similar to: [Bug 3079] New: Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=2894 Bug ID: 2894 Summary: Set UpdateHostKeys for interactive sessions to 'ask' (or consider defaulting to 'yes') Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Other Status: NEW Severity: enhancement

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Bug ID: 3162 Summary: Tracking bug for 8.4 release Product: Portable OpenSSH Version: -current Hardware: Other OS: All Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2738 Bug ID: 2738 Summary: UpdateHostKeys does not check keys in secondary known_hosts files Product: Portable OpenSSH Version: 7.4p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=3217 Bug ID: 3217 Summary: Tracking bug for 8.5 release Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3085 Bug ID: 3085 Summary: seccomp issue after upgrading openssl Product: Portable OpenSSH Version: 8.1p1 Hardware: Other OS: Linux Status: NEW Severity: critical Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=3117 Bug ID: 3117 Summary: Tracking bug for 8.2 release Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2564 Bug ID: 2564 Summary: ssh_config AddKeysToAgent doesn't set key name/path Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

Hi, There is any way to figure out where physically is the journal on a ext3 fs and it's size? Thanks! Jordi

Hello everyone, I have Asterisk SVN-trunk-r7498 installed on a server (celeron 2.4 Ghz, 256MB) with a TDM40b a TDM04b and an avm fritz!card pci. I experience a problem with voicemail: my messages are good unless the incoming call comes from isdn, which means via the avm fritz!card. In this case (and in this case only) the message is disjointed and I can hear at most 1 second out of a 1 minute

https://bugzilla.mindrot.org/show_bug.cgi?id=3430 Bug ID: 3430 Summary: 64 bit time and seccomp conflict Product: Portable OpenSSH Version: 8.9p1 Hardware: ARM OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2011 --- Comment #8 from Petr Lautrbach <plautrba at redhat.com> --- Created attachment 2214 --> https://bugzilla.mindrot.org/attachment.cgi?id=2214&action=edit don't probe seccomp capability of running kernel in configure I'd like to add also possibility to build seccomp_filter sandbox on system with older kernel, E.g. Fedora

This patchset allow syscalls (flock, ipc, getuid, geteuid and ioctl), so openssl engines, e.g. OpenSSL-ibmca and OpenSSL-ibmpkcs11, can work and communicate with the crypto cards during ssh login. 1. The flock and ipc are allowed only for s390 architecture. They are needed for openCryptoki project (PKCS#11 implementation), as the ibmpkcs11 engine makes use of openCryptoki. For more information,

I've committed this diff. Please test and confirm that it works ok. (If not, then I've botched the macro fixes in the previous commit) Thanks, Damien Miller On Tue, 14 Mar 2017, Damien Miller wrote: > ok, with the fixes for the seccomp-bpf sandbox that I just committed > the diff reduces to. > > IMO this is scoped narrowly enough to go in. > > -d > > diff

https://bugzilla.mindrot.org/show_bug.cgi?id=3074 Bug ID: 3074 Summary: memory leak reported in static code analysis Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Windows 10 Status: NEW Severity: minor Priority: P5 Component: sftp Assignee: unassigned-bugs at

This patch enables specific ioctl calls for ICA crypto card on s390 platform. Without this patch, users using the IBMCA engine are not able to perform ssh login as the filter blocks the communication with the crypto card. Signed-off-by: Harald Freudenberger <freude at linux.vnet.ibm.com> Signed-off-by: Eduardo Barretto <ebarretto at linux.vnet.ibm.com> --- sandbox-seccomp-filter.c |

On 03-03-2017 09:54, Petr Cerny wrote: > Damien Miller wrote: >> On Tue, 28 Feb 2017, Eduardo Barretto wrote: >> >>> On 13-02-2017 13:23, Eduardo Barretto wrote: >>> > This patch enables specific ioctl calls for ICA crypto card on s390 >>> > platform. Without this patch, users using the IBMCA engine are not >>> able >>> > to

On Tue, 28 Feb 2017, Eduardo Barretto wrote: > On 13-02-2017 13:23, Eduardo Barretto wrote: > > This patch enables specific ioctl calls for ICA crypto card on s390 > > platform. Without this patch, users using the IBMCA engine are not able > > to perform ssh login as the filter blocks the communication with the > > crypto card. > > > > Signed-off-by: Harald

https://bugzilla.mindrot.org/show_bug.cgi?id=2069 Bug ID: 2069 Summary: arm support for sandbox_seccomp_filter Classification: Unclassified Product: Portable OpenSSH Version: 6.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd

*SSL libraries or the C library may/will require it. --- sandbox-seccomp-filter.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index b6f6258..846bc08 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -129,6 +129,9 @@ static const struct sock_filter preauth_insns[] = { #else SC_ALLOW(sigprocmask), #endif

https://bugzilla.mindrot.org/show_bug.cgi?id=3702 Bug ID: 3702 Summary: sshd fork crashed when compiled with seccomp Product: Portable OpenSSH Version: 9.7p1 Hardware: ARM64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at