Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/openssh/dev/ en-us (c) Gossamer Threads Inc. All rights reserved. 12 Feb 2012 08:20:48 -0800 120 75 23 http://www.gossamer-threads.com/lists/openssh/dev/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Hello all, I recently have a problem with multiple addresses and address families. Problem is simple, i have some hosts with IPv4 access only and some 12 Feb 2012 07:22:09 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53370 Thanks both of you for your answer... I've spot an error I made in /etc/init.d/script so now I am able to run it with a 'service' command and everyth 11 Feb 2012 12:00:11 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53369 It also may be that the ssh client can't find your generated key. I'd do: ssh-keygen -f id_dsa -t dsa then add id_dsa.pub to authorized keys then 10 Feb 2012 11:48:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53367 I'm not sure which Windows port of OpenSSH you're using; however, I usually recommend people looking to use SSH on Windows either work with PuTTY or C 10 Feb 2012 11:46:08 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53368 Dear All, could anybody be so kind and explain me such situation: I set up OpenSSH client on Windows 7. Then I generated keys pair by 'ssh-keygen -t 10 Feb 2012 08:51:52 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53366 Hi Sonja, Sonja Meyer wrote: > i am using SFTP with CHROOT. I want to allow my users that they can > upload and download with the sftp server, but th 09 Feb 2012 05:35:53 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53362 Hello, i am using SFTP with CHROOT. I want to allow my users that they can upload and download with the sftp server, but they should never do an MK 09 Feb 2012 05:08:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53361 --On 9 February 2012 11:59:57 +0100 Peter Stuge <peter@stuge.se> wrote: >> When trying to restart deamons on remote pcs having the same specs, >> som 09 Feb 2012 03:30:23 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53359 Merto Mertek wrote: > spec: > os: ubuntu 10.0, OpenSSH_5.5p1 Debian-4ubuntu4, OpenSSL 0.9.8o > > problem: > When trying to restart deamons on remote 09 Feb 2012 02:59:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53358 I've been trying to find an answer on other sites however I could not resolve my problem. spec: os: ubuntu 10.0, OpenSSH_5.5p1 Debian-4ubuntu4, OpenS 08 Feb 2012 15:11:02 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53357 On Feb 8, 2012, at 1:21 AM, John Olsson M wrote: > Ben Lindstrom wrote: >> It would be more useful to allow "Subsystem" be allowed in a >> 'Match' s 08 Feb 2012 06:11:03 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53356 Ben Lindstrom wrote: > It would be more useful to allow "Subsystem" be allowed in a > 'Match' section and ensure 'Subsystem sftp none' or such to > 07 Feb 2012 23:21:05 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53355 On Feb 7, 2012, at 6:04 AM, Paulo wrote: > Hi! > > I do not know if it's the ideal place, but I'm sending some suggestion. > Always use openssh and 07 Feb 2012 12:43:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53354 I know this is hard.... I do not have idea how to do it, but imagine the difficulty. I use many ways for acess to ssh. - Some users can acess by ssh 07 Feb 2012 11:38:56 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53353 On Tue, Feb 7, 2012 at 9:24 AM, Peter Stuge <peter@stuge.se> wrote: > Paulo wrote: >> I see that being possible the inclusion of these options, it wou 07 Feb 2012 07:07:12 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53352 Paulo wrote: > I see that being possible the inclusion of these options, it would > kill commands rssh, scponly and mysecureshell and the whole > conf 07 Feb 2012 06:24:50 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53351 Hi! I do not know if it's the ideal place, but I'm sending some suggestion. Always use openssh and its enormous features. - I needed to create an en 07 Feb 2012 04:04:54 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53350 On Mon, 06 Feb 2012, ngel Gonzlez wrote: >> The 10th report is another false positive: >> Logic error Memory leak auth-options.i 105 06 Feb 2012 03:26:02 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53341 2012/2/6 聲gel Gonz嫮ez <keisial@gmail.com> > On 06/02/12 03:30, Zhenbo Xu wrote: > > The 10th report is another false positive: >> Logic erro 06 Feb 2012 01:09:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53339 On 06/02/12 03:30, Zhenbo Xu wrote: > > The 10th report is another false positive: > Logic error Memory leak auth-options.i 10587 06 Feb 2012 00:58:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53340 Same with these reports. 