similar to: Question About Dynamic Remote Forwarding

On Fri, 9 Jun 2023, Chris Rapier wrote: > Hi all, > > When a client requests dynamic remote forwarding with -R it delays forking > into the background. In ssh.c we see > > if (options.fork_after_authentication) { > if (options.exit_on_forward_failure && > options.num_remote_forwards > 0) { > debug("deferring postauth fork until

On Wed, 25 Jan 2023 at 19:29, Darren Tucker <dtucker at dtucker.net> wrote: [...] > I have a part-done patch that logs the output from all ssh and sshd > instances to separate datestamped files. I'll see if I can tidy that > up for you to try You can grab it from here: https://github.com/daztucker/openssh-portable/commit/b54b39349e1a64cbbb9b56b0f8b91a35589fb528 It's not

https://bugzilla.mindrot.org/show_bug.cgi?id=2681 Bug ID: 2681 Summary: postauth processes to log via monitor Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

Howdy, It's been a while since I've made an announcement here but I wanted to mention that we've just released a set of HPN-SSH patches for OpenSSH6.2. The release marks the first time I've had the resources/help to actually do anything more than just forward port the patches in quite a while. http://www.psc.edu/index.php/hpn-ssh Items of note: 1) The multithreaded AES-CTR

Domain users using Windows 7 systems lose the ability to connect to Samba shares. Some users can connect one day but then lose the ability the next. When the problem starts to occur the log.smbd displays: =============================================== check_ntlm_password: authentication for user [user1] -> [user1] -> [MYDOMAIN\user1] succeeded ntlmssp_server_postauth: invalid

https://bugzilla.mindrot.org/show_bug.cgi?id=1812 Summary: ControlPersist causes defunct/zombie processes Product: Portable OpenSSH Version: 5.6p1 Platform: All URL: http://bugs.debian.org/594687 OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have just uploaded openssh-1.2pre15 to http://violet.ibs.com.au/openssh/ Changes: - Merged big source cleanup from OpenBSD CVS. All the source now conforms to: http://www.openbsd.org/cgi-bin/man.cgi?query=style&apropos=0&sektion=9&manpath=OpenBSD+Current&format=html - Added BSD compatible install program - More

OpenSSH 7.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH

There is bug for this: https://bugzilla.samba.org/show_bug.cgi?id=12303 I am testing this option to resolve this: client ipc signing = No But I am not yet sure if it works. Regards Christian Am Mittwoch, den 16.11.2016, 15:41 -0500 schrieb Sonic via samba: > Domain users using Windows 7 systems lose the ability to connect to > Samba shares. Some users can connect one day but then

Hi I'm trying to wrap ssh in an application using glib. For now, I'm launching the ssh client in master mode and want it to detach, keeping the control socket around. I figured I could do that using the -f flag and the usual Control* options to force ssh to daemonize (ideally without executing any command), but it turns out that glib doesn't recognize the daemonized process as

https://bugzilla.mindrot.org/show_bug.cgi?id=2482 Bug ID: 2482 Summary: SELinux integration Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2577 Bug ID: 2577 Summary: Port Forwarding on Proxy with ProxyCommand ssh -W does not work / bad file descriptor Product: Portable OpenSSH Version: 7.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5

Hi, I posted this question to the OpenBSD bugs list last week, however I have had no reply and it was suggested on IRC that I post here instead. So I must apologise if this is not appropriate. For a reference here is my previous post: https://marc.info/?l=openbsd-bugs&m=156080681530337&w=2 I am running OpenBSD 6.5-stable (also tested on -current). When I ssh somewhere I get a sig abort

I think I've found a bug with sshd handling audit events for commands (like scp) over ssh1 connections. Specifically, after updating to a recent FreeBSD 6.x with audit support, I'm getting log messages like these when using scp over ssh1: Sep 12 14:13:16 <auth.info> bm55 sshd[12335]: Accepted rsa for xxx from A.B.C.D port 2981 Sep 12 14:13:16 <auth.crit> bm55 sshd[12335]:

https://bugzilla.mindrot.org/show_bug.cgi?id=2263 Bug ID: 2263 Summary: sshd privsep monitor process doesn't handle SIGXFSZ signal Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

I realize that the splitting of the sshd binaries is a work in progress. Nonetheless I am trying to make a diagram of the situation as of 9.8. How close have I gotten? Is it correct that currently for a basic session, binaries are run four ways? 1. A privileged binary to listen for incoming connections (66717 below) 2. A privileged session monitor to track the session, for the duration of the

Hi, I?m trying to develop a PAM module with OpenSSH, and I realized I need to retrieve something in a later stage that was saved in another previous stage. As far as my tests on OpenSSH 7.6 go, the password auth route goes through PAM auth, account, session, and the session stage is in a different UNIX process from the process where auth and account take place. For the key auth route, auth stage

Hi List, I have a szenario where I need to reach a host on the internet from a "firewalled" network but there is a HTTPS-proxy runnnig. As some people know you can tunnel all TCP-connections through this proxy because it can't decide if someone is really doing SSL or just Telnet to port 443 (or use SSH in our case). So I've written a patch for ssh to make it send the CONNECT

Here is a patch to implement a handy new feature proposed by John Hardin <johnh at aproposretail.com>. This is his description of the feature: New option for OpenSSH: Delay before exit. Command line option: -S delay Config file option: sleep {delay} Purpose: Wait the specified number of seconds after last traffic before dropping the connection and exiting. If ports are forwarded, this