similar to: Splitting sshd

Should I submit this as a proper bug, or will someone look at it? Basically, between 4.7-REL and 4.8-REL ssh was upgraded and now exhibits the following bug. If you connect with protocol v1 you get three ssh processes, one of which never dies, even after the ssh session has been closed. % ps aux | grep ssh root 219 0.0 0.0 4076 0 ?? IW - 0:00.00 sshd: paul [priv root

The patch below (against openssh 3.2.3p1) adds a CheckMaxStartups option, defaulting to yes, to determine whether sshd calls drop_connection(). The motivation behind this is twofold. In our environment, our timesharing machines get enough incoming connections that will trigger spuriously with the default value (10 forked unauthenticated connections) as well as some significantly higher values,

I realize that the splitting of the sshd binaries is a work in progress. Nonetheless I am trying to make a diagram of the situation as of 9.8. How close have I gotten? Is it correct that currently for a basic session, binaries are run four ways? 1. A privileged binary to listen for incoming connections (66717 below) 2. A privileged session monitor to track the session, for the duration of the

Please include the following to bug ID: 26222 at: http://bugs.samba.org/?findid=26222 More checking shows that closing a search window on Windows in the middle of it's search doesn't stop the SMB activity. Network utilization remains high, and it seems as if the server is stuck searching. In an attempt to verify, I created a share on Win2k, and followed the same procedure: Server:

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

Server host config: Slackware 8.0 (custom boot scripts) glibc-2.2.3 gcc-2.95.3 Linux-2.4.18 Client host config: (same as server) Symptom: session disconnects with no message to client: ============================================================================= phil at antares:/home/phil 153> ssh -V OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f phil at antares:/home/phil 154>

Hi, Sorry for cross posting. I have with FreeBSD 5.3-stable server which serves as a public shell server. FreeBSD public.ub.mng.net 5.3-STABLE FreeBSD 5.3-STABLE #6: Wed Nov 24 15:55:36 ULAT 2004 tsgan@public.ub.mng.net:/usr/obj/usr/src/sys/PSH i386 It has ssh and proftp-1.2.10 daemons. However it was hacked and I'm trying to analyze it and having some difficulties. Machine is

Hi. >From my understanding the MaxStartups option can be set to limit the number of concurrent sessions the OpenSSH server opens. My concern is how OpenSSH handles the case where this number is reached. >From the code it looks like it simply closes the socket: sshd.c:1440 if (drop_connection(startups) == 1) { debug("drop connection #%d", startups); close(newsock);

Hi, We serve a fairly substantial number[1] of ssh connections across our fleet.? We have hit MaxStartups limits in the past and bumped it up a few times (currently at 300), but we have no warning before the limit is reached and connections start being dropped.? What I would love is some sort of instrumentation that could let us see the highest number of concurrent pre-auth connections the

https://bugzilla.mindrot.org/show_bug.cgi?id=2613 Bug ID: 2613 Summary: Log connections dropped when MaxStartups is reached Product: Portable OpenSSH Version: 7.3p1 Hardware: Sparc OS: Solaris Status: NEW Severity: trivial Priority: P5 Component: sshd Assignee: unassigned-bugs

http://bugzilla.mindrot.org/show_bug.cgi?id=1152 Summary: Bogus data in wtmp Product: Portable OpenSSH Version: 4.3p1 Platform: ix86 OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: bugzilla at goetz.co.uk

https://bugzilla.mindrot.org/show_bug.cgi?id=3055 Bug ID: 3055 Summary: Need some high-probability logging re MaxStartups Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

I can't seem to get the /etc/shadow password expiry working on 3.8p1 on Solaris 8. It works fine with 3.7.1p2 and pwexp26. Logins aren't affected after a 'passwd -df' or 'passwd -f'. Here's the configure, using gcc 3.2: --prefix=/usr --sysconfdir=/etc/ssh --with-tcp-wrappers \ --without-pam --libexecdir=/usr/sbin --mandir=/usr/share/man \ --with-shadow 'uname

Hi, this was originally reported on ports@. [1] Someone noticed that after after running sudo their session disappeared when running `w` afterwards. I've done a little experimenting and this is caused when pam_lastlog.so is included in sudo's pam file. This results in the user still being logged in though according to the system logs the user has logged out. Here's an example:

Dear "someone who can help", I am having a problem with SAMBA and SWAT (although I'm not sure SWAT is part of the problem...) I get two instances of "smbd" when ever it is started on this system. From SWAT I can only stop it ONE time. After that, each time I attempt to stop the SMBD daemon from SWAT it simply starts TWO more instances of the daemon (or something

Also, try doing 'who /etc' or any other directory. -----Original Message----- From: Mike Jakubik [mailto:mikej@trigger.net] Sent: Friday, July 04, 2003 1:23 PM To: Stable Subject: RE: who am i root@ns1:~# who am i root ttyp1 Jul 4 13:20 (wettoast.org) root@ns1:~# login login: wettoast Password: Last login: Fri Jul 4 09:48:25 on ttyp1 Copyright (c) 1980, 1983, 1986,

https://bugzilla.mindrot.org/show_bug.cgi?id=1490 Summary: sshd -T reports a string of UNKNOWNs Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=1490 Summary: sshd -T reports a string of UNKNOWNs Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: unassigned-bugs at

Hi, I am not sure to report this as a bug. so mailing to the list. I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk to that port, sshd gets killed after some time 192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i send my dos attack This is the tcpjunk command i gave to the ssh server #tcpjunk -s 192.168.71.1 -p 22 -c req -i 100 req session

Hello- I am bit confused here. I have just had some issues with my box and I am looking for some opinions. I just had been denied access to my box...supposedly from a memory shortage in reference to my NIC....more specifically, mbuf clusters exhausted. Now I am looking in my /var/log/messages for when this started and I notice a discrepancy in my logs. Now from where I am looking, I see