2012/2/6 聲gel Gonz嫮ez <keisial@gmail.com> > On 05/02/12 23:04, 聲gel Gonz嫮ez wrote: > > The 10th report is another false 05 Feb 2012 18:33:31 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53334 2012/2/6 聲gel Gonz嫮ez <keisial@gmail.com> > On 04/02/12 02:55, Zhenbo Xu wrote: > > The url below is the index of bug reports that are checked as 05 Feb 2012 18:30:04 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53335 2012/2/6 聲gel Gonz嫮ez <keisial@gmail.com> > On 04/02/12 02:55, Zhenbo Xu wrote: > > The url below is the index of bug reports that are checked as 05 Feb 2012 18:03:17 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53332 2012/2/6 聲gel Gonz嫮ez <keisial@gmail.com> > On 04/02/12 02:55, Zhenbo Xu wrote: > > I also applied melton(http://lcs.ios.ac.cn/~xuzb/melton.html) 05 Feb 2012 17:53:22 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53333 On 05/02/12 23:04, 聲gel Gonz嫮ez wrote: > The 10th report is another false positive: > Logic error Memory leak auth-options.i 10587 28 05 Feb 2012 14:07:51 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53330 On 04/02/12 02:55, Zhenbo Xu wrote: > The url below is the index of bug reports that are checked as real > bugs manually. > > http://lcs.ios.ac.cn/~xu 05 Feb 2012 14:04:07 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53331 On Tue, 31 Jan 2012, Daniel Kahn Gillmor wrote: > What about an approach instead that allows sshd to talk to a running > ssh-agent for its keys? The 05 Feb 2012 13:59:35 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53328 On 04/02/12 02:55, Zhenbo Xu wrote: > The url below is the index of bug reports that are checked as real > bugs manually. > > http://lcs.ios.ac.cn/~xu 05 Feb 2012 13:58:52 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53329 On 04/02/12 02:55, Zhenbo Xu wrote: > The url below is the index of bug reports that are checked as real > bugs manually. > > http://lcs.ios.ac.cn/~xu 05 Feb 2012 13:34:30 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53327 On 05/02/12 21:51, 聲gel Gonz嫮ez wrote: > The second leak > > Logic error Memory leak session.i 13193 13 View Report > <http://lc 05 Feb 2012 13:11:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53323 On 04/02/12 02:55, Zhenbo Xu wrote: > The url below is the index of bug reports that are checked as real > bugs manually. > > http://lcs.ios.ac.cn/~xu 05 Feb 2012 13:02:58 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53324 On 04/02/12 02:55, Zhenbo Xu wrote: > I also applied melton(http://lcs.ios.ac.cn/~xuzb/melton.html) > > to detect the potential bugs in sshd (openssh- 05 Feb 2012 12:51:32 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53326 On 05/02/12 06:54, Zhenbo Xu wrote: > What about this report > http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/report-uWzwb1. 05 Feb 2012 12:38:41 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53325 What about this report http://lcs.ios.ac.cn/~xuzb/bugsfound/memleak/openssh-5.9p1/realbugs/sshd/report-uWzwb1.html#EndPath ? At the end of the functio 04 Feb 2012 21:54:44 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53322 ssh uses a unique process for each connection, and sshd forks for each new connection, so the only memory leaks that are "in scope" are those that app 03 Feb 2012 18:21:37 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53321 By the way, I submitted this report in bugzilla a few days ago, but there is no response. Should I report bugs in this mailing list rather than in bug 03 Feb 2012 18:02:03 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53320 Hi all, After the memory leaks (bug 1967 <https://bugzilla.mindrot.org/show_bug.cgi?id=1967>) I reported in bugzilla are fixed, I also applied melto 03 Feb 2012 17:55:21 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53319 On Tue, Jan 31, 2012 at 7:53 PM, Iain Morgan <imorgan@nas.nasa.gov> wrote: > On Tue, Jan 31, 2012 at 13:39:09 -0600, Nico Kadel-Garcia wrote: >> On Tu 31 Jan 2012 17:50:58 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53317 On Tue, Jan 31, 2012 at 13:39:09 -0600, Nico Kadel-Garcia wrote: > On Tue, Jan 31, 2012 at 9:56 AM, Daniel Kahn Gillmor > <dkg@fifthhorseman.net> wrot 31 Jan 2012 16:53:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53316 On Tue, Jan 31, 2012 at 9:56 AM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > Hi Zev-- > > On 01/28/2012 