similar to: problem using sshd inside a LXC container

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory

Note: I am digest subscriber so if you could copy me directly on any reply to the list I would appreciate it very much. I sent this to the OpenSSH list (secureshell at securityfocus.com) yesterday and received no response so I am asking here in hopes that someone else has run across this problem on CentOS. We have encountered a situation that requires sftp access to one of our server by an

https://bugzilla.mindrot.org/show_bug.cgi?id=1960 Bug #: 1960 Summary: Running sshd in wrong SELinux context causes segmentation fault when a user logs in Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: amd64 OS/Version: Linux Status: NEW Severity: minor

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

http://bugzilla.mindrot.org/show_bug.cgi?id=1325 Summary: SELinux support broken when SELinux is in permissive mode Product: Portable OpenSSH Version: 4.6p1 Platform: Other URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430838 OS/Version: Linux Status: NEW Severity: normal

As posted, here is an updated patch which allows openssh to be built with non-selinux config. (Hi openssh guys, forwarding this to you incase you interested including it into the devel version of openssh. Please let us know if you have any suggestions or changes that need to be made) Regards Nigel Kukard On Thu, Sep 02, 2004 at 04:11:54PM -0400, Daniel J Walsh wrote: > New SSH patch. >

Dear ssh gurus, Here's the version I'm testing on : flavien :/$ ssh -V OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 I launch a remote command : flavien$ ssh -o ControlMaster=yes -o ControlPath=/tmp/ssh-control localhost 'echo pid:$$ ...sleeping...; sleep 2803' flavien at localhost's password: pid:11565 ...sleeping... On another shell, I

https://bugzilla.mindrot.org/show_bug.cgi?id=1850 Summary: Build fails when SELinux is enabled Product: Portable OpenSSH Version: 5.7p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

hello i am trying to set up ipsec in my network, for now just between two hosts, using to use AH & ESP in tunnel mode to get all of packet encrypted. keys are negotiated with racoon. mayby using tunnel mode in this case can seems strange, but i know what i am doing. after setting up everything i have done few tests with ping & tcpdump. but the results are very suprising. bellow is what i

Hi all, I have two servers ZEUS (MASTER - 192.168.2.11) and POSEIDON (SLAVE - 192.168.2.12) with HeartBeat+DRBD+SAMBA installed ; HeartBeat is controlling SAMBA. I have a big partition which are mirrored /share. I moved all important directory on it. For example: # mv /var/lib/samba /share/cluster/varlibsamba # mv /var/cache/samba /share/cluster/varcachesamba and I make a link for each one: # ln

Hello everyone, I've look at the latest nightly snapshot but I could find this bug is fixed on the source code. Is there any progression to fix that issue. This bug is open for almost 10 years, come on guys :) >List: openssh-unix-dev >Subject: Re: killing remote commands >From: HAUTREUX Matthieu <matthieu.hautreux () cea ! fr> >Date: 2010-10-21

https://bugzilla.mindrot.org/show_bug.cgi?id=2609 Bug ID: 2609 Summary: OpenSSH_5.3p1 have no prompt when user account expired Product: Portable OpenSSH Version: 5.3p1 Hardware: ix86 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs

On Tue, Apr 9, 2013 at 1:22 PM, Bogdan-Andrei Iancu <bogdan at opensips.org>wrote: > ** > Hi Nick, > > The BYE is not properly formed and rejected by script - in the 200 OK of > the INVITE, you can see that your opensips is doing Record-Routing, but the > BYE does not contain the corresponding Route hdr, so SIP routing is > impossible. > > Regards, > >

I've just upgraded to 1.0a3 via a freebsd port, and I've begun to notice odd behaviour from Dovecot. After converting my config file settings over to the new format, everything runs fine for an hour or so, then dovecot stops responding: oot at toejamfootball# telnet localhost 143 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost.

Hi, the new function ''shorewall show zones'' in 2.2.0-Beta showed a thing which is (in my view) either abug or not documented. If I have a line in /etc/shorewall/hosts which reads work br0:eth0:192.168.2.10,192.168.2.11,192.168.2.12 then "show zones" has the output work br0:eth0:192.168.2.10 br0:192.168.2.11 br0:192.168.2.12 That is, the

Apologies if this is a repeat: I trawled through the archives and couldn't find a reasonable answer, so I'm asking here. I have an Asterisk install connecting from behind a NAT device (DSL modem) to a SIP proxy (in my case, Broadvoice). I have an sjphone softphone on a Windows PC also behind the NAT device that connects to the Asterisk install, and using this setup I've been pretty

. "Saluton", Sorry by my poor english, I speak Portuguese. I does a captive portal using: - shorewall - dhcpd - thttpd (in port 8080) - maradns With Shorewall I use dinamic zones. The initial zone in shorewall is configured to redirects access to internal thttpd port 8080, that shows a login.cgi page. With thttpd I rewrite original url. The apache rewrite is very cool, but thttpd

Hello, I am facing some problems in bridged networking. I have successfully created a bridge br0 and added a virtual machine to it. Now the address of virtual machine is 10.1.3.31. I am able to connect to this virtual machine by another computer on same network. The virtual machine is hosting a simple python http server on port 8000, while some other service is running on port 80 When I try

I've configured OpenSSH_5.3p1 to only allow sftp connections (openssh chroot functionality). i.e. Subsystem sftp internal-sftp Match group sftpusers ChrootDirectory /chroot/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp So far everything works correctly with sftp but when a user ssh's or scp's to the box the login

Hi all, We've run into a curious issue. We run CentOS 6.5 with openssh installed (OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 by default). We connect to this server through sftp (Subsystem sftp internal-sftp) using the java JSch library. When opening many sftp channels on a single ssh session OpenSsh does not seem to release the sftp channels closed from the client side when there are