similar to: [Bug 2654] New: regress/agent-getpeereid.sh uses wrong ssh-add program

hi, Solaris doesn't have getpeereid() or SO_PEERCRED. However, getpeerucred() is perfectly usable for that; and it's in Solaris 10 and OpenSolaris. So, ssh-agent(1) security there so far depends only on permissions of the socket directory and with this patch it checks peer's credentials, too. I patched following files using a snapshot from 20060921: openssh/config.h.in

Hi All. Attached is a patch (against OpenSSH Portable -current) to portablize the regression tests. It will also apply to OpenBSD's (with a couple of rejects). They are based on work by Roumen Petrov and myself, with contributions from Corinna Vinschen and David M Williams. My goal is to have the tests work out of the box on as many of our supported platforms as possible so running the

I have the OpenSSH regression tests hooked up to run in Debian and Ubuntu's "autopkgtest" system, so that they're automatically run on uploads of OpenSSH itself or any of its dependencies. This is especially good for enforcing interoperability between it and other SSH implementations, but it's also pretty good for throwing up occasional extremely-hard-to-debug failures since

https://bugzilla.mindrot.org/show_bug.cgi?id=2660 Bug ID: 2660 Summary: Create mux socket for regress in temp directory Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Regression tests Assignee:

Hi, I've just implemented getpeereid in Cygwin and I found that there's something I don't understand. In ssh-agent.c and in clientloop.c, getpeereid is used to ask for the effective uid of the peer side of the connected socket. So far so good, but why does the test look like this: if ((euid != 0) && (getuid() != euid)) ? Is there any good reason why root should be able

Hello I've compiled OpenSSH 3.9p1 on AIX <source Dir>/contrib/findssl.sh Searching for OpenSSL header files. 0x009060dfL /opt/freeware/include/openssl/opensslv.h Searching for OpenSSL shared library files. Searching for OpenSSL static library files. 0x009060dfL /opt/freeware/lib/libcrypto.a 0x009060dfL /opt/freeware/64/lib/libcrypto.a 0x009060dfL /usr/local/lib/libcrypto.a

Hello I've Compiled openssh 3.9.p1 on AIX 5.2: <source Dir>/contrib/findssl.sh Searching for OpenSSL header files. 0x009060dfL /opt/freeware/include/openssl/opensslv.h Searching for OpenSSL shared library files. Searching for OpenSSL static library files. 0x009060dfL /opt/freeware/lib/libcrypto.a 0x009060dfL /opt/freeware/64/lib/libcrypto.a 0x009060dfL /usr/local/lib/libcrypto.a

http://bugzilla.mindrot.org/show_bug.cgi?id=989 Summary: openssh-3.9p1 on Solaris 8 - multiplex.sh NOK Product: Portable OpenSSH Version: 3.9p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Keywords: patch, help-wanted Severity: normal Priority: P5 Component: Build system

What about simply modifying your script? For example, instead of simply doing "ssh-add -l," you could use "ssh-add -l | grep SHA256." This would eliminate any non-key output to stdout, but admiteedly assumes that the fingerprint algorithm does not change. -- Iain On 1/9/25, 7:09?PM, "openssh-unix-dev" <openssh-unix-dev-bounces+iain.morgan=nasa.gov at

From: Corey Hickey <chickey at tagged.com> When ssh-add is used in a script like: if ! KEY_LISTING=$(ssh-add -l 2>&1) ; then echo "SSH agent error" >&2 exit 2 fi ...the operation fails when there is an agent but there are no keys in the agent. This is because ssh-add exits with status of 1. If the intent is to examine the keys in the agent,

https://bugzilla.mindrot.org/show_bug.cgi?id=2658 Bug ID: 2658 Summary: Make integrity tests more robust against timeouts Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Regression tests Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2665 Bug ID: 2665 Summary: Remove vestige of LOGIN_PROGRAM Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2672 Bug ID: 2672 Summary: Typo with dynamically removing port forward Product: Portable OpenSSH Version: 7.4p1 Hardware: Other URL: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug /1421075 OS: Linux Status: NEW

https://bugzilla.mindrot.org/show_bug.cgi?id=2659 Bug ID: 2659 Summary: Fix race conditions in forwarding tests Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Regression tests Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2647 Bug ID: 2647 Summary: Tracking bug for OpenSSH 7.5 release Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous

Hi Darren Thanks for your fast reply thats the rease wy it doesn't work.... I have ML4 on my Developement Machine and ML3 on the Quality System...;-> Thanks from Switzerland

On Fri, 10 Jan 2025, Corey Hickey wrote: > On 2025-01-10 01:35, Jochen Bern wrote: > > On 10.01.25 00:33, Corey Hickey wrote: > > > I took the approach of preserving current behavior by default, but > > > another approach would be to: > > > * print "The agent has no identities." to stderr instead of stdout > > > * exit with a status of 0

Hi everyone. I have a system where I'd like to give certain users time-limited access to the use of certain SSH private keys without actually exposing the keys. I have the idea of using ssh-agent to do this. The agent would run as a "keyholder" user, and group permissions on the UNIX-domain socket would allow read-write by both that account and the actual ssh user. Right now,

https://bugzilla.mindrot.org/show_bug.cgi?id=2682 Bug ID: 2682 Summary: ssh-agent is unable to remove smartcard after introducing whitelist Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority:

http://bugzilla.mindrot.org/show_bug.cgi?id=421 ------- Additional Comments From mouring at eviladmin.org 2002-10-25 14:03 ------- [.. Important part from URL..] gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I.. -I. -I./.. - I/usr/local/ssl/include -DHAVE_CONFIG_H -c bsd-getpeereid.c bsd-getpeereid.c: In function `getpeereid': bsd-getpeereid.c:35: storage size of `cred'