04:25 AM, Zev Weiss wrote: >> I recen 31 Jan 2012 11:39:09 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53315 On 01/31/2012 10:37 AM, ��ngel Gonz獺lez wrote: > Daniel, I think he refers to /etc/ssh/ssh_host_*key, not ~/.ssh/known_hosts Ah, you're right. sor 31 Jan 2012 08:58:56 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53313 On Jan 31, 2012, at 8:56 AM, Daniel Kahn Gillmor wrote: > Hi Zev-- > > On 01/28/2012 04:25 AM, Zev Weiss wrote: >> I recently found myself wanting t 31 Jan 2012 08:25:54 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53312 Daniel Kahn Gillmor wrote: > Hi Zev-- > > On 01/28/2012 04:25 AM, Zev Weiss wrote: >> I recently found myself wanting to run sshd with passphrase-prot 31 Jan 2012 07:37:54 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53310 Hi Zev-- On 01/28/2012 04:25 AM, Zev Weiss wrote: > I recently found myself wanting to run sshd with passphrase-protected host keys rather than the u 31 Jan 2012 06:56:27 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53309 thanks for the report. Damien fixed that bug some weeks ago. -m On Sat, Jan 28, 2012 at 10:30 AM, Zev Weiss <zevweiss@gmail.com> wrote: > Hello, > 31 Jan 2012 04:16:52 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53308 Hello, The below patch fixes a memory leak I noticed in monitor_read_load() when the child's log pipe is closed. Thanks, Zev Weiss -- diff --git a/ 28 Jan 2012 01:30:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53301 Hello all, I recently found myself wanting to run sshd with passphrase-protected host keys rather than the usual unencrypted format, and was somewhat 28 Jan 2012 01:25:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53300 On 01/25/2012 07:34 PM, Iain Morgan wrote: >> I guess I figured that OpenSSH would already have some insight into the >> state of its connection (or b 26 Jan 2012 09:20:50 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53299 Hi, I was wondering if this diff would make it into the next release: https://bugzilla.mindrot.org/show_bug.cgi?id=1949 Thanks, //Logan C-x-C-c -- 26 Jan 2012 05:29:35 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53298 On Wed, Jan 25, 2012 at 16:49:05 -0600, Jeff Mitchell wrote: > On 01/25/2012 05:06 PM, Gert Doering wrote: > > Hi, > > > > On Wed, Jan 25, 2012 at 12 25 Jan 2012 16:34:45 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53295 On 01/25/2012 06:49 PM, 聲gel Gonz嫮ez wrote: > On 25/01/12 23:06, Gert Doering wrote: >> Hi, >> >> On Wed, Jan 25, 2012 at 12:26:34PM -0500, Jeff Mit 25 Jan 2012 16:14:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53296 On 25/01/12 23:06, Gert Doering wrote: > Hi, > > On Wed, Jan 25, 2012 at 12:26:34PM -0500, Jeff Mitchell wrote: >> My understanding is that since the 25 Jan 2012 15:49:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53297 On 01/25/2012 05:06 PM, Gert Doering wrote: > Hi, > > On Wed, Jan 25, 2012 at 12:26:34PM -0500, Jeff Mitchell wrote: >> My understanding is that sinc 25 Jan 2012 14:49:05 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53294 Hi, On Wed, Jan 25, 2012 at 12:26:34PM -0500, Jeff Mitchell wrote: > My understanding is that since the alive mechanism is running inside the > encry 25 Jan 2012 14:06:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53293 Hello, I have a bandwidth-constrained connection that I'd like to run rsync over through an SSH tunnel. I also want to detect any network drops prett 25 Jan 2012 09:26:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53292 Does anyone know if openssh has removed the experimental designation for BSM audit support for Solaris systems? If so, which release, please. Thanks. 24 Jan 2012 12:22:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53291 On Mon, Jan 23, 2012 at 12:16:25PM -0500, Nick Dokos wrote: > Stephen Harris <lists@spuddy.org> wrote: > > In what version of OpenSSH? > > % ssh a. 23 Jan 2012 09:45:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53288 Stephen Harris <lists@spuddy.org> wrote: > On Mon, Jan 23, 2012 at 06:00:43PM +0100, ?ngel Gonz?lez wrote: > > On 23/01/12 16:46, Stephen Harris wrot 23 Jan 2012 09:16:25 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53287 On Mon, Jan 23, 2012 at 06:00:43PM +0100, ?ngel Gonz?lez wrote: > On 23/01/12 16:46, Stephen Harris wrote: > >Is it possible to do something like > > 23 Jan 2012 09:02:25 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53289 On 23/01/12 16:46, Stephen Harris wrote: > I have a Unix host that's DHCPd, so resolv.conf is rewritten. Because > of company policies, it's not allo 23 