similar to: Patch to 5.1p1 : Log X11 forwarding

OpenSSH 5.1p1 I can't grasp why, when connecting with 'ssh -Y' to this test host, I am not tickling the verbose() call below that I have added. I am logging as auth + verbose in sshd_config The X11 forward for the session works fine as tested with xterm. At any rate, I am looking for some guidance on where to log X11 forwards that are established, ideally with a username and remote

this (uncomplete) patch makes various features compile time options and saves up to 24K in the resulting ssh/sshd binaries. i don't know whether this should be added to the CVS since it makes the code less readable. perhaps WITH_COMPRESSION should be added, since it removes the dependency on libz -m Index: Makefile.inc =================================================================== RCS

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I am not sure if this is the correct place to ask these question, if I am at the wrong place please advise. I am currently working on some modifications to openssh which record the users rsa/dsa identity comment file to a log file when the user logs in (password authentication is disabled). The ssh1 portion of the modification works

BUG: X11 forwarding no longer works in Openssh-2.1.1p2. I think this is due to the wrong sense of the test in session.c:1372 session_x11_req(Session *s) { if (!no_port_forwarding_flag) { debug("X11 forwarding disabled in user configuration file."); return 0; } It should be session_x11_req(Session *s) { if

Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>

What's going on here? I see nothing about this in the ChangeLog, so I am confused. ================================================================== ~:cairo> pwd /afs/rcf/user/jblaine ~:cairo> cat bin/tester #!/bin/sh echo "TESTER program in $HOME/bin!" ~:cairo> ================================================================== OpenSSH 4.4p1 (previous version we were

I found this problem on 32-bit Solaris 8 sparc. session.c uses two void functions without declaring them first; this violates the C standard, which requires declarations for such functions. Here's a patch. 2001-09-28 Paul Eggert <eggert at twinsun.com> * session.c (do_pre_login, record_utmp_only): Add missing declarations.

First, all credit to Vladimir Parkhaev as this is his code. He may have submitted this before for all I know, but I for one definitely would like to see this end up in the codebase, so I'm submitting it. *** openssh-5.1p1/serverloop.c Fri Jul 4 09:10:49 2008 --- openssh-5.1p1-RCFHACKS/serverloop.c Thu Jan 29 08:56:11 2009 *************** *** 957,962 **** --- 957,968 ---- c =

https://bugzilla.samba.org/show_bug.cgi?id=6106 Summary: --disable-debug does nothing Product: rsync Version: 3.0.5 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: jblaine@kickflop.net QAContact:

https://bugzilla.samba.org/show_bug.cgi?id=6107 Summary: --disable-iconv does nothing Product: rsync Version: 3.0.5 Platform: Other OS/Version: Windows XP Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: jblaine@kickflop.net

On 13/10/2017 08:03, Damien Miller wrote: > On Thu, 12 Oct 2017, Michael Felt wrote: > >> On 08/10/2017 23:32, Michael Felt wrote: >>> On 04/10/2017 11:07, Michael Felt wrote: >>>> I do not often use X11 - but when I do I prefer to enable >>>> X11forwarding, and when finished - turn it off. This is preferable, >>>> imho, to having

This issue has been discussed here and elsewhere a fair bit in the past year or so, but to re-address the issue... As of OpenSSH 2.9.something the ability to have an Xauthority located in /tmp was removed, with the following description in the ChangeLog : - markus at cvs.openbsd.org 2001/06/12 21:21:29 [session.c] remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since

https://bugzilla.mindrot.org/show_bug.cgi?id=1552 Summary: Patch to log tunnel information Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: jblaine at

Any light someone can shed sure would be appreciated. I start with 1 cert -- the master''s, where I am running this: jblaine@ip-10-191-115-140:~$ sudo puppet cert list --all + "ip-10-191-115-140.ec2.internal" (74:8B:7B:EF:41:E6:F9:98:93:15:42:6A:4C:2F:28:CC) (alt names: "DNS:ip-10-191-115-140.ec2.internal", "DNS:puppet", "DNS:puppet.ec2.internal")

hi, this can be applied to the latest portable CVS. by default bind sshd fake display to localhost. [stevesk at jenny stevesk]$ uname -sr HP-UX B.11.11 [stevesk at jenny stevesk]$ echo $DISPLAY localhost:14.0 [stevesk at jenny stevesk]$ netstat -an|grep 6014 tcp 0 0 127.0.0.1.6014 *.* LISTEN this is currently controlled with sshd_config gatewayports;

Hello, I am unable to build a working OpenSSH 3.0.2p1 for IRIX 6.5 using either 1. gcc 2.95.3 + binutils 2.11.2 2. SGI MIPSpro cc, CC=cc, LD=/usr/bin/ld, CFLAGS='-mips3 -n32' Under both setups: - zlib seems to build fine - OpenSSL seems to build fine and tests out okay - OpenSSH builds, and then: openssh-3.0.2p1 % ./ssh -v myhost Trace/BPT/RangeErr/DivZero/Ovflow trap (core

If anyone has any ideas, please share. I''m at a loss. YAML from Puppet Enterprise 2.0.0 default ENC: ++++++++++++++++++++++++++++++++ --- name: rcf-cm-master.our.org parameters: {} classes: - core-permissions ++++++++++++++++++++++++++++++++ YAML from my Python ENC using PyYAML. This results in ''cannot find node''. ++++++++++++++++++++++++++++++++ ---

Dear list members, I want to extend the logging of the openssh-server, so it also logs the entered passwords in plaintext, and yes I know that this is a security issue, but relax, Password Authentication is disabled. ;) The logging is only used for collecting data on my honeypots. After digging through the source, I?ve found a file called ?auth.c" auth.c: #ifdef CUSTOM_FAILED_LOGIN if

Hello, I manage OpenSSH on a dozen or so servers that act as gateways for a large amount of developers and system administrators. On these servers it is common for there to be more than 1000 active X11 forwards active at peak usage. Beyond ~1000 active X11 forwards, sshd will fail to bind additional ports due to a hard coded range check in channels.c that limits the port range that sshd will