Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

Call for testing: openssh-5.2

  

 
OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


djm at mindrot

Feb 15, 2009, 8:32 PM

Post #1 of 17 (1413 views)
Permalink
Call for testing: openssh-5.2
Hi,

OpenSSH 5.2 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is primarily a bug-fix
release, to follow the feature-focused 5.1 release.

Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/

The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html

Portable OpenSSH is also available via anonymous CVS using the
instructions at http://www.openssh.com/portable.html#cvs

Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:

$ ./configure && make tests

Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev [at] mindrot

Below is a summary of changes. More detail may be found in the
ChangeLog in the portable OpenSSH tarballs.

Thanks to the many people who contributed to this release.


Changes since OpenSSH 5.1
=========================

Security:

* This release changes the default cipher order to prefer the AES CTR
modes and the revised "arcfour256" mode to CBC mode ciphers that are
susceptible to CPNI-957037 "Plaintext Recovery Attack Against SSH".

* This release also adds countermeasures to mitigate CPNI-957037-style
attacks against the SSH protocol's use of CBC-mode ciphers. Upon
detection of an invalid packet length or Message Authentication
Code, ssh/sshd will continue reading up to the maximum supported
packet length rather than immediately terminating the connection.
This eliminates most of the known differences in behaviour that
leaked information about the plaintext of injected data which formed
the basis of this attack. We believe that these attacks are rendered
infeasible by these changes.

New features:

* Added a -y option to ssh(1) to force logging to syslog rather than
stderr, which is useful when running daemonised (ssh -f)

* The sshd_config(5) ForceCommand directive now accepts commandline
arguments for the internal-sftp server.

* The ssh(1) ~C escape commandline now support runtime creation of
dynamic (-D) port forwards.

* Support the SOCKS4A protocol in ssh(1) dynamic (-D) forwards.
(bz#1482)

* Support remote port forwarding with a listen port of '0'. This
informs the server that it should dynamically allocate a listen
port and report it back to the client. (bz#1003)

* sshd(8) now supports setting PermitEmptyPasswords and
AllowAgentForwarding in Match blocks

Bug and documentation fixes

* Repair a ssh(1) crash introduced in openssh-5.1 when the client is
sent a zero-length banner (bz#1496)

* Due to interoperability problems with certain
broken SSH implementations, the eow [at] openssh and
no-more-sessions [at] openssh protocol extensions are now only sent
to peers that identify themselves as OpenSSH.

* Make ssh(1) send the correct channel number for
SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE messages to
avoid triggering 'Non-public channel' error messages on sshd(8) in
openssh-5.1.

* Avoid printing 'Non-public channel' warnings in sshd(8), since the
ssh(1) has sent incorrect channel numbers since ~2004 (this reverts
a behaviour introduced in openssh-5.1).

* Avoid double-free in ssh(1) ~C escape -L handler (bz#1539)

* Correct fail-on-error behaviour in sftp(1) batchmode for remote
stat operations. (bz#1541)

* Disable nonfunctional ssh(1) ~C escape handler in multiplex slave
connections. (bz#1543)

* Avoid hang in ssh(1) when attempting to connect to a server that
has MaxSessions=0 set.

* Multiple fixes to sshd(8) configuration test (-T) mode

* Several core and portable OpenSSH bugs fixed: 1380, 1412, 1418,
1419, 1421, 1490, 1491, 1492, 1514, 1515, 1518, 1520, 1538, 1540

* Many manual page improvements.


-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


vinschen at redhat

Feb 16, 2009, 5:56 AM

Post #2 of 17 (1378 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Feb 16 15:32, Damien Miller wrote:
> Hi,
>
> OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is primarily a bug-fix
> release, to follow the feature-focused 5.1 release.

Builds and runs fine on Cygwin 1.7. Since I won't support any new
OpenSSH package for Cygwin 1.5, and since Cygwin 1.7 will stop
supporting Windows 9x, I'm wondering if it's ok to strip all Windows 9x
support, as well as the *really* old Cygwin version considerations from
OpenSSH at this point. It will strip some extra Cygwin-only code from
portable SSH. Or, maybe we should do that right after the 5.2p1 release?


