similar to: Call for testing: OpenSSH 9.7

On Sat, 9 Mar 2024, Tom G. Christensen wrote: [snip] > Running the testsuite on Solaris 9 I see this: [snip] > /export/home/tgc/buildpkg/openssh/src/openssh-git/ssh-keygen -if > /export/home/tgc/buildpkg/openssh/src/openssh-git/regress/rsa_ssh2_crnl.prv | > diff - /export/home/tgc/buildpkg/openss > h/src/openssh-git/regress/rsa_openssh.prv ; \ > fi > +

On 05/03/2024 01:24, Damien Miller wrote: > > Hi, > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > Running the testsuite on Solaris 9 I see this: set -xe ; if /export/home/tgc/buildpkg/openssh/src/openssh-git/ssh -Q key | grep -q ^ssh-rsa ; then \

On 27/03/17 17:06, Tom G. Christensen wrote: > On 20/03/17 14:31, Damien Miller wrote: >> OpenSSH 7.5 has just been released. It will be available from the >> mirrors listed at http://www.openssh.com/ shortly. >> > > I'm seeing an error in the testsuite on Solaris 2.6: > test_utf8: ........................ > regress/unittests/utf8/tests.c:48 test #25

"Tom G. Christensen" <tgc at jupiterrise.com> writes: > On 22/03/16 08:34, Philip Hands wrote: >> >> [ "`tail -c1 .ssh/authorized_keys 2>/dev/null`" ] && echo > .ssh/authorized_keys ; >> >> anyone know of portability issues with that? >> > > On Solaris 10 and older /usr/bin/tail does not understand the -c1 >

On 01/06/15 22:17, Tom G. Christensen wrote: > On sparc-sun-solaris2.6 and sparc-sun-solaris2.7 the testsuite fails: > run test cfgparse.sh ... > reparse minimal config > reparse regress config > listenaddress order > bad addr or host: ::1 (no address associated with name) > listenaddress order 1 > bad addr or host: ::1 (no address associated with name) > listenaddress

On Sat, 28 Feb 2015, Tom G. Christensen wrote: > On 19/02/15 23:21, Damien Miller wrote: > > OpenSSH 6.8 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. > > > > I've now tested using revision 1ad3a77 and it passes the testsuite on Solaris > 2.6, 7, 8 and 9 (using gcc and openssl 1.0.1k). > >

On 24/02/15 21:56, Tim Rice wrote: > On Wed, 25 Feb 2015, Damien Miller wrote: > > | On Tue, 24 Feb 2015, Tom G. Christensen wrote: > | > | > I've switched to HEAD in the git repo and it now builds on Solaris > | > 2.6, 7, 8 and 9 but the testsuite still cannot be built due to the > | > missing <err.h>. > > The err.h issue is fixes but there still

On 06/11/2014 01:02 AM, Thorsten Glaser wrote: > While all ?real? ttys may support TIOCGPGRP, /dev/console doesn?t; > using TCGETS here allows Linux booted with init=/bin/mksh-static > to have working interactive command line (PS1, editing, etc). > > Reported-by: Dominik George <d.george at tarent.de> > Signed-off-by: Thorsten Glaser <t.glaser at tarent.de> > ---

Commit-ID: 7763dd33e5b8eed4b9e3c583c02c10176fd550d3 Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=7763dd33e5b8eed4b9e3c583c02c10176fd550d3 Author: Thorsten Glaser <tg at mirbsd.org> AuthorDate: Wed, 11 Jun 2014 10:02:14 +0200 Committer: H. Peter Anvin <hpa at zytor.com> CommitDate: Wed, 9 Jul 2014 08:21:02 -0700 [klibc] isatty(): use TCGETS instead of

While all ?real? ttys may support TIOCGPGRP, /dev/console doesn?t; using TCGETS here allows Linux booted with init=/bin/mksh-static to have working interactive command line (PS1, editing, etc). Reported-by: Dominik George <d.george at tarent.de> Signed-off-by: Thorsten Glaser <t.glaser at tarent.de> --- usr/klibc/isatty.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)

