similar to: [Bug 2252] New: RekeyLimit breaks ClientAlive

While I was updating our ssh-servers, I rewrote my old patch that adds idletimeout (just like in old ssh1) parameter to openssh. Since reapplying the patch for all new versions of openssh is not fun at all, I would like to have it included in the official openssh, if you consider the patch worthy. Unlike ClientAlive, idletimeout works for both protocol versions. It also works together with

https://bugzilla.mindrot.org/show_bug.cgi?id=2264 Bug ID: 2264 Summary: RekeyLimit option does not allow '4G' value when UINT_MAX is 0xffffffff Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5

Here is my third attempt at the idletimeout patch. I tried to address the points which Marcus Friedl brought up. It is actually bigger than the previous patches, but not as intrusive. It is big because it moves some stuff from serverloop.c to packet.c. - I moved all the logic to packet.c. This means that I also had to move the actual select() call, which used to be in serverloop.c to packet.c.

https://bugzilla.mindrot.org/show_bug.cgi?id=2572 Bug ID: 2572 Summary: dead sessions aren't closed despite ClientAlive enabled Product: Portable OpenSSH Version: 3.7.1p2 Hardware: All OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2279 Bug ID: 2279 Summary: ListenAddress option does not allow IPv6 link-local addresses Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Other Status: NEW Severity: normal Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2170 Bug ID: 2170 Summary: Potential integer overflow Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

Yes, this is a patch against an older version of OpenSSH with other stuff anyways, BUT, it's so TRIVIAL(*), that you can see how it would apply to newer versions (which I've not tried). Here's the gist: server_loop2() has a race condition with respect to reception of SIGCHLD and checking/setting child_terminated. This patch does two things: wait_until_can_do_something() adds a 1

https://bugzilla.mindrot.org/show_bug.cgi?id=2443 Bug ID: 2443 Summary: Bugs intended to be fixed for OpenSSH 7.1 Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous

Greetings, I have a problem with OpenSSH -current and SCO 3.2v4.2, when I execute a remote command or exit from a session, the connection hangs, ( line 326 of serverloop.c). This problem only exists when using ssh2. server side debug (-d -d -d ): debug1: Received SIGCHLD. debug2: channel 0: read failed debug2: channel 0: close_read debug2: channel 0: input open -> drain debug2: channel 0:

https://bugzilla.mindrot.org/show_bug.cgi?id=2451 Bug ID: 2451 Summary: Bugs intended to be fixed in 7.2 Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,

Hi :-) i have try a hang on exit patch that i found in the web for an old openssh version, but it dosent help :-( in a german gdb howto i found a tip that the backtrace output can help to analyse the problem.... is it a solaris problem ? Greetings Frank sshd: #0 0xff19d618 in _poll () from /usr/lib/libc.so.1 #1 0xff14d53c in select () from /usr/lib/libc.so.1 #2 0x000339a0 in

https://bugzilla.mindrot.org/show_bug.cgi?id=2199 Bug ID: 2199 Summary: "Too many authentication failures for root" does not log IP Product: Portable OpenSSH Version: 6.4p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:

http://bugzilla.mindrot.org/show_bug.cgi?id=1056 ------- Comment #2 from djm at mindrot.org 2005-10-30 10:59 ------- hm, I haven't been able to reproduce the hang you have experienced when setting rekeylimit low. Even setting RekeyLimit=16 produces a working session for me. This isn't to say that we shouldn't set a minimum. ------- You are receiving this mail because:

http://bugzilla.mindrot.org/show_bug.cgi?id=1056 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #9 from Damien Miller <djm at

https://bugzilla.mindrot.org/show_bug.cgi?id=2521 Bug ID: 2521 Summary: subtract buffer size from computed rekey limit to avoid exceeding it Product: Portable OpenSSH Version: 6.8p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd

Hi openssh-unix-dev subscribers :) I have found that ServerAliveInterval & ServerAliveCountMax have some bug. Basically the ssh-alive check function (that verify the peer is alive) is called only if no data at all gets into ssh (when it should work only for server channel).I am pretty sure developers know about this ..anyway I have tried to fix this issue. Here is the patch: diff -rNu

https://bugzilla.mindrot.org/show_bug.cgi?id=1390 Summary: RekeyLimit max value is too restrictive Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org

Hello list, I'm not sure whether this is bug worthy or just my own insanity. I'm using 6.4p1 packages from Debian jessie and wheezy-backports. I like VisualHostKey, although it may not add any protection (other than not trusting ones own known_hosts file?), I've become accustomed to it as it seems that extra neurons fire when I log into a host and get a visual cue of what looks like

https://bugzilla.mindrot.org/show_bug.cgi?id=2543 Bug ID: 2543 Summary: Tracking bug for OpenSSH 7.3 release Product: Portable OpenSSH Version: -current Hardware: Other OS: All Status: NEW Keywords: meta Severity: normal Priority: P1 Component: Miscellaneous