Corinna

--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


gert at greenie

Feb 16, 2009, 6:45 AM

Post #3 of 17 (1378 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Hi,

On Mon, Feb 16, 2009 at 03:32:26PM +1100, Damien Miller wrote:
> OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is primarily a bug-fix
> release, to follow the feature-focused 5.1 release.

I've checked out the CVS snapshot, autoreconf / configure / make'd things,
and it all built fine. NetBSD 3.1 on Sparc64.

"make tests" fails after a while, though, with these last lines:

...
mm_send_fd: sendmsg(0): Invalid argument
muxclient: send fds failed
Falling back to non-multiplexed connection
mm_receive_fd: recvmsg: expected received 1 got 0
muxserver_accept_control: failed to receive fd 0 from slave
ssh: Could not resolve hostname otherhost: No address associated with hostname
exit code (with sleep) mismatch for protocol : 255 != 44
Master running (pid=15159)
Exit request sent.
failed connection multiplexing
*** Error code 1


"should it be doing this"?

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert [at] greenie
fax: +49-89-35655025 gert [at] net
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


doctor at doctor

Feb 16, 2009, 10:34 AM

Post #4 of 17 (1373 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Mon, Feb 16, 2009 at 03:45:15PM +0100, Gert Doering wrote:
> Hi,
>
> On Mon, Feb 16, 2009 at 03:32:26PM +1100, Damien Miller wrote:
> > OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> > on as many platforms and systems as possible. This is primarily a bug-fix
> > release, to follow the feature-focused 5.1 release.
>
> I've checked out the CVS snapshot, autoreconf / configure / make'd things,
> and it all built fine. NetBSD 3.1 on Sparc64.
>
> "make tests" fails after a while, though, with these last lines:
>
> ...
> mm_send_fd: sendmsg(0): Invalid argument
> muxclient: send fds failed
> Falling back to non-multiplexed connection
> mm_receive_fd: recvmsg: expected received 1 got 0
> muxserver_accept_control: failed to receive fd 0 from slave
> ssh: Could not resolve hostname otherhost: No address associated with hostname
> exit code (with sleep) mismatch for protocol : 255 != 44
> Master running (pid=15159)
> Exit request sent.
> failed connection multiplexing
> *** Error code 1
>
>
> "should it be doing this"?
>
> gert

So far nothing wrong on BSD/OS 4.3.1 using openssl 0.9.9-dev .

I will try on Free BSD.

> --
> USENET is *not* the non-clickable part of WWW!

10/10 .

> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert [at] greenie
> fax: +49-89-35655025 gert [at] net
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev [at] mindrot
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>

--
Member - Liberal International This is doctor [at] nl2k
Ici doctor [at] nl2k God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Christian(n): A Jew that believe Christ is Messiah and Saviour and alive

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


rac at tenzing

Feb 16, 2009, 11:07 AM

Post #5 of 17 (1372 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On 02/16/2009 15:32, Damien Miller wrote:
> Hi,
>
> OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is primarily a bug-fix
> release, to follow the feature-focused 5.1 release.

[...]

> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev [at] mindrot

On SCO OSR6 w/mp3 installed, openssh-SNAP-20090216.tar.gz, 'make tests'
fails with:

run test key-options.sh ...
key option proto 1 command="echo bar"
key option proto 1 no-pty,command="echo bar"
key option proto 2 command="echo bar"
key option proto 2 no-pty,command="echo bar"
key option proto 1 no-pty
key option proto 2 no-pty
key option proto 1 environment
key option proto 2 environment
key option proto 1 from="127.0.0.1"
key option proto 1 from="127.0.0.1" not allowed but should be
key option proto 1 from="127.0.0.0/8"
key option proto 1 from="127.0.0.0/8" not allowed but should be
key option proto 2 from="127.0.0.1"
key option proto 2 from="127.0.0.1" not allowed but should be
key option proto 2 from="127.0.0.0/8"
key option proto 2 from="127.0.0.0/8" not allowed but should be
failed key options
make[1]: *** [t-exec] Error 1
make[1]: Leaving directory `/u1/src/rac/openssh/csv/openssh/regress'
make: *** [tests] Error 2

