similar to: right match rule for port and address in sshd_config

https://bugzilla.mindrot.org/show_bug.cgi?id=3763 Bug ID: 3763 Summary: Clarify Match criteria in sshd_config(5) Product: Portable OpenSSH Version: 9.9p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Documentation Assignee: unassigned-bugs at

I found that the documentation for -L and -R was hard to understand. So I made some changes to try to make it clearer. I started with Revision 1.328 from http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.1 Comments welcome. ================ ssh.1.patch ================ --- ssh.1 2012/09/15 16:08:48 1.1 +++ ssh.1 2012/09/15 20:23:35 @@ -51,13 +51,13 @@ .Op Fl F Ar configfile .Op Fl I

Greetings All, I have a ssh server which allows sftp connections from the Internet while ssh connections from within the local net, here is the config: Code: Port 11111 Port 11113 Protocol 2 LogLevel DEBUG

http://bugzilla.mindrot.org/show_bug.cgi?id=413 Summary: Port forwarding: [localhost:]localport:remotehost:remoteport Product: Portable OpenSSH Version: older versions Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:

Without an assigned source port, Transmit function assign a random new source port to the packet being sent. It thus have to be set before calling Transmit if the source port have already been decided. Conversly, we have to save the assigned port to reuse it later if needed. Resolve bug #35. Signed-off-by: Celelibi <celelibi at gmail.com> --- efi/udp.c | 18 ++++++++++++++++++ 1 file

Hi , I have the following requirement . other than following users, any other user sshd connection should be redirected to 2024 instead of port 22. root, ftp, guest So ssh root at ip // should be sent to sshd running at port 22 ssh otheruser at ip // should be sent to sshd running at port 2024 I know that we can do something like this: ssh -o ProxyCommand='ssh -W localhost:2024 cliuser

On Thu, Nov 28, 2013 at 9:47 PM, Gene Cumm <gene.cumm at gmail.com> wrote: > On Thu, Nov 28, 2013 at 9:34 PM, Celelibi <celelibi at gmail.com> wrote: >> Without an assigned source port, Transmit function assign a random new >> source port to the packet being sent. It thus have to be set before >> calling Transmit if the source port have already been decided.

Hello everybody, I'm a C/C++ consultant working for Ericsson. I changed the OpenSSH-Portable code to add a new criteria into the Match sshd_config option read by the sshd server. The new criteria is "Subsystem"; so a conditional block based on subsystem client request can now be added to the sshd_config configuration server file to override settings in its global section.

http://bugzilla.mindrot.org/show_bug.cgi?id=1364 Summary: default for ChallengeResponseAuthentication doesn't match sshd_config Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hello Portable OpenSSH Team! I recently read the man-page of sshd and found: The Match-Statement. Which maybe could solve the problem i have. (Get freeNX running on my UbuntuBox and connect to it with the Windows-Client just using PublicKey Authentication ) But unfortunately the documentation of the Match-Statement refers to the PATTERN section, which is non existent :-( After a little bit of

https://bugzilla.mindrot.org/show_bug.cgi?id=2184 Bug ID: 2184 Summary: sshd_config Match block clarification Product: Portable OpenSSH Version: 6.4p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1587 Summary: [man] sshd_config(5) provide examples of keyword 'Match' Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Other Status: NEW Severity: enhancement Priority: P2 Component: Documentation

Hi, the attached patch implements adding and canceling of remote port forwardings by communicating with a running ssh client via a control socket. Thus, one can do this: ssh -MNfS ~/.ssh/ctl remotehost and then: ssh -S ~/.ssh/ctl -O add-rforward 2000:forward:80 localhost to add a new remote forwarding or ssh -S ~/.ssh/ctl -O cancel-rforward localhost:2000 localhost to remove it. The

We''re using the ListenAddress directive in our sshd_config to tell which interface sshd is supposed to listen on. Normally it''s the address for eth1, but it might be the address for eth0 if there is none for eth1, and it might be both.. So, could someone help me with the erb template for my sshd_config: ListenAddress <%= sshd_listen_address %> The priority should

from: Jeff Sloan <jeff_sloan at selinc.com> Update UEFI PXE proxyDHCP handling. This patch is based on commit ID 8a00e49 Modify two files to specify valid ip addresses. These files are efi/pxe.c and efi/udp.c. In efi/pxe.c: In net_parse_dhcp function. If ProxyOffer has been received, start with DhcpAck packet since it is the most complete. This requires a minimum of changes to the

https://bugzilla.mindrot.org/show_bug.cgi?id=2846 Bug ID: 2846 Summary: PermitOpen rule in sshd_config is not case insensitive Product: Portable OpenSSH Version: 7.6p1 Hardware: Other OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2090 Bug ID: 2090 Summary: SSH/SSHD hang with a Match User setting in sshd_config . Classification: Unclassified Product: Portable OpenSSH Version: 6.1p1 Hardware: Other OS: AIX Status: NEW Severity: critical Priority: P5

Hi, I want to come to a specific behavior described in https://access.redhat.com/solutions/289073 For example, taking an user who is NOT a member of a group *-foo Match Group !*-foo => this won't match Match Group *,!*-foo => this will match I would expect the first to match too, intuitively. I'm unsure if this behavior is expected, and if not, if it has a corresponding bug

Hi, OpenSSH 6.1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available

OpenSSH 6.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,