similar to: [Bug 1211] option BindAddress is ignored by option UsePrivilegedPort

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #4 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:10 EST --- Retarget unresolved

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2130 --- Comment #12 from Damien Miller <djm at mindrot.org> --- Retarget to openssh-6.4 -- You are

https://bugzilla.mindrot.org/show_bug.cgi?id=1211 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #16 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release

Changes since OpenSSH 6.4 ========================= This is a feature-focused release. New features: * ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange method is the default when both the client and server support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a

Hi. Does anyone use UsePrivilegedPort or have ssh(1) setuid, and if so for what use case? ssh(1) has had code in it to support installing setuid root since approximately forever, however OpenBSD has not shipped it in that configuration since 2002 (and I suspect these days no vendor does). As far as I can tell, all of the reasons for this no longer apply: - setuid root was needed to bind to a

On 6 July 2018 at 17:24, Gert Doering <gert at greenie.muc.de>wrote: [...] > I think we have one customer connection where their firewall admin > thinks "it is more secure that way" - read, we can't ssh in if we come > from high ports. > > OTOH, thanks for the pointer with ProxyCommand - it's a very specific > niche problem with a viable workaround, so I

Hello all, I recently have a problem with multiple addresses and address families. Problem is simple, i have some hosts with IPv4 access only and some with IPv6 access. This wouldn't be big problem if I had a stable IP addresses. But sometimes I move to another network with complete different addresses. So I created patch which on option BindAddress accept list of addresses. With ip I solved

https://bugzilla.mindrot.org/show_bug.cgi?id=1995 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org Attachment #2171|

Hi there, Thanks for tinc, firstly. It's awesome. Now, I've found that if I specify: BindAddress = 127.0.0.1 655 Then my tincd cannot make outbound connections (on attempting to connect to another tinc daemon is receives 'Invalid argument'). Removing BindAddress fixes the issue. Unless I've misunderstood the purpose of this option, is this a bug? I'm running v1.0.35 on

https://bugzilla.mindrot.org/show_bug.cgi?id=1685 Summary: ssh attempts v4 connection w/v6 BindAddress setting in ssh config Product: Portable OpenSSH Version: 5.3p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=430 --- Comment #6 from Damien Miller <djm at mindrot.org> 2010-01-04 14:00:26 EST --- Created an attachment (id=1763) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1763) /home/djm/sftp-ro.diff Adds a -R commandline option to disable writes and other filesystem- modifying options. -- Configure bugmail:

https://bugzilla.mindrot.org/show_bug.cgi?id=1903 Summary: bindresvport_sa() does not validate non-zero struct sockaddr * port is within intended range Product: Portable OpenSSH Version: 5.8p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component:

Hi In a nutshell, the BindAddress functionality doesn't seem to work (at least on Solaris 7 when using the fake-gettaddrinfo module provided). I haven't been able to test on other OS versions or using an OS library provided getaddrinfo (such as OpenBSD), but the unless the functionality of getaddrinfo is majorly different, I think this problem would be similar everywhere. The code in

The only thing „localhost“ can talk to is „localhost“ - by definition & independently of tinc. What are you trying to accomplish with that choice? Clemens Von meinem iPad gesendet > Am 17.11.2018 um 21:58 schrieb Jonny Tyers <jtyers at gmail.com>: > > Hi there, > > Thanks for tinc, firstly. It's awesome. Now, I've found that if I specify: > >

https://bugzilla.mindrot.org/show_bug.cgi?id=1981 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2136| |ok+ Flags| | --- Comment #4 from Damien Miller <djm at mindrot.org>

http://bugzilla.mindrot.org/show_bug.cgi?id=441 Summary: should ssh BindAddress apply to LocalForward ports Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

I want tinc to listen locally on loopback, so that port 655 is not exposed on any system interfaces. Can't tinc make outbound connections when listening on loopback? I can't see any reason why it should. This system will never have other tinc daemons connect to it, it will only ever connect to other tinc daemons in order to establish a VPN connection. -- Jonny Tyers On Sat, 17 Nov 2018

http://bugzilla.mindrot.org/show_bug.cgi?id=441 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From markus at openbsd.org 2002-11-22

I just found an old bug report at bugs.digium.com with exactly the same problem. It's really too bad this bug wasn't addressed: http://bugs.digium.com/view.php?id=7315 --- On Fri, 1/9/09, Vieri <rentorbuy at yahoo.com> wrote: > I'm trying to figure out how to reload iax2 (without > breaking existing calls) so it can listen on a new IP > address (like "ip addr

On Sat, Nov 17, 2018 at 11:20:47PM +0000, Jonny Tyers wrote: > I want tinc to listen locally on loopback, so that port 655 is not > exposed on any system interfaces. Can't tinc make outbound connections > when listening on loopback? I can't see any reason why it should. This > system will never have other tinc daemons connect to it, it will only > ever connect to other tinc