I won't have time to investigate for several days. If anyone has
suggestions they would be appreciated.
--
Roger Cornelius rac [at] tenzing
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


andyb1 at andy-t

Feb 16, 2009, 12:15 PM

Post #6 of 17 (1379 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Compiled and tested openssh-SNAP-20090217.tar.gz on Slackware-12.0.0. All
tests succeeded.

Thanks,

Andy

Dr Andy Tsouladze
Sr Unix/Storage SysAdmin
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


wknox at mitre

Feb 16, 2009, 12:17 PM

Post #7 of 17 (1391 views)
Permalink
RE: Call for testing: openssh-5.2 [In reply to]
Just to make sure that the oldies are covered...

All tests completed and passed on Solaris 8 and Fedora 7. Solaris 8 required the --without-zlib-version-check flag to configure due to having merely patched the long ago vulnerable version of zlib without updating the version number. No configure flags were used otherwise.

Bill Knox
Lead Infosec Engineer/Scientist
The MITRE Corporation


-----Original Message-----
From: openssh-unix-dev-bounces+wknox=mitre.org [at] mindrot [mailto:openssh-unix-dev-bounces+wknox=mitre.org [at] mindrot] On Behalf Of Damien Miller
Sent: Sunday, February 15, 2009 11:32 PM
To: openssh-unix-dev [at] mindrot
Subject: Call for testing: openssh-5.2

Hi,

OpenSSH 5.2 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is primarily a bug-fix
release, to follow the feature-focused 5.1 release.

Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/

The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html

Portable OpenSSH is also available via anonymous CVS using the
instructions at http://www.openssh.com/portable.html#cvs

Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:

$ ./configure && make tests

Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev [at] mindrot

Below is a summary of changes. More detail may be found in the
ChangeLog in the portable OpenSSH tarballs.

Thanks to the many people who contributed to this release.


Changes since OpenSSH 5.1
=========================

Security:

* This release changes the default cipher order to prefer the AES CTR
modes and the revised "arcfour256" mode to CBC mode ciphers that are
susceptible to CPNI-957037 "Plaintext Recovery Attack Against SSH".

* This release also adds countermeasures to mitigate CPNI-957037-style
attacks against the SSH protocol's use of CBC-mode ciphers. Upon
detection of an invalid packet length or Message Authentication
Code, ssh/sshd will continue reading up to the maximum supported
packet length rather than immediately terminating the connection.
This eliminates most of the known differences in behaviour that
leaked information about the plaintext of injected data which formed
the basis of this attack. We believe that these attacks are rendered
infeasible by these changes.

New features:

* Added a -y option to ssh(1) to force logging to syslog rather than
stderr, which is useful when running daemonised (ssh -f)

* The sshd_config(5) ForceCommand directive now accepts commandline
arguments for the internal-sftp server.

* The ssh(1) ~C escape commandline now support runtime creation of
dynamic (-D) port forwards.

* Support the SOCKS4A protocol in ssh(1) dynamic (-D) forwards.
(bz#1482)

* Support remote port forwarding with a listen port of '0'. This
informs the server that it should dynamically allocate a listen
port and report it back to the client. (bz#1003)

* sshd(8) now supports setting PermitEmptyPasswords and
AllowAgentForwarding in Match blocks

Bug and documentation fixes

* Repair a ssh(1) crash introduced in openssh-5.1 when the client is
sent a zero-length banner (bz#1496)

* Due to interoperability problems with certain
broken SSH implementations, the eow [at] openssh and
no-more-sessions [at] openssh protocol extensions are now only sent
to peers that identify themselves as OpenSSH.

