similar to: OpenSSH NoPty patch

On Tue, 3 May 2016, Rogan Dawes wrote: > Hi Damien, > Thanks for the response! > > I tried moving the StreamLocalBindUnlink directive outside of the Match > rule, and it worked. But that doesn't explain why the Match was not > correctly setting the directive: > > This is running on an alternate port with -ddd: > > debug3: checking match for 'User

Hello, I manage OpenSSH on a dozen or so servers that act as gateways for a large amount of developers and system administrators. On these servers it is common for there to be more than 1000 active X11 forwards active at peak usage. Beyond ~1000 active X11 forwards, sshd will fail to bind additional ports due to a hard coded range check in channels.c that limits the port range that sshd will

Hi, i have written a patch for openSSH 5.8p2 which allows the user to set the local source port. The patch is as follows: diff -rupN openssh-5.8p2//readconf.c openssh-5.8p2-srcport//readconf.c --- openssh-5.8p2//readconf.c 2010-11-20 04:19:38.000000000 +0000 +++ openssh-5.8p2-srcport//readconf.c 2011-07-17 20:57:52.385044096 +0100 @@ -125,7 +125,7 @@ typedef enum { oGlobalKnownHostsFile2,

Hi, I think we should try other AF for "x11_use_localhost" case. --- openssh-3.1p1/channels.c Tue Mar 5 10:57:45 2002 +++ openssh-3.1p1-fix/channels.c Thu May 2 21:26:28 2002 @@ -2356,6 +2356,13 @@ continue; } } +#ifdef IPV6_V6ONLY + if (ai->ai_family == AF_INET6) { + int on = 1; + if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0)

Hello all, I recently have a problem with multiple addresses and address families. Problem is simple, i have some hosts with IPv4 access only and some with IPv6 access. This wouldn't be big problem if I had a stable IP addresses. But sometimes I move to another network with complete different addresses. So I created patch which on option BindAddress accept list of addresses. With ip I solved

Damien, I've filed a bug for this on mindrot as requested, https://bugzilla.mindrot.org/show_bug.cgi?id=1348. Patch attached in case that helps reviewing. Comments welcome, Rob -- Rob Holland <rob at inversepath.com> http://www.inversepath.com - Chief R & D Engineer Inverse Path Ltd, 63 Park Road, Peterborough, PE1 2TN, UK Registered in England: 5555973 -------------- next

On Linux (and others that define DONT_TRY_OTHER_AF) x11_create_display_inet() will only use the first entry returned by getaddrinfo(). When binding sockets to "ANY" this is fine on Linux since a PF_INET6 socket bound to ANY will also include IPv4. However when x11_use_localhost (X11UseLocalhost) is set, this is a problem. getaddrinfo() will then return an AF_INET6 entry with IPv6 address

Hi, I have added calls to `check_ntsec()' to the code which checks for the ownership and modes of identity files and directories. As you might know, check_ntsec() tests if owner/modes are supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem (FAT/FAT32=no, NTFS=yes) and the current Cygwin settings (ntea/ntsec). Corinna Index: auth-rhosts.c

Hi ! I hacked together a couple of patches for Openssh 2.1.1p4 port forwarding. It is a one patch file that does the following two things: First: If the server is configured not to allow port forwardings it sends SSH_SMSG_FAILURE (protocol 1) while openssh client expects SSH_SMSG_SUCCESS. When the client gets the failure it exists with protocol error message. This patch will accept both failure

Hey there, I just replaced long lived Gentoo to a Centos 6.3 on 2 servers. Since the move I had troubles with ssh open sessions. I am connecting from a windows machine via putty and then all of a sudden it saying something about connection closing. The OpenSSH version is: openssh-server-5.3p1-81.el6.x86_64.rpm I tired to configure: tcp_keep_alive TCPKeepAlive yes ClientAliveInterval 240

https://bugzilla.mindrot.org/show_bug.cgi?id=2070 Bug ID: 2070 Summary: OpenSSH daemon PermitTTY option Classification: Unclassified Product: Portable OpenSSH Version: 6.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee:

Dear developers, currently (rev 59060), plot.table and Axis.table do not forward their '...' argument to their calls to axis(). Thus, some graphical parameters (such as col.axis, cex.axis, font.axis) in '...' are ignored (for plot.table: partially ignored [for the x-axis]), which seems to be a minor bug. As a minimal reproducible example, see e.g.:

This issue has been discussed here and elsewhere a fair bit in the past year or so, but to re-address the issue... As of OpenSSH 2.9.something the ability to have an Xauthority located in /tmp was removed, with the following description in the ChangeLog : - markus at cvs.openbsd.org 2001/06/12 21:21:29 [session.c] remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since

Hello, I've set up a cron job to use ssh with a remote forced command to delete the contents of a directory. System A has the cron job and uses a specific key for system B. No command as such is specified since the key on system B specifies 'command=/bin/rm -rf ...'. However, I am getting error messages back from the cron system (or rather from ssh) about it not allocating a tty since

https://bugzilla.mindrot.org/show_bug.cgi?id=1497 Summary: sshd -T doesn't report UsePAM setting Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P5 Component: sshd AssignedTo: unassigned-bugs at

http://bugzilla.mindrot.org/show_bug.cgi?id=164 ------- Additional Comments From yoshfuji at linux-ipv6.org 2002-05-18 09:44 ------- Created an attachment (id=97) Try to set IPV6_V6ONLY if available. Open ::1 and 127.0.0.1 if x11_use_localhost is set. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

To deal with small model string differences that are present on the BestPower FerrUPS 2.1Kva ups, I have the patch below. The change in formatting seams to exist in firmware 9.28 and I think even older firmware. The patch is against the 2.7.1 bestfcom driver. Please pardon any errors in my patch submission has I have only submitted a patch once or twice before. This patch should fix a situation

On 11.3.2013 21:21, Erik de Castro Lopo wrote: >> Error 9 error LNK2001: unresolved external symbol >> _safe_malloc_mul_2op_ >> G:\Programming\flac-1.3.0pre2\src\flac\utf8_static.lib(utf8.obj) flac >> Error 10 error LNK1120: 9 unresolved externals >> G:\Programming\flac-1.3.0pre2\objs\release\bin\flac.exe flac >> >> Error 9 is related to the

Hello, I was trying to build a chrooted sftp account when I faced a problem. The chroot is done with the patch present in the contrib subdirectory in the portable version (I'm under linux slackware current). My problem is that verifying access rights on directories and files are too tight and then I couldn't have the following things : The user sftp, with primary group sftp, is chrooted

Hi, In a mail about two weeks ago, I brought up an idea: --- How SSH makes this easier is that you only have to sync the authorized_keys2 database to root account's .ssh/ every time new admin comes in/leaves the house. This can even be automatized rather easily. A more modular hack would be using authorized_keys2 _directory_, and the keys in there would all be counted as authorized. Thus