercial ssh2 server (that allows port
forwardings) could you test this patch.
(Note the openssh server doesn't have support for -R with protocol 2 so
testing with openssh server won't do much good).
To test remember to use -o "Protocol
2010 Jan 14
1
ssh(1) multiplexing rewrite
Hi,
At the n2k10 OpenBSD network hackathon, I finally got some time to clean
up and rewrite the ssh(1) client multiplexing code. The attached diffs
(one for portable OpenSSH, one for OpenBSD) are the result, and they
need some testing.
The revised multiplexing code uses a better protocol between the master
and slave processes and I even bothered to write it up :) It tracks the
control sockets
2000 Jan 19
3
AIX openssh patches
I have a few patches for AIX. The patchfile is attached below. The patch
has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25,
with openssl-0.94, using RSAref.
1) authenticate support - this function allows the system to determine
authentification. Whatever the system allows for login, authenticate
will too. It doesn't matter whether it is AFS, DFS, SecureID, local.
2013 Dec 19
3
[Bug 2189] New: Client fails to consider hostname when matching rfwd channel opens
https://bugzilla.mindrot.org/show_bug.cgi?id=2189
Bug ID: 2189
Summary: Client fails to consider hostname when matching rfwd
channel opens
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: All
Status: NEW
Severity: minor
Priority: P5
Component: ssh