similar to: Dynamic Remote Port forward?

Hi folks, (3rd time I am sending this message, none of the other appear to have made it through!) Using "OpenSSH_6.9p1 Ubuntu-2ubuntu0.1, OpenSSL 1.0.2d 9 Jul 2015" on the server, "OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016" on the client. I am trying to use sshtunnel with StreamLocal forwarding to enable me to connect back to the client's ssh port, without having to

Hi, The code definitely attempts to unlink any old listener beforehand (see misc.c:unix_listener()) so I don't understand why that isn't being called. You might try simulating your configuration using sshd's -T and -C to make sure the flag is correctly being set. Could chroot be interfering? Some platforms implement additional restrictions on devices and sockets inside chroot. -d

On Tue, 3 May 2016, Rogan Dawes wrote: > Hi Damien, > Thanks for the response! > > I tried moving the StreamLocalBindUnlink directive outside of the Match > rule, and it worked. But that doesn't explain why the Match was not > correctly setting the directive: > > This is running on an alternate port with -ddd: > > debug3: checking match for 'User

On Sun, May 8, 2016 at 9:04 PM, Markus Friedl <mfriedl at gmail.com> wrote: > I have an ugly patch for that feature that requires protocol modification. Why does it require a protocol modification? Couldn't the client request regular forwarded-tcpip from the server then decode SOCKS entirely within the client? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9

https://bugzilla.mindrot.org/show_bug.cgi?id=2601 Bug ID: 2601 Summary: StreamLocalBindUnlink not working Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

Hi folks, I have successfully compiled and run OpenSSH 4.1p1 on NCR MPRAS: $ uname -a UNIX_SV support1 4.0 3.0 3446 Pentium Pro(TM)-EISA/PCI $ However, I have found one pretty critical problem, arising from the way that MPRAS handles changes to the IP stack. Background: To update any of the IP or TCP configuration options, system administrators should use the program "tcpconfig".

On 19Oct2018 17:12, Damien Miller <djm at mindrot.org> wrote: >On Fri, 19 Oct 2018, Cameron Simpson wrote: >> The ssh command line's -L option has supported socket forwarding for >> a while, >> but as far as I can tell the ssh_config file does not, even in 7.9. > >It does, look for LocalForward Pardon me, I've been unclear. I don't mean TCP forwards

Hi folks, I was wondering if it were possible to log which key is used to authenticate a user logging in? In our scenario, our client is wanting to use SSH keys to control shared access to Unix accounts, including root. It is obviously possible to add multiple keys into the authorized_keys file, however, it is not possible to see which user/key was actually presented, at a reasonable logging

Hi folks, I was thinking about the possibility of separating the OpenSSH transport and authentication functions from the terminal emulation functions, and making it available as a library for other applications to use for secure authenticated transport. My thinking is along the lines of: A whole bunch of applications have implemented "secure" versions of the transport protocol, using

Hi, I was thinking about the difficulties and complexities of using chroot in scp or sftp-server, in order to limit the user in which files they can access. I've seen a lot of arguments about how it is pointless to try and secure scp or sftp (also from a logging perspective) because if we allow SSH access, the user can simply provide their own scp or sftp binary, that does not do the

The ssh command line's -L option has supported socket forwarding for a while, but as far as I can tell the ssh_config file does not, even in 7.9. Is this planned? Or is there some reason this isn't reasonable? Oris there some syntax I've missed? Cheers, Cameron Simpson <cs at cskk.id.au>

On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote: > if the intermediary machine (the "jumphost") is jumphost.example, and > you are trying to reach bar.example.com (which is behind the firewall), > you would do: > ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com We use jump host, but there are literally hundreds of hosts behind

For some odd reason, one line was removed from the handling of ProxyCommand in readconf.c. As a result, ssh crashes on strlen(string) when it parses this option. --- readconf.c:X Mon Aug 6 23:35:52 2001 +++ readconf.c Wed Aug 15 16:11:44 2001 @@ -475,6 +475,7 @@ case oProxyCommand: charptr = &options->proxy_command; + string = xstrdup(""); while ((arg =

Hi, I'm having trouble connecting to my postgreSQL db on Heroku(Amazon) using RPostgreSQL. I've looked through GitHub for people doing the same thing. There are quite a few examples and all look similar to the below: drv <- dbDriver("PostgreSQL") con <- dbConnect( drv, dbname = "dadqn30er7ghpl", host =

https://bugzilla.mindrot.org/show_bug.cgi?id=2308 Bug ID: 2308 Summary: Forwarded Unix domain sockets not removed on logout Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

http://25thandclement.com/~william/openssh-4.3p2-streamlocal-20060421.patch The above URL is a complete patch to OpenSSH 4.3p2 to implement unix domain socket forwarding (this supercedes a canceled message I sent last night w/ an inline attachment). Basically, for forward and reverse forwardings anywhere you previously put a port number you can now put a path. The socket path should go between

I tried the following command. ssh -Y -t intermediate -- ssh -Y dest But it shows the following error message. Does anybody know how to fix the problem? Thanks. X11 forwarding request failed on channel 0 -- Regards, Peng

On Tue, Oct 20, 2015 at 01:31:46AM +0200, ?ngel Gonz?lez wrote: > On 16/10/15 12:46, hubert depesz lubaczewski wrote: > >On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote: > >>> if the intermediary machine (the "jumphost") is jumphost.example, and > >>> you are trying to reach bar.example.com (which is behind the firewall), >

On Sun, Jul 5, 2015 at 3:26 AM, Damien Miller <djm at mindrot.org> wrote: > On Sat, 4 Jul 2015, Peng Yu wrote: > >> I tried the following command. >> >> ssh -Y -t intermediate -- ssh -Y dest >> >> But it shows the following error message. Does anybody know how to fix >> the problem? Thanks. > > ssh -oProxyCommand="ssh -W %h:%p

Hello. OpenSSH has -D option to create socks proxy (take local traffic and send it from remote machine). But sometimes there is an opposite problem: to allow apps on remote machine send traffic from local machine (for example, to get access to intranet resources). Expected syntax (I use -B as fist unused letter, plus it may be memorized as 'back'): ssh -B 127.0.0.1:1080 user at