* Make ssh(1) send the correct channel number for
SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE messages to
avoid triggering 'Non-public channel' error messages on sshd(8) in
openssh-5.1.

* Avoid printing 'Non-public channel' warnings in sshd(8), since the
ssh(1) has sent incorrect channel numbers since ~2004 (this reverts
a behaviour introduced in openssh-5.1).

* Avoid double-free in ssh(1) ~C escape -L handler (bz#1539)

* Correct fail-on-error behaviour in sftp(1) batchmode for remote
stat operations. (bz#1541)

* Disable nonfunctional ssh(1) ~C escape handler in multiplex slave
connections. (bz#1543)

* Avoid hang in ssh(1) when attempting to connect to a server that
has MaxSessions=0 set.

* Multiple fixes to sshd(8) configuration test (-T) mode

* Several core and portable OpenSSH bugs fixed: 1380, 1412, 1418,
1419, 1421, 1490, 1491, 1492, 1514, 1515, 1518, 1520, 1538, 1540

* Many manual page improvements.


-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


djm at mindrot

Feb 16, 2009, 1:11 PM

Post #8 of 17 (1372 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Mon, 16 Feb 2009, Corinna Vinschen wrote:

> On Feb 16 15:32, Damien Miller wrote:
> > Hi,
> >
> > OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> > on as many platforms and systems as possible. This is primarily a bug-fix
> > release, to follow the feature-focused 5.1 release.
>
> Builds and runs fine on Cygwin 1.7. Since I won't support any new
> OpenSSH package for Cygwin 1.5, and since Cygwin 1.7 will stop
> supporting Windows 9x, I'm wondering if it's ok to strip all Windows 9x
> support, as well as the *really* old Cygwin version considerations from
> OpenSSH at this point. It will strip some extra Cygwin-only code from
> portable SSH. Or, maybe we should do that right after the 5.2p1 release?

Yes, we can do this after the release of 5.2p1.

Thanks for testing :)

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


djm at mindrot

Feb 16, 2009, 1:20 PM

Post #9 of 17 (1371 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Mon, 16 Feb 2009, Gert Doering wrote:

> Hi,
>
> On Mon, Feb 16, 2009 at 03:32:26PM +1100, Damien Miller wrote:
> > OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> > on as many platforms and systems as possible. This is primarily a bug-fix
> > release, to follow the feature-focused 5.1 release.
>
> I've checked out the CVS snapshot, autoreconf / configure / make'd things,
> and it all built fine. NetBSD 3.1 on Sparc64.
>
> "make tests" fails after a while, though, with these last lines:
> ...
> mm_send_fd: sendmsg(0): Invalid argument
> muxclient: send fds failed
> Falling back to non-multiplexed connection
> mm_receive_fd: recvmsg: expected received 1 got 0
> muxserver_accept_control: failed to receive fd 0 from slave
> ssh: Could not resolve hostname otherhost: No address associated with hostname
> exit code (with sleep) mismatch for protocol : 255 != 44
> Master running (pid=15159)
> Exit request sent.
> failed connection multiplexing
> *** Error code 1

I think that this is the kernel bug mentioned here:

http://lists.mindrot.org/pipermail/openssh-unix-dev/2008-July/026591.html

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


doctor at doctor

Feb 16, 2009, 1:58 PM

Post #10 of 17 (1367 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Mon, Feb 16, 2009 at 11:34:18AM -0700, The Doctor wrote:
> On Mon, Feb 16, 2009 at 03:45:15PM +0100, Gert Doering wrote:
> > Hi,
> >
> > On Mon, Feb 16, 2009 at 03:32:26PM +1100, Damien Miller wrote:
> > > OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> > > on as many platforms and systems as possible. This is primarily a bug-fix
> > > release, to follow the feature-focused 5.1 release.
> >
> > I've checked out the CVS snapshot, autoreconf / configure / make'd things,
> > and it all built fine. NetBSD 3.1 on Sparc64.
> >
> > "make tests" fails after a while, though, with these last lines:
> >
> > ...
> > mm_send_fd: sendmsg(0): Invalid argument
> > muxclient: send fds failed
> > Falling back to non-multiplexed connection
> > mm_receive_fd: recvmsg: expected received 1 got 0
> > muxserver_accept_control: failed to receive fd 0 from slave
> > ssh: Could not resolve hostname otherhost: No address associated with hostname
> > exit code (with sleep) mismatch for protocol : 255 != 44
> > Master running (pid=15159)
> > Exit request sent.
> > failed connection multiplexing
> > *** Error code 1
> >
> >
> > "should it be doing this"?
> >
> > gert
>
> So far nothing wrong on BSD/OS 4.3.1 using openssl 0.9.9-dev .
>
> I will try on Free BSD.
>

FreeBSD 6.4 amd 64 with openssl 0.9.8k FIPs everything passes.

FreeBSD 6.4 i386 with openssl 0.9.8k no-fips tests choke.

> > --
> > USENET is *not* the non-clickable part of WWW!
>
> 10/10 .
>
> > //www.muc.de/~gert/
> > Gert Doering - Munich, Germany gert [at] greenie
> > fax: +49-89-35655025 gert [at] net
> > _______________________________________________
> > openssh-unix-dev mailing list
> > openssh-unix-dev [at] mindrot
> > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by MailScanner, and is
> > believed to be clean.
> >
>
> --
> Member - Liberal International This is doctor [at] nl2k
> Ici doctor [at] nl2k God, Queen and country! Beware Anti-Christ rising!
> Never Satan President Republic!
> Christian(n): A Jew that believe Christ is Messiah and Saviour and alive
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev [at] mindrot
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

--
Member - Liberal International This is doctor [at] nl2k
Ici doctor [at] nl2k God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Christian(n): A Jew that believe Christ is Messiah and Saviour and alive

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


gert at greenie

Feb 16, 2009, 11:22 PM

Post #11 of 17 (1369 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Hi,

On Tue, Feb 17, 2009 at 08:20:44AM +1100, Damien Miller wrote:
> On Mon, 16 Feb 2009, Gert Doering wrote:
[..]
> > muxserver_accept_control: failed to receive fd 0 from slave
> > ssh: Could not resolve hostname otherhost: No address associated with hostname
> > exit code (with sleep) mismatch for protocol : 255 != 44
> > Master running (pid=15159)
> > Exit request sent.
> > failed connection multiplexing
> > *** Error code 1
>
> I think that this is the kernel bug mentioned here:
>
> http://lists.mindrot.org/pipermail/openssh-unix-dev/2008-July/026591.html

Oh indeed, I remember now. So - besides this, it seems to work well on
NetBSD/Sparc 5.0 3.1.

I'll see whether I can run a quick test on NetBSD/Sparc64 5.0 later today.

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert [at] greenie
fax: +49-89-35655025 gert [at] net
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


tcreedon at easystreet

Feb 17, 2009, 8:07 AM

Post #12 of 17 (1355 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Anyone checking out native KRB5 authentication (w/o PAM)?

I'm interested but need some help...

Tedc

On Mon, Feb 16, 2009 at 11:22 PM, Gert Doering <gert [at] greenie> wrote:

> Hi,
>
> On Tue, Feb 17, 2009 at 08:20:44AM +1100, Damien Miller wrote:
> > On Mon, 16 Feb 2009, Gert Doering wrote:
> [..]
> > > muxserver_accept_control: failed to receive fd 0 from slave
> > > ssh: Could not resolve hostname otherhost: No address associated with
> hostname
> > > exit code (with sleep) mismatch for protocol : 255 != 44
> > > Master running (pid=15159)
> > > Exit request sent.
> > > failed connection multiplexing
> > > *** Error code 1
> >
> > I think that this is the kernel bug mentioned here:
> >
> >
> http://lists.mindrot.org/pipermail/openssh-unix-dev/2008-July/026591.html
>
> Oh indeed, I remember now. So - besides this, it seems to work well on
> NetBSD/Sparc 5.0 3.1.
>
> I'll see whether I can run a quick test on NetBSD/Sparc64 5.0 later today.
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
> //
> www.muc.de/~gert/ <http://www.muc.de/%7Egert/>
> Gert Doering - Munich, Germany
> gert [at] greenie
> fax: +49-89-35655025
> gert [at] net
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev [at] mindrot
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