Jan 2012 09:00:43 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53290 I have a Unix host that's DHCPd, so resolv.conf is rewritten. Because of company policies, it's not allowed to change the client dhcp config to overr 23 Jan 2012 07:46:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53286 On Mon, Jan 23, 2012 at 8:40 AM, Aris Adamantiadis <aris@0xbadc0de.be> wrote: > Le 23/01/12 14:33, Nico Kadel-Garcia a 嶰rit : >>> When you're in a p 23 Jan 2012 05:51:29 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53285 Le 23/01/12 14:33, Nico Kadel-Garcia a 嶰rit : > Hardly. Logs that are sophisticated enough, and go back far enough, to > pin SSH traffic to a particu 23 Jan 2012 05:40:00 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53283 On Mon, Jan 23, 2012 at 7:32 AM, Aris Adamantiadis <aris@0xbadc0de.be> wrote: > Le 21/01/12 01:13, 聲gel Gonz嫮ez a 嶰rit : >> Suppose that there is a 23 Jan 2012 05:33:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53284 Le 21/01/12 01:13, 聲gel Gonz嫮ez a 嶰rit : > Suppose that there is a page critizising a technologic company, which > suspects > it's run by one of it 23 Jan 2012 04:32:56 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53282 On 21/01/12 13:53, Damien Miller wrote: > On Sat, 21 Jan 2012, ?ngel Gonz?lez wrote: >> Isn't that public key also sent in SSH2_MSG_USERAUTH_REQUEST? 21 Jan 2012 10:08:18 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53281 after twelve years, i still think that always sending SSH2_MSG_USERAUTH_PK_OK for users that don't have an account is the only useful option. back t 21 Jan 2012 08:11:39 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53280 On Sat, 21 Jan 2012, ?ngel Gonz?lez wrote: > Isn't that public key also sent in SSH2_MSG_USERAUTH_REQUEST? That's the packet that contains the publi 21 Jan 2012 04:53:32 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53279 On 20/01/12 23:04, Damien Miller wrote: > On Fri, 20 Jan 2012, Dan Kaminsky wrote: > >> HD is raiding authorized_keys files to successfully get around 20 Jan 2012 16:13:38 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53278 Le samedi 21 janvier 2012 �� 08:28 +1100, Damien Miller a 矇crit : > So the last time I tried to take advantage of an offer of the Feitian > tokens fo 20 Jan 2012 14:13:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53277 Sent from my iPhone On Jan 20, 2012, at 5:04 PM, Damien Miller <djm@mindrot.org> wrote: > On Fri, 20 Jan 2012, Dan Kaminsky wrote: > >> >> On Jan 20 Jan 2012 14:13:24 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53275 On Fri, 20 Jan 2012, Dan Kaminsky wrote: > > On Jan 20, 2012, at 4:43 PM, Damien Miller <djm@mindrot.org> wrote: > > > On Fri, 20 Jan 2012, Dan Kam 20 Jan 2012 14:04:12 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53276 Sent from my iPhone On Jan 20, 2012, at 4:43 PM, Damien Miller <djm@mindrot.org> wrote: > On Fri, 20 Jan 2012, Dan Kaminsky wrote: > >> Eh, you wou 20 Jan 2012 13:50:08 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53274 On Fri, 20 Jan 2012, Dan Kaminsky wrote: > Eh, you wouldn't support a feature that only displayed a password prompt if the username was valid. Same 20 Jan 2012 13:43:51 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53270 Eh, you wouldn't support a feature that only displayed a password prompt if the username was valid. Same thing, very similar experience even. Sent f 20 Jan 2012 13:39:29 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53273 On Fri, 20 Jan 2012, Jean-Michel Pour? - GOOZE wrote: > Dear all, > > There were a lot of discussions about smartcards and tokens, and we > would li 20 Jan 2012 13:28:28 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53272 This is a deliberate feature - it allows testing whether a pubkey can log in without the need to unwrap a private key, an action that may require a pa 20 Jan 2012 13:27:12 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53271 HD Moore from MetaSploit has noted that, given a pubkey (and not the corresponding private key, as might be found in authorized_keys), he can determin 20 Jan 2012 01:18:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53269 Dear all, There were a lot of discussions about smartcards and tokens, and we would like to make a simple offer: donate to each OpenSSH developer an 20 Jan 2012 01:08:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53268 > What you really want is for someone to extend: > > Match Introduces a conditional block. --snip-- > So it can be used to support Subsystem. 