similar to: [PATCH] sshd: make "-c" option usable

Displaying 20 results from an estimated 10000 matches similar to: "[PATCH] sshd: make "-c" option usable"

2014 Dec 04
3
Adding Solaris Audit to sshd (and sftp-server)
Hi Damien, I'm working with the Solaris team that is integrating openssh into upcoming Solaris releases. I'm looking for advice from the upstream community. You were suggested for that advice. If there are other mailing lists you'd like me to ask, I'm happy to do so, or if you'd like to forward, please feel free to do so. The --with-audit=bsm (audit-bsm.c) configuration
2008 Jul 29
1
Question regarding alignment patch
Contrast http://cvsweb.mindrot.org/index.cgi/openssh/monitor_fdpass.c?r1=1.23;r2=1.24 with http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/monitor_fdpass.c.diff?r1=1.14&r2=1.15 The original replaces cmsgbuf.tmp with cmsgbuf.buf, while the -portable version *adds* cmsgbuf.buf but retains cmsgbuf.tmp. I assume this was an oversight, and cmsgbuf.tmp should be removed? DES -- Dag-Erling
2017 Feb 04
4
Greeter openssh 7.4 is not according rfc4253.
Hi, I discovered when using my fuse fs for connecting to a remote host using sftp that the new server version 7.4 sends a greeter which is not according the format desribed in https://tools.ietf.org/html/rfc4253#section-4 There is written that the greeter "MUST be terminated by a single Carriage Return (CR) and a single Line Feed (LF) character (ASCII 13 and 10, respectively)." Now
2010 May 24
3
5.2: Solaris 10 x86 x-11 forwarding fails, assign requested address
This is on Solaris 10 x86, do not see this behavior on Solaris 10 sparc. Seen on multiple machines. Sshd debug: debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug2: session_new: allocate (allocated 0 max 10) debug3: session_unused: session id 0 unused debug1: session_new: session 0 debug1:
2003 Dec 14
1
fakepw auth.c question
this is at the bottom of auth.c. What is it? struct passwd * fakepw(void) { static struct passwd fake; memset(&fake, 0, sizeof(fake)); fake.pw_name = "NOUSER"; fake.pw_passwd = "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; fake.pw_gecos = "NOUSER"; fake.pw_uid = -1; fake.pw_gid = -1; fake.pw_class =
2019 Nov 20
2
help wanted: update ssh-askpass programs for new U2F / prompt hints
My website has fallen off the web. This is a good time for someone else to take over the code for x11-ssh-askpass, as I've not done anything with it for years. I have the original code somewhere if needed, but I think Debian has mirrored it for some time. -- jim knoble > On Nov 18, 2019, at 01:49, Jakub Jelen <jjelen at redhat.com> wrote: > >> On Mon, 2019-11-18 at 16:19
2012 Apr 19
2
OpenSSL ASN.1 vulnerability: sshd not affected
Hi, Tavis Ormandy found some bugs in OpenSSL's ASN.1 and buffer code that can be exploited to cause a heap overflow: http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html Fortunately OpenSSH's sshd is not vulnerable - it has avoided the use of ASN.1 parsing since 2002 when Markus wrote a custom RSA verification function (openssh_RSA_verify):
2020 Sep 30
3
Human readable .ssh/known_hosts?
