similar to: ssh-keygen -R is case-sensitive, but should not be

On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > The previous revert enabled case-insensitive user names again. This > patch implements the case-insensitive user and group name matching. > To allow Unicode chars, implement the matcher using wchar_t chars in > Cygwin-specific code. Keep the generic code changes as small as possible. > Cygwin:

Windows usernames are case-insensitive and almost any Unicode character is allowed in a username. The user should be able to login with her username given in any case and not be refused. However, this opens up a security problem in terms of the sshd_config Match rules. The match rules for user and group names have to operate case-insensitive as well, otherwise the user can override her settings

https://bugzilla.mindrot.org/show_bug.cgi?id=2591 Bug ID: 2591 Summary: ssh-keygen -R is case-sensitive, but should not be Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs

Hi There, I'm using Mandrakelinux 10.0 Community, kernel version 2.6 I want to send a message to Windows clients from my Samba 3.0.2a box. Clients are w2k and winxp. If i say in CL $> smbclient -M recipient_machine then recieve error message "session request failed". Here the part of debug log: ------------------------------------ [gri@griff gri]$ smbclient -M serv -d5 ... ...

http://bugzilla.mindrot.org/show_bug.cgi?id=377 Summary: Reduce compiler warnings. Use unsigned args to the ctype.h is*() macros. Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: trivial Priority: P2 Component: Miscellaneous

Greetings, This request is in the grey area between a bug report and an enhancement request. Request ------- Please apply the following diff (or something functionally similar) to file ``match.c'' in OpenSSH-5.1p1: 161a162,164 > } else { > if (negated) > got_positive = 1; /* Negative match, negated = Positive */ In case the lines above wrapped in the email

Background: Thanks to the LARTC howto, this list and Stef Coene''s and devik''s excellent web sites I now have an ethernet bridge (patch bridge-nf.0.0.7) happily prioritising traffic (12Mbit) into 10 queues (9 for IP and 1 for non-IP) using a combination of iptables (fwmark) and htb3 and sfq. Many thanks. At the moment I''m filtering all non-IP traffic by setting the

On Feb 22 16:02, Darren Tucker wrote: > On Fri, Feb 22, 2019 at 03:32:43PM +1100, Darren Tucker wrote: > > On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > > > The previous revert enabled case-insensitive user names again. This > > > patch implements the case-insensitive user and group name matching. > > > To allow Unicode

Hello, I added the support for netgroups to be used in the AllowUsers and DenyUsers parameters. This has some advantages: * hostnames or ip addresses need not to be written or maintained in the sshd_config file, but can be kept abstract names what also simplifies a bit largescale openssh installations * sshd_config needs not change and sshd be restarted when changing the list of allowed /

The primary purpose of the attached patches is for portable OpenSSH to support changing expired passwords as specified in shadow password files. To support that, I did a couple enhancements to the base OpenBSD OpenSSH code. They are: 1. Consolidated the handling of "forced_command" into a do_exec() function in session.c. These were being handled inconsistently and allocated

Hi there, I'm interested in implementing Replay Gain in C++ and believe that this feature is available in the Flac library. http://en.wikipedia.org/wiki/Replay_Gain Would someone be kind enough as to direct me to the source files where this implementation exists. Thanks for your help, Barry -------------- next part -------------- An HTML attachment was scrubbed... URL:

https://bugzilla.mindrot.org/show_bug.cgi?id=2686 Bug ID: 2686 Summary: SSHD segfaults when trying to load RSA1 host keys Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=1546 Summary: sshd_config DenyUsers does not recognize negated host properly Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P4 Component: sshd AssignedTo: unassigned-bugs

From: Maxime Rey <maximejeanrey at gmail.com> Hello, I've discovered an issue with sshd when it's configured to use the SSH agent alongside multiple host keys. Specifically, this problem happens during the hostkeys-prove-00 at openssh.com request, when the server attempts to demonstrate ownership of the host keys by calling the agent. The issue occurs because, while processing the

Hi, OpenSSH 5.6 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a moderately large release, with a number of new features and bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH

This is a port of a patch I contributed to ssh 1.2.23 in May 1998. I have missed the functionality after moving to OpenSSH so I have updated the patch and hope OpenSSH might accept it. The patch allows sshd_config to have lines like: AllowUsers root at localhost AllowUsers tridge@* AllowUsers guest at 192.168.2.* DenyUsers badguy@* etc. I found this useful for restricting users to only login

https://bugzilla.mindrot.org/show_bug.cgi?id=2685 Bug ID: 2685 Summary: Case sensitive hostname matching Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: All Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and other principal names in authorized_keys entries. It's a sort of replacement for .klogin and .k5login, but it's much more general than .k*login as it applies to any authentication mechanism where a name is associated with the ssh client and it supports name patterns and all the normal authorized_keys entry options

Attached (and inline) is a patch to add the following config options: ControlBindMask ControlAllowUsers ControlAllowGroups ControlDenyUsers ControlDenyGroups It pulls the peer credential check from client_process_control() in ssh.c, and expounds upon it in a new function, client_control_grant(). Supplemental groups are not checked in this patch. I didn't feel comfortable taking a shot

> grep("f[0-9]+=", "f1=5,f22=3,", value = T) [1] "f1=5,f22=3," How do I make the line output c("f1", "f22") instead? (Actually, c(1,22) would be even better). Thank you. -- View this message in context: http://r.789695.n4.nabble.com/Quick-GREP-challenge-tp2339486p2339486.html Sent from the R help mailing list archive at Nabble.com.