similar to: [Bug 1552] New: Patch to log tunnel information

First, all credit to Vladimir Parkhaev as this is his code. He may have submitted this before for all I know, but I for one definitely would like to see this end up in the codebase, so I'm submitting it. *** openssh-5.1p1/serverloop.c Fri Jul 4 09:10:49 2008 --- openssh-5.1p1-RCFHACKS/serverloop.c Thu Jan 29 08:56:11 2009 *************** *** 957,962 **** --- 957,968 ---- c =

Patch is below : diff -nru openssh-3.8.1p1/auth-options.c openssh-3.8.1p1-devs//auth-options.c --- openssh-3.8.1p1/auth-options.c Tue Jun 3 02:25:48 2003 +++ openssh-3.8.1p1-devs//auth-options.c Mon Feb 21 16:56:49 2005 @@ -265,6 +265,81 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is

https://bugzilla.mindrot.org/show_bug.cgi?id=1552 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2130 --- Comment #13 from Damien Miller <djm at mindrot.org> --- Retarget to openssh-6.4 -- You are

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

https://bugzilla.mindrot.org/show_bug.cgi?id=1513 Summary: CIDR address/masklen matching support for permitopen= Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1233 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #4 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:09 EST --- Retarget unresolved

Hi, Openssh sshd opens the socket that forwards users requested port forwards as root, so the connection seems to come from root. Is it enough to open the socket as normal user so the connection would appear to come from that user ? (On Linux this seems to work, but what about other OS's ?) I tested this briefly by wrapping the channel_connect_to(target,target_port); (in

Hi, I'm not on the openss-unix-dev mailing list, but I want to ask about a feature that I've put into my local implementation of OpenSSH the past year or so, and I wanted to know if it was worthwile to add it to the sources so that I don't have to add it myself each time I upgrade... About a year ago I was working for a company that wanted to use OpenSSH as a server (on a Linux

https://bugzilla.mindrot.org/show_bug.cgi?id=1552 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|2130 | --- Comment #15 from Damien Miller <djm at mindrot.org> --- This needs more design and probably a new

https://bugzilla.mindrot.org/show_bug.cgi?id=1818 Summary: SSH2_MSG_CHANNEL_FAILURE on closed channel Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=2273 Bug ID: 2273 Summary: The group of the tunnel device needs to match with the group of the connecting ssh user Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

I've been trying to cut down the size of openssh so I can run it on my Nokia 770. One thing which helps a fair amount (and will help even more when I get '-ffunction-sections -fdata-sections --gc-sections' working) is to have the option of compiling out privilege separation... Is it worth me tidying this up and trying to make it apply properly to the OpenBSD version? Does the openbsd

https://bugzilla.mindrot.org/show_bug.cgi?id=1545 Summary: ssh-keygen -R removes all comments from known_hosts file Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1233 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2130 --- Comment #12 from Damien Miller <djm at mindrot.org> --- Retarget to openssh-6.4 -- You are

https://bugzilla.mindrot.org/show_bug.cgi?id=1544 Summary: ssh-keygen -l on known_hosts file does not display hostnames for lines with comments Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen

Hi, ssh clients shows "closed by UNKNOWN" message when a socket is closed by a remote side while ssh is waiting for user's password: $ ssh user at localhost user at localhost's password: Connection closed by UNKNOWN When the packet_read_seqnr() calls get_remote_ipaddr(), a connection's socket is already closed and there's not been any other call of this function yet

On Thu, Nov 08, 2001 at 01:59:25PM +0100, Arthur de Jong wrote: > root and warthur both have user id 0. Sorry, I should have made that > clearer. They both have different passwords and rsa keys and I would like > to be able to make the distinction in the logs. Currently ssh only logs > that a ROOT user has logged in, not which one. hm, i don't think uid sharing is a standard unix

I apologize, this patch should have been sent awhile ago. Between a lot of things that needed to be completed at work as a sysadmin for the Research Computing group at Purdue University and retiring from work after 38 years at the end of May (2012), I basically ignored it. This patch is from a clone of my workstation that I just activated at home. The patch was primarily written to fix the

https://bugzilla.mindrot.org/show_bug.cgi?id=2158 Bug ID: 2158 Summary: Race condition in receiving SIGTERM Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org