similar to: New Subsystem criteria for Match option block in OpenSSH server

Hi all, this is a patch to make Ciphers, MACs and KexAlgorithms available in Match blocks. Now I can reach a -current machine with some Android terminal app without changing the default ciphers for all clients: Match Address 192.168.1.2 Ciphers aes128-cbc MACs hmac-sha1 KexAlgorithms diffie-hellman-group-exchange-sha1 Index: servconf.c

I'm having trouble getting an AGI exec command to spawn app_disa. The script executes properly, but does not spawn DISA. The CLI gives no helpful clues. Am I doing the exec incorrectly? I want to have a way to authenticate callers to the extension by Caller ID... if their caller ID is in my database and set to active, they can call out. [like a calling card but auth'd by CID instead

Here is some code to do authentication by caller ID for DISA through AGI. My original code had a bug in the Mysql query code, and there was a hangup in the wrong place [that's what I get for coding something at 2:00am], but the attached code works correctly. Take note of the REGEXP for the CallerID variable. When I tested the code from the PSTN it worked because there was no name component,

Hi All. For various reasons, we're currently looking at extending (or even overhauling) the config parser used for sshd_config. Right now the syntax I'm looking at is a cumulative "Match" keyword that matches when all of the specified criteria are met. This would be similar the the Host directive used in ssh_config, although it's still limiting (eg you can't easily

This allows the localhost percent-style escapes in arguments to the Include directive. These are useful for including host-specific sshd configuration. --- servconf.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/servconf.c b/servconf.c index 86c2979360c5..daf8f2df15a2 100644 --- a/servconf.c +++ b/servconf.c @@ -1297,7 +1297,8 @@

This allows the localhost percent-style escapes in arguments to the Include directive. These are useful for including host-specific sshd configuration. --- servconf.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/servconf.c b/servconf.c index 5b32f0bfc8db..0bc281784b73 100644 --- a/servconf.c +++ b/servconf.c @@ -1254,9 +1254,10 @@

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

This allows the localhost percent-style escapes in arguments to the Include directive. These are useful for including host-specific ssh configuration. --- readconf.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/readconf.c b/readconf.c index a2282b562df0..ad47d0e9730a 100644 --- a/readconf.c +++ b/readconf.c @@ -1030,7 +1030,8 @@

Hi, About a year and a half ago I brought up the topic of encrypted hostkeys and posted a patch (http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the general reaction seemed receptive to the idea, a few problems were pointed out with the implementation (UI issues, ssh-keysign breakage). I've finally had some spare time in which to get back to this, and I've

On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > The previous revert enabled case-insensitive user names again. This > patch implements the case-insensitive user and group name matching. > To allow Unicode chars, implement the matcher using wchar_t chars in > Cygwin-specific code. Keep the generic code changes as small as possible. > Cygwin:

Using these escapes, the include directive can be crafted to include differing, host-specific configuration. Ronan Pigott (2): Permit %L and %l percent escapes in ssh Include Permit %L and %l percent escapes in sshd Include readconf.c | 16 +++++++++++++--- servconf.c | 17 ++++++++++++++--- 2 files changed, 27 insertions(+), 6 deletions(-) base-commit:

Using these escapes, the include directive can be crafted to include differing, host-specific configuration. Ronan Pigott (2): Permit %L and %l percent escapes in Include Permit %L and %l percent escapes in server Include readconf.c | 16 +++++++++++++--- servconf.c | 21 ++++++++++++++++----- 2 files changed, 29 insertions(+), 8 deletions(-) base-commit:

Hi, I am getting failing tests on both OSX and debian squeeze, but the errors are different. On both my machines, it is commit 7c125886b5862bf20711bae22e6697ad46141434 that breaks the tests. I am using an old(ish) version of ruby: 1.9.3p125, but I don''t think that should matter. The error I get when I test 4.7.0 on OSX 10.7.5: : Finished tests in 0.041678s, 263.9282 tests/s,

Windows usernames are case-insensitive and almost any Unicode character is allowed in a username. The user should be able to login with her username given in any case and not be refused. However, this opens up a security problem in terms of the sshd_config Match rules. The match rules for user and group names have to operate case-insensitive as well, otherwise the user can override her settings

I use OpenSSH server on an embedded arm using GCC7 cross toolchain. I found that spamming connection attempts sometimes causes aborts in sshd. Upon getting this up in gdb I found that the pointer subtraction inside openbsd-compat/{strlcat.c,strlcpy.c} (and maybe elsewhere) causes the 32 bit pointer difference to wrap which triggers the abort because of the -ftrapv option. This example illustrates

On Feb 22 16:02, Darren Tucker wrote: > On Fri, Feb 22, 2019 at 03:32:43PM +1100, Darren Tucker wrote: > > On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > > > The previous revert enabled case-insensitive user names again. This > > > patch implements the case-insensitive user and group name matching. > > > To allow Unicode

This allows users to start an independent instance of unicorn on a the same port as a running unicorn (as long as both instances use :reuseport). ref: https://lwn.net/Articles/542629/ --- lib/unicorn/configurator.rb | 19 +++++++++++++++++++ lib/unicorn/socket_helper.rb | 30 ++++++++++++++++++++++-------- test/unit/test_socket_helper.rb | 8 ++++++++ 3 files changed, 49 insertions(+), 8

https://bugzilla.mindrot.org/show_bug.cgi?id=3666 Bug ID: 3666 Summary: sshd crash Product: Portable OpenSSH Version: 8.2p1 Hardware: Other OS: Linux Status: NEW Severity: critical Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter:

Hello ! 1) I have this error logged by bdrb: undefined method `send_request'' for nil:NilClass framework/packet_master.rb:58:in `ask_worker'' backgroundrb/server/master_worker.rb:59:in `process_work'' backgroundrb/server/master_worker.rb:16:in `receive_data'' backgroundrb/framework/bin_parser.rb:29:in `call'' backgroundrb/framework/bin_parser.rb:29:in

I've tried several times to get superOdoctor to run on this machine, and have had no luck yet. Aside from this error message, # superodoctor ***************************************************************************** Supero Doctor II - Linux version 2.24(060523) Copyright(c) 1993-2006 by Super Micro Computer, Inc. http://supermicro.com/