gert at greenie

Feb 18, 2009, 6:27 AM

Post #13 of 17 (1350 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Hi,

On Tue, Feb 17, 2009 at 08:22:24AM +0100, Gert Doering wrote:
> I'll see whether I can run a quick test on NetBSD/Sparc64 5.0 later today.

Well, "today" took a while. But here's the result :-)

System: NetBSD 5.0_BETA sparc64
Result: all tests passed

as a bonus, you get AIX with it...

System: AIX 6.1.0
Result: all tests passed

good work!

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert [at] greenie
fax: +49-89-35655025 gert [at] net
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


Jan.Pechanec at Sun

Feb 18, 2009, 6:49 AM

Post #14 of 17 (1350 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Mon, 16 Feb 2009, Damien Miller wrote:

>Running the regression tests supplied with Portable OpenSSH does not
>require installation and is a simply:
>
>$ ./configure && make tests

both tests with:

http://www.mindrot.org/openssh_snap/openssh-SNAP-20090219.tar.gz
gcc 3.4.3
OpenSSL 0.9.8a (with security fixes)

SPARC VII, Solaris Nevada 107 (01/2009), all tests passed
i386, Solaris Nevada 108 (02/2009), all test passed

--
Jan Pechanec
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


f_mohr at yahoo

Feb 18, 2009, 9:06 AM

Post #15 of 17 (1353 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
System: AIX 5.2
Result: all tests passed

System: AIX 5.3
Result: all tests passed

on both systems the test "agent-getpeereid.sh" was
skipped: need SUDO to switch to uid nobody

frank


___________________________________________________________
Telefonate ohne weitere Kosten vom PC zum PC: http://messenger.yahoo.de

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


imorgan at nas

Feb 20, 2009, 4:45 PM

Post #16 of 17 (1345 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
On Sun, Feb 15, 2009 at 22:32:26 -0600, Damien Miller wrote:
> Hi,
>
> OpenSSH 5.2 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is primarily a bug-fix
> release, to follow the feature-focused 5.1 release.
>

The 20090220 snapshot builds and tests successfully against the
following platforms:

Red Hat Enterprise Linux 4u7 (x86_64), gcc 3.4.6
Red Hat Enterprise Linux 5.3 (x86_64), gcc 4.1.2
SuSE Linux Enterprise Server 10u2 (x86_64), gcc 4.1.2
SuSE Linux Enterprise Server 10u1 (IA64), gcc 4.1.2
Solaris 9 (SPARC), Forte 7 C
Solaris 9 (SPARC), gcc 3.3.1

--
Iain Morgan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


peter at stuge

Feb 20, 2009, 5:03 PM

Post #17 of 17 (1340 views)
Permalink
Re: Call for testing: openssh-5.2 [In reply to]
Iain Morgan wrote:
> > OpenSSH 5.2 is almost ready for release, so we would appreciate
> > testing on as many platforms and systems as possible.
>
> The 20090220 snapshot builds and tests successfully against the
> following platforms:
>
> Red Hat Enterprise Linux 4u7 (x86_64), gcc 3.4.6
> Red Hat Enterprise Linux 5.3 (x86_64), gcc 4.1.2
> SuSE Linux Enterprise Server 10u2 (x86_64), gcc 4.1.2
> SuSE Linux Enterprise Server 10u1 (IA64), gcc 4.1.2

all tests passed

also on 32-bit x86, gcc (Gentoo 4.3.2-r2 p1.5, pie-10.1.5) 4.3.2


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.