lsh-bugs

lsh-bugs@lists.lysator.liu.se

494 discussions

Coming maintenance release?
by nisse＠lysator.liu.se 03 Apr '13

03 Apr '13

I was reminded that it would be good with a maintenance release of lsh. Things to do for an lsh-2.0.5: 1. Upgrade to recent autoconf and automake (to fix the distcheck security problem in Makefiles generated by earlier automake). 2. Backport any portability fixes from the development branch, to make it compile and work on current systems. I'm also considering 3. Upgrade the license to GPLv3. 4. Delete the bundled nettle library (to avoid shipping an ancient version of nettle), and do any fixes needed to work with recent nettle. Anything else, e.g., any debian patches that should be integrated? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

1 1

Re: Coming maintenance release?
by nisse＠lysator.liu.se 30 Mar '13

30 Mar '13

ludo(a)gnu.org (Ludovic Courtès) writes: > nisse(a)lysator.liu.se (Niels Möller) skribis: > >> I had fixed the guile support already, but I'll add the other two. >> Thanks! > > Great. Checked in now (on the lsh-2.0.4 branch). Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

1 0

Re: Coming maintenance release?
by nisse＠lysator.liu.se 15 Mar '13

15 Mar '13

ludo(a)gnu.org (Ludovic Courtès) writes: > In Guix we have 3 tiny patches; see lsh-*.patch at > <http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/patches/>. I had fixed the guile support already, but I'll add the other two. Thanks! Should I credit the fixes to you, or did you get them from someone else? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

1 0

ssh agent support?
by Simon Josefsson 17 Apr '12

17 Apr '12

I use a smartcard to do SSH authentication today, which works fine with OpenSSH. Is there any support for agent-style public-key authentication in lsh? Any plans? The agent protocol appears stable, and is used by several projects already (ssh, gpg-agent, libssh2, maybe others). /Simon

3 5

Re: Migration from CVS to GIT
by nisse＠lysator.liu.se 04 Feb '12

04 Feb '12

Martin Storsjö <martin(a)martin.st> writes: > The author mapping looks good to me at least, looking forward to the > final repo Now "final". Repo url git://git.lysator.liu.se/lsh/lsh.git. I renamed the old gitorious "project" to get the various test repositories out of the way. After the conversion, I have pushed some tags to all branches to mark the conversion. On master only, I have eliminatd $Id tags in files, and converted all textfiles to utf-8 (encoding marks in texinfo and html not yet updated, though). > (including separated nettle)! Not there yet. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

2 1

Migration from CVS to GIT
by nisse＠lysator.liu.se 31 Jan '12

31 Jan '12

I'm finally looking into conversion of the lsh repository from CVS to GIT, and this naturally also includes nettle. A public test repository can be found at lysator's gitorious installation, at http://git.lysator.liu.se/lsh/test-2. The conversion was done by the pcvs2git.pike program (see git://pike-git.lysator.liu.se/pcvs2git.git), and I got some help from Henrik Grubbström to write a config file to handle the few peculiarities in the lsh repository. The intention is that the new git repository should include all branches and tags from the old cvs repository, and record major merge events, like the 2006-05-16 merge from the experimental branch to the trunk. Please test, and if all goes well I'll rename this repository to "lsh" (or recreate, if I can't figure out how to do repository renames with gitorious). If this first steps works out ok, step two is to do a some cleanups (switching to utf-8 for the files, deleting old $Id$ tags, etc). And then step three is to extract the nettle subdirectory as an independent project and repository, using git subtree of git filter-branch or so (I'm not sure what's the best tool for that job). Other sub-projects, e.g., the argp implementation, can be split out later, if desired. For the few "common files" (e.g., misc/run-tests), they'll simply have to be duplicated in several repositories. If I still want to bundle nettle with the lsh distribution, I'll handle that by setting up some symlink in my working tree. git submodule is probably not a solution, and git subtree is most likely overkill. The old CVS repository can be considered read-only now. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

