similar to: Fwd: Heads up: OpenSSH users

On 01/15/2016 06:39 AM, Johnny Hughes wrote: > On 01/14/2016 10:20 AM, Michael H wrote: >> Probably worth a read... >> >> http://www.openssh.com/txt/release-7.1p2 >> >>> Important SSH patch coming soon. For now, everyone on all operating >>> systems, please do the following: >>> >>> Add undocumented "UseRoaming no" to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote: > Michael H wrote: >> Probably worth a read... >> >> http://www.openssh.com/txt/release-7.1p2 >> >>> Important SSH patch coming soon. For now, everyone on all >>> operating systems, please do the following: >>> >>> Add undocumented

On Thu, January 14, 2016 11:46 am, m.roth at 5-cent.us wrote: > Timo Sch??ler wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote: >>> Michael H wrote: >>>> Probably worth a read... >>>> >>>> http://www.openssh.com/txt/release-7.1p2 >>>>

In article <5697CAB8.6090703 at wemoto.com>, Michael H <michael at wemoto.com> wrote: > Probably worth a read... > > http://www.openssh.com/txt/release-7.1p2 > > > Important SSH patch coming soon. For now, everyone on all operating > > systems, please do the following: > > > > Add undocumented "UseRoaming no" to ssh_config or use

On 01/14/2016 10:20 AM, Michael H wrote: > Probably worth a read... > > http://www.openssh.com/txt/release-7.1p2 > >> Important SSH patch coming soon. For now, everyone on all operating >> systems, please do the following: >> >> Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" >> to prevent upcoming #openssh

Timo Sch?ler wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote: >> Michael H wrote: >>> Probably worth a read... >>> >>> http://www.openssh.com/txt/release-7.1p2 >>> >>>> Important SSH patch coming soon. For now, everyone on all >>>> operating systems,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 01/14/2016 06:05 PM, Timo Sch?ler wrote: > On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote: >> Michael H wrote: >>> Probably worth a read... >>> >>> http://www.openssh.com/txt/release-7.1p2 >>> >>>> Important SSH patch coming soon. For now, everyone on all >>>> operating

Michael H wrote: > Probably worth a read... > > http://www.openssh.com/txt/release-7.1p2 > >> Important SSH patch coming soon. For now, everyone on all operating >> systems, please do the following: >> >> Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" >> to prevent upcoming #openssh client bug CVE-2016-0777.

I see that this is a CentOS 7 patch only, at least so far. I also see that the CentOS 6 ssh version is 5.3 > /usr/bin/ssh -V OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 which is supposedly not affected. However, strings indicates that /usr/bin/ssh is also aware for the useroaming configuration option: > strings /usr/bin/ssh | grep -i useroam useroaming Is it actually known that the

OpenSSH 7.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH

Hello, My usage of ProxyCommand just calls the nc utility with various parameters. That in turn after the initial setup just copies copies the data from the network socket to stdin/stdout. This useless coping can be avoided if ssh has an option to receive the socket from the proxy command. I suppose it can improve network error reporting as ssh would talk directly to the network socket rather

On 01/15/2016 08:55 AM, Noam Bernstein wrote: > I see that this is a CentOS 7 patch only, at least so far. I also see that the CentOS 6 ssh version is 5.3 > > /usr/bin/ssh -V > OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 > which is supposedly not affected. However, strings indicates that /usr/bin/ssh is also aware for the useroaming configuration option: > > strings

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:22.openssh Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSH Category: contrib Module: openssh Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:22.openssh Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSH Category: contrib Module: openssh Announced:

Hi, Posting this again as it has been drowned. can anybody assist? ------------------------------------------------------------------ Hi All, I'm trying to disable USB storage devices in Centos7.1.1503. I've setup udev rules to block all usb devices and then additional rules to allow specific vendors / products to be used (mainly keyboards and mice). This is all working perfectly.

On 10/12/15 10:02, Leon Fauster wrote: > Am 10.12.2015 um 09:37 schrieb Michael H <michael at wemoto.com>: >> >> I'm trying to disable USB storage devices in Centos7.1.1503. > > on EL6 we use: > > # cat /etc/modprobe.d/usb-disabled.conf > install usb-storage /bin/true > > # depmod -a I've achieved disabling USB devices and then allowing

To all, i think i've found a minor bug in openssh. i'm writing to the list toget input on whether it's really a bug, or an undocumented limit, or maybe it's even documented somewhere (although i didn't see it documented in ssh_config(5)). if there is a consensus that this is indeed a bug, i'll file it in bugzilla. i would also like to submit the fix. the bug is that

https://bugzilla.mindrot.org/show_bug.cgi?id=2573 Bug ID: 2573 Summary: dead sessions cannot be closed with ~. Product: Portable OpenSSH Version: 3.7.1p2 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

On Fri, Jan 29, 2016 at 11:48 AM, Michael H <michael at wemoto.com> wrote: > Selinux has been around for a while. > Yes, I know this but ... > > setsebool - set selinux boolean > What I am asking is if the command above is part of SELinux since I doesn't use before because it's a VM running on my PC so I not need such security levels. > > You should