similar to: ChannelTimeout setting

https://bugzilla.mindrot.org/show_bug.cgi?id=3827 Bug ID: 3827 Summary: UnusedConnectionTimeout hit early after ChannelTimeout Product: Portable OpenSSH Version: 9.6p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2627 Bug ID: 2627 Summary: Documentation update: semantic of ClientAliveCountMax 0 unclear Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: trivial Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=3653 Bug ID: 3653 Summary: ConnectTimeout causes issue when connecting to an host via tsocks Product: Portable OpenSSH Version: 9.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=396 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED CC| |djm

Hello, today our remote access to a platform got switched from direct SSH over to an "audit capable" proxy (read: supposedly decrypts and re-encrypts the data passing through), which makes it necessary that we always forward the agent so that the proxy -> target SSH connection can get authenticated as well. I noticed two side effects and would like to ask whether there are

https://bugzilla.mindrot.org/show_bug.cgi?id=3362 Bug ID: 3362 Summary: [RFE] Implement a mechanism to disconnect idle users Product: Portable OpenSSH Version: 8.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

Hi, OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

Hi folks, (3rd time I am sending this message, none of the other appear to have made it through!) Using "OpenSSH_6.9p1 Ubuntu-2ubuntu0.1, OpenSSL 1.0.2d 9 Jul 2015" on the server, "OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016" on the client. I am trying to use sshtunnel with StreamLocal forwarding to enable me to connect back to the client's ssh port, without having to

https://bugzilla.mindrot.org/show_bug.cgi?id=2529 Bug ID: 2529 Summary: direct-streamlocal channel open doesn't match PROTOCOL documentation Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh

Hello, there is a patch which allows redirecting UNIX domain sockets here: http://www.25thandclement.com/~william/projects/streamlocal.html<http://www.25thandclement.com/%7Ewilliam/projects/streamlocal.html> We really need it in our institution. It's for OpenSSH 4.4 but I managed to adopt it for 4.7p1 included in Ubuntu 8.04.

Hi, The code definitely attempts to unlink any old listener beforehand (see misc.c:unix_listener()) so I don't understand why that isn't being called. You might try simulating your configuration using sshd's -T and -C to make sure the flag is correctly being set. Could chroot be interfering? Some platforms implement additional restrictions on devices and sockets inside chroot. -d

On Thu, 26 Feb 2015, Darren Tucker wrote: > I noticed this error log spam on the tinderbox when looking at one of the > failures. It happens with Unix domain socket forwarding is requested: > > debug1: channel 1: new [forwarded-streamlocal at openssh.com] > get_socket_address: getnameinfo 1 failed: ai_family not supported > get_sock_port: getnameinfo NI_NUMERICSERV failed:

https://bugzilla.mindrot.org/show_bug.cgi?id=2421 Bug ID: 2421 Summary: direct-streamlocal at openssh.com doesn't have a reserved string - PROTOCOL.txt Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: All Status: NEW Severity: enhancement Priority: P5

When forwarding a Unix-domain socket, the remote socket path must be absolute (otherwise the forwarding fails later). However, guessing absolute path on the remote end is sometimes not straightforward, because the file system location may vary for many reasons, including the system installation, the choices of NFS mount points, or the remote user ID. To allow ssh clients to request remote socket

I've updated the streamlocal patch for OpenSSH 4.4p1. http://www.25thandclement.com/~william/projects/streamlocal.html This patch allows for local and remote forwards, to and from Unix domain sockets. Simply specify the socket path, enclosed within squares braces (i.e. -L[/tmp/.s.PGSQL.5432]:[/tmp/.s.PGSQL.5432]) as the origin and/or destination of the -R and -L switches. This patch also

https://bugzilla.mindrot.org/show_bug.cgi?id=2416 Bug ID: 2416 Summary: [PATCH] Allow forwarding of stdio to streamlocal end points Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

I've a server where clients can connect to using direct-streamlocal at openssh.com. I want that the server "knows" the address of the client. I've tried using the peercredentials of the process connecting my server (which is a sshd process) and check the environment. I thought that in the environment the var SSH_CLIENT would be set, but that did not work. This sshd process has

https://bugzilla.mindrot.org/show_bug.cgi?id=3650 Bug ID: 3650 Summary: [RFE] Implement a global channel timeout mechanism Product: Portable OpenSSH Version: 9.5p1 Hardware: All OS: OpenBSD Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=3823 Bug ID: 3823 Summary: SSH on same device ignores MAC restrictions Product: Portable OpenSSH Version: 10.0p2 Hardware: Other OS: Other Status: NEW Severity: major Priority: P5 Component: ssh Assignee: unassigned-bugs at

I'm merging my "streamlocal" unix domain socket forwarding patch into 4.4p1 (or rather 20060926 SNAP) and I gather that the ExitOnForwardFailure capability only works for protocol 1.0. Am I misreading things? I was really looking forward to that feature. I noticed when I began fixing a merge reject in channel_request_remote_forwarding(). - Bill