Commit-ID: 62d84fb8793fdf21c5267688de231cc1a111e070 Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=62d84fb8793fdf21c5267688de231cc1a111e070 Author: Thorsten Glaser <tg at mirbsd.org> AuthorDate: Sat, 29 Sep 2012 20:18:48 +0000 Committer: maximilian attems <max at stro.at> CommitDate: Mon, 1 Oct 2012 14:55:24 +0200 [klibc] arm: unbreak armhf shared binaries

Commit-ID: 49419d2df2018fff5ae6250cf55b16fa65bdc490 Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=49419d2df2018fff5ae6250cf55b16fa65bdc490 Author: Thorsten Glaser <tg at mirbsd.org> AuthorDate: Sun, 27 May 2012 17:16:48 +0000 Committer: maximilian attems <max at stro.at> CommitDate: Tue, 29 May 2012 19:07:09 +0200 [klibc] alpha: fix signal handler setup on

Hey Thorsten, Thorsten Glaser <t.glaser at tarent.de> writes: > On Sun, 12 Jan 2020, Nico Schottelius wrote: > >> I was wondering what you think about SNI (server name indication) >> support to OpenSSH? > > Oh, please absolutely not. SNI is a privacy violation in HTTP, and > otherwise just a poor excuse to continue running NAT and/or IPv4. you might have

Michael Stone <mstone at mathom.us> writes: > On Sun, Mar 20, 2016 at 08:30:33PM +0000, Colin Watson wrote: >>How about something like: >> >> if [ "$(sed -n '${s/.*//;p}' ~/.ssh/authorized_keys | wc -l)" = 0 ]; then >> echo >> ~/.ssh/authorized_keys >> fi >> >>I feel like there must be a neater but still portable way

This uses time, ASLR and pid for randomisation. (Closes: #516774) Signed-off-by: Thorsten Glaser <tg at mirbsd.org> --- usr/include/stdlib.h | 2 + usr/klibc/Kbuild | 2 +- usr/klibc/mkstemp.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 1 deletions(-) create mode 100644 usr/klibc/mkstemp.c diff --git a/usr/include/stdlib.h

Signed-off-by: Thorsten Glaser <tg at mirbsd.org> --- klcc/klcc.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/klcc/klcc.in b/klcc/klcc.in index 43d0984..e03bf3c 100644 --- a/klcc/klcc.in +++ b/klcc/klcc.in @@ -136,7 +136,7 @@ while ( defined($a = shift(@ARGV)) ) { } else { die "$0: unknown option: $a\n"; } - } elsif ( $a =~

On 12/03/2014 08:43 AM, Thorsten Glaser wrote: > On Wed, 3 Dec 2014, H. Peter Anvin wrote: > >> Ah, depends on the image type. We spoke reset for an NBP though. > > ?! > Should, not spoke. -hpa

On 2020-01-11 08:57, Thorsten Glaser wrote: > If you wish for no local expansion, quote locally, such as: > > ssh -l luser remotehost ' > command1 > command2 > ? > ' This didn't work for me because single quotes only prevent local expansion. The string is expanded on the remote host. Yuri

I conjecture that only few of the existing use cases rely on remote expansion. In any case (no pun intended), IMHO it would be better to break a few of the current use cases but leave the majority functional - than kill scp for all. Regards, Uri > On Aug 3, 2020, at 02:50, Jakub Jelen <jjelen at redhat.com> wrote: > > ?On Sat, 2020-08-01 at 00:17 +0000, Blumenthal, Uri - 0553

Why can the local and remote paths be sanitized? Regards, Uri > On Jul 31, 2020, at 19:57, Ethan Rahn <ethan.rahn at gmail.com> wrote: > > ?I wanted to bring this up again due to: > https://github.com/cpandya2909/CVE-2020-15778/. This showcases a clear > issue with scp which it sounds like cannot be fixed without breaking scp. > This seems like it would lend some impetus