To sum up many posts and hopefully wrap up this thread...
I've posted a new sshd.lrp at www.nothome.org:8000
The only change is a new /usr/sbin/add-sshd-user script, in response to Charles'
comment that it would be nice to have a script to add the sshd user. The script isn't
pretty, and
Nathan Angelacos wrote:
I'm curious about /etc/group modification?
I've upgraded two (2) potato's and two (2) woody's. Yes, there is a
new user in passwd/shadow; but, I do not have any new group for
sshd.
Yes, I have seen the instructions for installing manually; but, I
cannot find
Interesting observations in the logs.
When the SSH zlib problem came up, I had lots of port 22 entries in the
logs for awhile.
Until Monday I had not been nmaped port scanned in a long long time. It
appears like the hackers like to use class C range scans on one port. I
have two dachstein
At this point, a default compile of OpenSSH will use privilege
separation
with the sshd user. For new LEAF installations/releases, do we want
to
deviate from the (new) OpenSSH standard, or accomodate it and move on?
Either answer is fine with me, as long as there is some sort of
informed
Le Mardi 2 Juillet 2002 18:20, Nathan Angelacos a écrit :
On 1 Jul 2002 at 22:38, Greg Morgan wrote:
I believe you need to correct your web site. It says that you changed
the location of ssh_config in the packages. I believe there are two
configuration files with one character different, a
Jacques Nilo wrote:
[ snip ]
At this point, a default compile of OpenSSH will use privilege separation
with the sshd user. For new LEAF installations/releases, do we want to
deviate from the (new) OpenSSH standard, or accomodate it and move on?
I have a clear position on this: we
I'm curious about /etc/group modification?
I've upgraded two (2) potato's and two (2) woody's. Yes, there is a
new user in passwd/shadow; but, I do not have any new group for
sshd.
Yes, I have seen the instructions for installing manually; but, I
cannot find a reason for the special group.
Nathan Angelacos wrote:
I'm curious about /etc/group modification?
I've upgraded two (2) potato's and two (2) woody's. Yes, there is a
new user in passwd/shadow; but, I do not have any new group for
sshd.
Yes, I have seen the instructions for installing manually; but, I
cannot find
Nathan Angelacos wrote:
On 1 Jul 2002 at 22:38, Greg Morgan wrote:
snip
Long answer: According to
http://marc.theaimsgroup.com/?l=openssh-unix-devm=102495293705094w2
Privilege separation takes ~24500 lines of code and puts it in a chroot
jail, leaving only ~2500 lines of code
Nathan Angelacos [EMAIL PROTECTED] wrote:
I've compiled new openSSH 3.4p1 lrps based on J. Nilo's packages.
Since they are larger than the patch manager limit,
they are available for download at http://www.nothome.org:8000/
I believe you need to correct your web site. It says that you
I've compiled new openSSH 3.4p1 lrps based on J. Nilo's packages.
Since they are larger than the patch manager limit,
they are available for download at http://www.nothome.org:8000/
I'll leave the page up until next Friday (5 Jul 2002.)
The md5 sums for the packages are:
On Mon, Jun 24, 2002 at 03:14:39PM -0700, Mike Noyes wrote:
There is a problem with OpenSSH.
[Fwd: [SECURITY] [DSA-134-1] OpenSSH remote vulnerability]
Theo de Raadt announced that the OpenBSD team is working with ISS
on a remote exploit for OpenSSH (a free implementation of the
On Wed, 2002-06-26 at 07:05, David Douthitt wrote:
On Mon, Jun 24, 2002 at 03:14:39PM -0700, Mike Noyes wrote:
There is a problem with OpenSSH.
[Fwd: [SECURITY] [DSA-134-1] OpenSSH remote vulnerability]
Theo de Raadt announced that the OpenBSD team is working with ISS
on a
On Wed, 2002-06-26 at 08:08, Mike Noyes wrote:
On Wed, 2002-06-26 at 07:05, David Douthitt wrote:
Sounds like the bug isn't fixed but a work-around exists...
David,
You're correct. There are a list of recent security advisories on this
at:
On Wed, 2002-06-26 at 08:08, Mike Noyes wrote:
The vulnerability details are now public.
Thanks for the heads-up, Mike. Unfortunately I only subscribe to the
digest, so I got your notice after my post.
Needless to say, I'll be putting together a brand-new *3.4* openSSH lrp
On Wed, 2002-06-26 at 17:59, Nathan Angelacos wrote:
On Wed, 2002-06-26 at 08:08, Mike Noyes wrote:
The vulnerability details are now public.
Thanks for the heads-up, Mike. Unfortunately I only subscribe to the
digest, so I got your notice after my post.
Needless to say,
Everyone,
There is a problem with OpenSSH.
[Fwd: [SECURITY] [DSA-134-1] OpenSSH remote vulnerability]
Theo de Raadt announced that the OpenBSD team is working with ISS
on a remote exploit for OpenSSH (a free implementation of the
Secure SHell protocol). They are refusing to provide
17 matches
Mail list logo