Displaying 20 results from an estimated 4000 matches similar to: "[Bug 3587] New: Would OpenSSH consider adding a switch to hide the specific OpenSSH version number?"
2024 Jan 13
6
[Bug 3656] New: How to fix row hammer attacks?
https://bugzilla.mindrot.org/show_bug.cgi?id=3656
Bug ID: 3656
Summary: How to fix row hammer attacks?
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
2023 Feb 01
16
[Bug 3531] New: Ssh will not exit when it receives SIGTERM before calling poll in client_wait_until_can_do_something until some events happen.
https://bugzilla.mindrot.org/show_bug.cgi?id=3531
Bug ID: 3531
Summary: Ssh will not exit when it receives SIGTERM before
calling poll in client_wait_until_can_do_something
until some events happen.
Product: Portable OpenSSH
Version: 9.1p1
Hardware: Other
OS: Linux
Status:
2023 Aug 01
3
[Bug 3597] New: Why do we check both nsession_ids and remote_add_provider when judging whether allow remote addition of FIDO/PKCS11 provider libraries is disabled?
https://bugzilla.mindrot.org/show_bug.cgi?id=3597
Bug ID: 3597
Summary: Why do we check both nsession_ids and
remote_add_provider when judging whether allow remote
addition of FIDO/PKCS11 provider libraries is
disabled?
Product: Portable OpenSSH
Version: -current
Hardware: Other
2023 Jan 20
17
[Bug 3526] New: Config option AddressFamily has no effect?
https://bugzilla.mindrot.org/show_bug.cgi?id=3526
Bug ID: 3526
Summary: Config option AddressFamily has no effect?
Product: Portable OpenSSH
Version: 9.0p1
Hardware: amd64
OS: Mac OS X
Status: NEW
Severity: trivial
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2013 Jun 19
2
sshd didn't run after upgrade to FreeBSD 8.4
The version of sshd in FreeBSD 8.4 is not backward compatible with older
version from 8.3.
OpenSSH_5.4p1 (on FreeBSD 8.3)
OpenSSH_6.1p1 (on FreeBSD 8.4)
# sshd -t
/etc/ssh/sshd_config line 19: Missing argument.
On line 19, there is:
VersionAddendum
It was OK in older versions. It will remove any default text appended to
SSH protocol banner (for example 'FreeBSD-20120901').
On
2016 Aug 08
3
ssh(d) identification string in portable (clarification)
Hello all,
We got a report [1], that we miss "p1" suffix in the sshd identification
strings in Fedora. I dig in and found out that it is also missing from
portable usptream since 2004, when you were rewriting version.h header
file with this information.
Debian somehow patched this information back during the time in some
places (ssh_api.c is missing).
It does not look like
2014 Sep 24
5
[Bug 2281] New: sshd accepts empty arguments in ForceCommand and VersionAddendum
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
Bug ID: 2281
Summary: sshd accepts empty arguments in ForceCommand and
VersionAddendum
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2002 Jun 26
1
Full FreeBSD patchset
A non-text attachment was scrubbed...
Name: openssh.diff
Type: text/x-patch
Size: 49208 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020626/8f94fb5b/attachment.bin
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2023 Mar 25
1
[Bug 3551] New: Which patches fixes the problem of adding smartcard keys to ssh-agent?
https://bugzilla.mindrot.org/show_bug.cgi?id=3551
Bug ID: 3551
Summary: Which patches fixes the problem of adding smartcard
keys to ssh-agent?
Product: Portable OpenSSH
Version: 9.3p1
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component:
2023 May 27
1
[Bug 3576] New: The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd.
https://bugzilla.mindrot.org/show_bug.cgi?id=3576
Bug ID: 3576
Summary: The sftp-server does not provide the feature of
changing expired passwords, which is provided by the
sshd.
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: Linux
Status: NEW
2023 Jul 20
1
[Bug 3590] New: Why is the service name in the USERAUTH REQUEST message "ssh-connect" instead of "ssh-userauth"?
https://bugzilla.mindrot.org/show_bug.cgi?id=3590
Bug ID: 3590
Summary: Why is the service name in the USERAUTH REQUEST
message "ssh-connect" instead of "ssh-userauth"?
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: trivial
2023 Dec 23
1
[Bug 3647] New: Correct the catalogue number of PROTOCOL
https://bugzilla.mindrot.org/show_bug.cgi?id=3647
Bug ID: 3647
Summary: Correct the catalogue number of PROTOCOL
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: trivial
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at
2018 Aug 21
2
selinux question
On 08/21/2018 02:20 PM, Warren Young wrote:
> On Aug 21, 2018, at 1:27 PM, Nataraj <incoming-centos at rjl.com> wrote:
>> I have a web application which uses sudo to invoke python scripts as the
>> user under which the application runs (NO root access).
> Why is the web app not running with that user?s permissions in the first place?
>
> If your answer is that it
2023 Jan 05
6
[Bug 3518] New: Skip scp transfer over multiplexed connection if there's no scp on remote path as scp3 test did
https://bugzilla.mindrot.org/show_bug.cgi?id=3518
Bug ID: 3518
Summary: Skip scp transfer over multiplexed connection if
there's no scp on remote path as scp3 test did
Product: Portable OpenSSH
Version: 9.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
2020 Jul 18
2
[Bug 3196] New: [Information Disclosure] OpenSSH_7.4p1 Raspbian-10+deb9u7 discloses OS version
https://bugzilla.mindrot.org/show_bug.cgi?id=3196
Bug ID: 3196
Summary: [Information Disclosure] OpenSSH_7.4p1
Raspbian-10+deb9u7 discloses OS version
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Other
Status: NEW
Severity: security
Priority: P5
2003 Nov 13
1
SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE
Wonder if you guys could help me out...have a security problem with sshd
wich enables a user to do a password login tough the sshd_config states
PasswordAuthentication no
My config works fine in both gentoo and openbsd 3.3 but users are able to
login with tunneled clear text passwords in both 4.9 and 5.1
Im lost.tried everything I can think of.
Here is the config:
2015 May 10
2
v2.2.17 release candidate released
> Michael Grimm <trashcan at odo.in-berlin.de> kirjoitti 9.5.2015 kello 23.17:
>
> Hi ?
>
> Timo Sirainen <tss at iki.fi> wrote:
>
>> Please test especially non-Linux systems as there are some larger configure/Makefile changes done since v2.2.16.
>
> 2.2.17.rc1 will compile on FBSD 10.1 only, if bash has been installed
Dovecot hg requires bash
2001 Oct 26
2
SSHv2 sshd exit criteria
When should sshd disconnect an SSHv2 connection?
Markus Friedl says "for protocol v2 the client decides when to close the
connection."
In principle, I agree, because SSHv2 supports multiple sessions over the
same connection, with the client able to launch new sessions anytime
then it should be upto the client.
But this would be a major cultural change for most users, and would
break
2015 Mar 27
2
FYI: SSH1 now disabled at compile-time by default
Hi,
On Fri, Mar 27, 2015 at 02:36:50PM +0100, Hubert Kario wrote:
> > Same thing with needing sshv1 to access old network gear where even sshv1
> > was an achievement. "Throw away gear that does its job perfectly well,
> > but has no sshv2 for *management*" or "keep around an ssh v1 capable
> > client"?
>
> If you depend on hardware like this,