On Tue, 29 Sep 2020 at 23:16, Nico Kadel-Garcia <nkadel at gmail.com> wrote: [...] > I gave up on $HOME/.ssh/known_hosts a *long* time ago, because if > servers are DHCP distributed without static IP addresses they can wind > up overlapping IP addresses with mismatched hostkeys You can set CheckHostIP=no in your config. As long as the names don't change it'll do what you
2003 Feb 01
5
[Bug 481] Extend man page with documentation
http://bugzilla.mindrot.org/show_bug.cgi?id=481 ------- Additional Comments From markus at openbsd.org 2003-02-02 00:11 ------- do you have a patch for the manpage? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2019 Apr 29
2
dfree command in homes section
Hi everyone, we are using custom dfree commands to implement quotas. While these work fine on normal shares, the "dfree command" parameter seems to be ignored in the homes section. Is this correct (and intended)? Best regards Felix IT-Services Telefon 02461 61-9243 E-Mail: f.stolte at fz-juelich.de -------------------------------------------------------------------------------------
2010 Jan 12
1
[patch] Make keys work again
This patch makes keys work again. This bug was introduced in r1.78: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.77;r2=1.78. Joachim Index: authfile.c =================================================================== RCS file: /usr/obsd-repos/src/usr.bin/ssh/authfile.c,v retrieving revision 1.78 diff -u -N -p authfile.c --- authfile.c 11 Jan 2010 04:46:45 -0000
2015 Apr 23
3
double length prefix in ssh-keygen certificates (values of critical options)
Hi, I have a question regarding the binary format of the certificates generated with ssh-keygen, in particular when the critical options of source-address or force-command are present and the correspondence to the certificate format specifications such as http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD . It appears that the string values of the source-address
2011 Aug 05
1
Typo in a manpage
Hello, There's a typo in moduli.5 manpage. I'm not quite sure it needs a patch. Anyway, the fix is: s/primaility/primality/ Regards -- ^L.
2001 May 11
2
artifact bug status? / compiling under OpenBSD 2.8
Hi! On March 17th I posted a message on this list concerning an artifact bug in beta4 that is audible in all available bitrates. It was this rumbling sound in the bass area. I made a demo clip, which still is available at http://www.stud.uni-karlsruhe.de/~us87/ogg/vorbis_bassrumble_demo.rar and that contains both the original .WAV and an .OGG @ 350kbps. This archive is 2.1 MB large. Today, I
2011 Mar 04
2
remote DoS in sftp via crafted glob expressions (CVE-2010-4755)
Hi folks. We were made aware of a MITRE CVE assignment on OpenSSH for a remote DoS in sftp, described as: The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via
2017 Feb 24
2
[SUSPECTED SPAM] Canonical Link to Reference of "ServerAliveInterval"
What is the canonical link to Reference of "ServerAliveInterval"? Background: I want to write an answer at serverfault (Q-A Site). I want to avoid copy+pasting. I would like to lead the new comer to the canonical reference. Regards, Thomas G?ttler -- Thomas Guettler http://www.thomas-guettler.de/
2005 May 26
2
openssh-4.1p1.tar.gz.asc has bad signature?
Hi, #tcsh#machine# gpg --verify openssh-4.1p1.tar.gz.asc openssh-4.1p1.tar.gz gpg: Signature made Wed May 25 08:26:24 2005 EDT using DSA key ID 86FF9C48 gpg: BAD signature from "Damien Miller (Personal Key) <djm at mindrot.org>" I made sure that I had the same key loaded that the signature was made with, but that didn't change the error. Thanks, Matt -- Matthew Goebel :
2010 Jan 22
3
moving X11 portforwarding out into a "plugin" framework
I think everyone will admit that X11 forwarding has been an incredible feature in [open]ssh. X11 is not the only local->remote protocol that might be useful across an SSH session however. But having to hack the code for new protocols as they come around seems silly. Wouldn't it be more useful to be able to describe a protocol that needs forwarding and some configuration that might
2015 Apr 24
1
[Bug 2389] New: update the PROTOCOL.certkeys spec to avoid confusion regarding encoding of critical options fields
https://bugzilla.mindrot.org/show_bug.cgi?id=2389 Bug ID: 2389 Summary: update the PROTOCOL.certkeys spec to avoid confusion regarding encoding of critical options fields Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: All Status: NEW Severity: enhancement
2004 Feb 24
2
Updated moduli file in OpenSSH 3.8
Hi, Can anybody briefly explain the significance of the updated moduli file? Is this a critical update? Should all existing installations update their moduli file? Thanks in advance, -- Dan