similar to: [Bug 3587] New: Would OpenSSH consider adding a switch to hide the specific OpenSSH version number?

https://bugzilla.mindrot.org/show_bug.cgi?id=3656 Bug ID: 3656 Summary: How to fix row hammer attacks? Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=3531 Bug ID: 3531 Summary: Ssh will not exit when it receives SIGTERM before calling poll in client_wait_until_can_do_something until some events happen. Product: Portable OpenSSH Version: 9.1p1 Hardware: Other OS: Linux Status:

https://bugzilla.mindrot.org/show_bug.cgi?id=3597 Bug ID: 3597 Summary: Why do we check both nsession_ids and remote_add_provider when judging whether allow remote addition of FIDO/PKCS11 provider libraries is disabled? Product: Portable OpenSSH Version: -current Hardware: Other

https://bugzilla.mindrot.org/show_bug.cgi?id=3526 Bug ID: 3526 Summary: Config option AddressFamily has no effect? Product: Portable OpenSSH Version: 9.0p1 Hardware: amd64 OS: Mac OS X Status: NEW Severity: trivial Priority: P5 Component: ssh Assignee: unassigned-bugs at

The version of sshd in FreeBSD 8.4 is not backward compatible with older version from 8.3. OpenSSH_5.4p1 (on FreeBSD 8.3) OpenSSH_6.1p1 (on FreeBSD 8.4) # sshd -t /etc/ssh/sshd_config line 19: Missing argument. On line 19, there is: VersionAddendum It was OK in older versions. It will remove any default text appended to SSH protocol banner (for example 'FreeBSD-20120901'). On

Hello all, We got a report [1], that we miss "p1" suffix in the sshd identification strings in Fedora. I dig in and found out that it is also missing from portable usptream since 2004, when you were rewriting version.h header file with this information. Debian somehow patched this information back during the time in some places (ssh_api.c is missing). It does not look like

https://bugzilla.mindrot.org/show_bug.cgi?id=2281 Bug ID: 2281 Summary: sshd accepts empty arguments in ForceCommand and VersionAddendum Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

A non-text attachment was scrubbed... Name: openssh.diff Type: text/x-patch Size: 49208 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020626/8f94fb5b/attachment.bin

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

https://bugzilla.mindrot.org/show_bug.cgi?id=3551 Bug ID: 3551 Summary: Which patches fixes the problem of adding smartcard keys to ssh-agent? Product: Portable OpenSSH Version: 9.3p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=3576 Bug ID: 3576 Summary: The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd. Product: Portable OpenSSH Version: -current Hardware: All OS: Linux Status: NEW

https://bugzilla.mindrot.org/show_bug.cgi?id=3590 Bug ID: 3590 Summary: Why is the service name in the USERAUTH REQUEST message "ssh-connect" instead of "ssh-userauth"? Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: trivial

https://bugzilla.mindrot.org/show_bug.cgi?id=3647 Bug ID: 3647 Summary: Correct the catalogue number of PROTOCOL Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: Documentation Assignee: unassigned-bugs at

On 08/21/2018 02:20 PM, Warren Young wrote: > On Aug 21, 2018, at 1:27 PM, Nataraj <incoming-centos at rjl.com> wrote: >> I have a web application which uses sudo to invoke python scripts as the >> user under which the application runs (NO root access). > Why is the web app not running with that user?s permissions in the first place? > > If your answer is that it

https://bugzilla.mindrot.org/show_bug.cgi?id=3518 Bug ID: 3518 Summary: Skip scp transfer over multiplexed connection if there's no scp on remote path as scp3 test did Product: Portable OpenSSH Version: 9.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement

https://bugzilla.mindrot.org/show_bug.cgi?id=3196 Bug ID: 3196 Summary: [Information Disclosure] OpenSSH_7.4p1 Raspbian-10+deb9u7 discloses OS version Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Other Status: NEW Severity: security Priority: P5

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

> Michael Grimm <trashcan at odo.in-berlin.de> kirjoitti 9.5.2015 kello 23.17: > > Hi ? > > Timo Sirainen <tss at iki.fi> wrote: > >> Please test especially non-Linux systems as there are some larger configure/Makefile changes done since v2.2.16. > > 2.2.17.rc1 will compile on FBSD 10.1 only, if bash has been installed Dovecot hg requires bash

When should sshd disconnect an SSHv2 connection? Markus Friedl says "for protocol v2 the client decides when to close the connection." In principle, I agree, because SSHv2 supports multiple sessions over the same connection, with the client able to launch new sessions anytime then it should be upto the client. But this would be a major cultural change for most users, and would break

Hi, On Fri, Mar 27, 2015 at 02:36:50PM +0100, Hubert Kario wrote: > > Same thing with needing sshv1 to access old network gear where even sshv1 > > was an achievement. "Throw away gear that does its job perfectly well, > > but has no sshv2 for *management*" or "keep around an ssh v1 capable > > client"? > > If you depend on hardware like this,