19 Jan 2012 23:29:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53267 Thank you! I'll look into your suggestion to see if it is good-enough short-term solution for us or not. -----Original Message----- From: 聲gel Gonz� 19 Jan 2012 23:29:40 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53266 On Jan 19, 2012, at 7:38 AM, John Olsson M wrote: > Hi, > > According to the sshd_config manual page the option ChrootDirectory can be used to force 19 Jan 2012 14:00:39 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53265 El 19/01/12 17:16, John Olsson M wrote: >> Place a couple of wrappers around the commands, doing the chroot for you? > Hmmm. I'm not sure I follow you 19 Jan 2012 13:38:07 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53264 On Thu, Jan 19, 2012 at 07:23:41PM +0100, Jean-Michel Pour? - GOOZE wrote: > Dear William, > > > able to get it to work (with three different cards), 19 Jan 2012 11:54:07 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53263 Dear William, > able to get it to work (with three different cards), and apparently neither > has Apple, who attempted to integrate it but failed (I' 19 Jan 2012 10:23:41 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53262 On Thu, Jan 19, 2012 at 06:20:15PM +0100, Jean-Michel Pour? - GOOZE wrote: > Dear Damien Miller and friends, > > > No, I haven't started working on i 19 Jan 2012 09:57:15 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53259 Dear Damien Miller and friends, > No, I haven't started working on it yet for lack of smartcard > hardware. > I (or someone else) will probably get a 19 Jan 2012 09:20:15 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53258 > Place a couple of wrappers around the commands, doing the chroot for you? Hmmm. I'm not sure I follow you. Our command shell (which is not like a s 19 Jan 2012 08:16:01 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53257 I know that this suggestion isn't part of openssh, but I use it daily and it works. Install or use one of the later revs of sudo which incorporates t 19 Jan 2012 07:55:50 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53256 On 19/01/12 14:38, John Olsson M wrote: > Hi, > > According to the sshd_config manual page the option ChrootDirectory can be used to force a chroot:ed 19 Jan 2012 07:38:37 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53255 Hi, According to the sshd_config manual page the option ChrootDirectory can be used to force a chroot:ed environment for the SSHD server. But as I un 19 Jan 2012 05:38:43 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53252 Hi guys, Given that internal-sftp is the only way to support chrooted users, is there any particular reason why sftp-server is still the default 16 Jan 2012 16:10:14 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53251 Hello list members, I would like to inform that version 7.1 of X.509 certificate support) is ready. The just published update from "Integration" se 15 Jan 2012 11:38:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53250 On Fri, Jan 13, 2012 at 10:35, Peter Stuge <peter@stuge.se> wrote: > Did you look at snoopy? Yes. It logs executions, not in- and output. Richard 13 Jan 2012 04:02:50 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53249 Hello List, This is for the portable release. I wanted gnome-ssh-askpass to be a gtk+3 app, so I made a quick port. Mark --- contrib/Makefile 13 Jan 2012 02:48:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53248 Richard Hartmann wrote: > * In the shell: > Needs to wrap around all shells or forces us to patch at least zsh and > bash and then thoroughly disable 13 Jan 2012 02:35:12 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53247 On Fri, Jan 13, 2012 at 05:53, Peter Stuge <peter@stuge.se> wrote: > Nico Kadel-Garcia wrote: >> "In the background" is the problem. Richard wants t 13 Jan 2012 01:48:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53246 Nico Kadel-Garcia wrote: > >> By doing things in the background so to speak, i.e. ssh directly, > > > > ssh doesn't really have much to do with this. 12 Jan 2012 21:53:05 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53245 On Thu, Jan 12, 2012 at 8:13 PM, Peter Stuge <peter@stuge.se> wrote: > Richard Hartmann wrote: >> By doing things in the background so to speak, i.e. 12 Jan 2012 21:20:59 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53244 Richard Hartmann wrote: > By doing things in the background so to speak, i.e. ssh directly, ssh doesn't really have much to do with this. Maybe you 12 Jan 2012 17:13:04 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53243