similar to: Regression in 6.5p1 when using -W option

Hi All. While working on something I noticed a regression failure on Solaris 8. It turned out to be present in -cvs and wasn't due to my changes. One of the tests that fail is basically: ssh -2 -F $build/regress/ssh_proxy 999.999.999.999 true The server reports: sshd[20529]: Disconnecting: Command terminated on signal 11. The culprit seems to be session.c line 1019 or so: snprintf(buf,

I'm not sure if this is useful to anyone, but I made a small patch to include the local IP address that the user connected to in the environment (the opposite of SSH_CLIENT). The variable is called SSH_LOCAL. -Eric -------------- next part -------------- *** openssh-2.9.9p2/canohost.c.bak Sun Jun 24 22:01:24 2001 --- openssh-2.9.9p2/canohost.c Fri Oct 12 16:52:09 2001 *************** ***

Hi, It looks like remote forwarding with SSH v2 is not working on my Solaris machines (and from what I understand from the source, it may not work elsewhere either). When looking at channel_post_port_listener() in channels.c, I found that nextstate was defined as : nextstate = (c->host_port == 0) ? SSH_CHANNEL_DYNAMIC : SSH_CHANNEL_OPENING; And later comes the call : if

https://bugzilla.mindrot.org/show_bug.cgi?id=2200 Bug ID: 2200 Summary: ssh -W causes "getsockname failed: Bad file descriptor" errors Product: Portable OpenSSH Version: 6.5p1 Hardware: All URL: http://bugs.debian.org/738693 OS: Linux Status: NEW Severity:

https://bugzilla.mindrot.org/show_bug.cgi?id=2649 Bug ID: 2649 Summary: Problem with reverse tunnel between SSH client 5.5p1 and SSH server > 6.4p1 Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

On Thu, 26 Feb 2015, Darren Tucker wrote: > I noticed this error log spam on the tinderbox when looking at one of the > failures. It happens with Unix domain socket forwarding is requested: > > debug1: channel 1: new [forwarded-streamlocal at openssh.com] > get_socket_address: getnameinfo 1 failed: ai_family not supported > get_sock_port: getnameinfo NI_NUMERICSERV failed:

https://bugzilla.mindrot.org/show_bug.cgi?id=2202 Bug ID: 2202 Summary: [ DRAFT PATCH ] - FIPS 140-2 patch for OpenSSH 6.5p1 Product: Portable OpenSSH Version: 6.5p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: Miscellaneous Assignee:

The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and still exists in 6.6p1). With HostbasedAuthentication/EnableSSHKeysign turned on, I am seeing one of two sets of messages: no matching hostkey found ssh_keysign: no reply key_sign failed and not a valid request ssh_keysign: no reply key_sign failed Then in either case two password prompts: bowman at HOST.math.utah.edu's

https://bugzilla.mindrot.org/show_bug.cgi?id=1569 Summary: Hostbased auth fails when using a proxy command Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

This is just the first part -- it adds support for correctly reporting incoming connections when there's an external d?mon accepting the connections and invoking 'sshd -i' with them, like inetd does. In later patches I'll extend sshd to listen on a Bluetooth socket (and advertise the service in SDP) for itself, and extend the ssh client to make the connection directly. For now,

I just installed 'openssh-6.5p1' on a Solaris 10 system, and when attempting to 'ssh' anywhere as anybody from the 'root' account, I get a segmentation fault. Debug output as 'root': kraken:/opt/local/src/security/openssh-6.5p1# ./ssh -vvv mimir OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug3: cipher ok:

this (uncomplete) patch makes various features compile time options and saves up to 24K in the resulting ssh/sshd binaries. i don't know whether this should be added to the CVS since it makes the code less readable. perhaps WITH_COMPRESSION should be added, since it removes the dependency on libz -m Index: Makefile.inc =================================================================== RCS

Hi, Here is FIPS 140-2 patch for OpenSSH 6.5p1. Since our expertise in OpenSSH code is limited, request moderators to validate this patch and update as required. Regards, Manish Jagtap

Greetings, In openssh 6.5p1, configure --with-ssl-dir=/usr/local/openssl failed for me because it could not find opensslv.h. This is because that section of the configure hardwires the /usr/local/ssl directory instead of using the --with-ssl-dir value. From configure.ac: .. LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${sa\ ved_LDFLAGS}"

https://bugzilla.mindrot.org/show_bug.cgi?id=2209 Bug ID: 2209 Summary: Problem logging into Cisco devices under 6.5p1 (kexgexc.c) Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2147 Bug ID: 2147 Summary: OpenSSH remote forwarding of dynamic ports doesn't work when you create more than one Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: normal Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=1054 Summary: Nmap Causing SSH Session to Prematurely End Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: Mac OS X Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy:

Hi all, This is a client side only implementation of reversed dynamic (SOCKS) TCP forwarding, which means it is compatible with any existing servers have 'remote forward' capability. To establish such forward, use "ssh -R [BIND_ADDRESS:]PORT ...". The server will listen on that port and address and accept SOCKS traffics. Hope this will be useful for you. There was an

Hello, I am trying to compile openssh v6.5p1 with openssl-1.0.1f and it doesn't seem to find my custom openssl libraries and defaults to the system version. This has been working on all previous openssh version until v6.5. Is this a bug ? More details below: [root at test openssh-6.5p1]# ./configure --prefix=/usr/local/openssh-6.5p1 --with-tcp-wrappers --with-selinux --with-kerberos5

Changes since OpenSSH 6.4 ========================= This is a feature-focused release. New features: * ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange method is the default when both the client and server support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a