1 1

Re: Migration from CVS to GIT
by nisse＠lysator.liu.se 24 Jan '12

24 Jan '12

Martin Storsjö <martin(a)martin.st> writes: > I'd hope for a round of filter-branch to rewrite author names in git > to the original author of patches. I was thinking that it's good enough to convert the information recorded by cvs. But it's certainly possible to add specified author names for certain commits, as a part of the conversion process. The config/Pike-real-authors file (from the git://pike-git.lysator.liu.se/pcvs2git.git repository) is an example of what that input file should look like. Since I haven't used it I'm not sure how it works, but I could try to find out. But it's going to be some manual work, going through the ChangeLog files looking for contributed changes, and then looking at the cvs log to identify affected revisions and writing the input file for --contributors. > If you don't feel up to doing this yourself, I can try to give it a go. If you want to give it a try, I'll explain what's needed. 1. Get pike 7.8 release 550 or later, http://pike.ida.liu.se/pub/pike/beta/7.8.550/Pike-v7.8.550.tar.gz Annoyingly enough, it doesn't support the most recent version of nettle, resulting in compilation errors on the DES glue. I had to #if out the DES and DES3 ciphers from the Nettle module. Alternatively, there should be some configure argument to force Pike to build with the bundled version of nettle, rather than the installed version. 2. Get git://pike-git.lysator.liu.se/pcvs2git.git. This includes Henrik's configuration file in config/lsh.pcvs2git. 3. Get the CVS repository. I'm putting a copy at http://www.lysator.liu.se/~nisse/misc/lsh-cvsroot.tar.gz 4. Create an authors.txt file, containing nisse=Niels Möller <nisse(a)lysator.liu.se> uid444=Niels Möller <nisse(a)lysator.liu.se> _cvs_pont=Pontus Freyhult <pont(a)soua.net> 5. To do the conversion, I used the command line pike ../pcvs2git/pcvs2git.pike -c ../pcvs2git/config/lsh.pcvs2git \ -A authors.txt -k -l -C lsh.git -d lsh-cvsroot/lsh It spawns a git fast-import process which populates the new repository. The result should be almost identical to the current "test-2" repository (Henrik has committed some tweaks for the generated .gitattributes files). To use a contributors file, add --contributors contributors.txt early on the above command line (the -d option and argument has to come after other options). Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

1 0

Trying to find ssh2 libs
by Goran Hasse 25 Sep '08

25 Sep '08

Dear all... We have build a small IO-device thate are ment to be connected on internet. Take a look at http://www.ipio.nu In the next version of this we want to use AVR32 and use uCLinux as operating system. On the device we will have som simple server to control it. SSL seems to be to many things and OpenSSH have no libraries that we can use. libssh2 seems to be what we want for a client - but we could not find any simple "server side" libraries. We don't want X11-forwaring, and all other fantastic things. Just authentication and a secure channel. Nothing more! Is there any possibility that lsh can do the work for us? (How do we get rid of all nice features ;-) -- gorhas(a)gmail.com Mob: 070-5530148

2 1

ANNOUNCE: lsh-2.0.4
by nisse＠lysator.liu.se 06 Sep '07

06 Sep '07

This is a pure bugfix release, fixing the x11 forwarding bug discussed recently on this list. News for the 2.0.4 release Fixed x11 forwarding bug in the lsh client. Licensing: I don't find it appropriate to make any licensing change for a single-line update like this. Hence, like all previous versions of lsh, this version is released under "GNU GPL version 2 or (at your option) later". However, future versions will most likely be released under GPL version 3. Available at http://www.lysator.liu.se/~nisse/archive/lsh-2.0.4.tar.gz ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-2.0.4.tar.gz or apply the below patch to lsh-2.0.3. Regards, /Niels diff -u -r1.892 -r1.893.2.1 --- ChangeLog 8 May 2006 19:18:34 -0000 1.892 +++ ChangeLog 5 Sep 2007 18:32:59 -0000 1.893.2.1 @@ -1,3 +1,15 @@ +2007-09-05 Niels Möller <nisse(a)lysator.liu.se> + + * src/client_x11.c (do_client_channel_x11_receive): Fixed parser + bookkeeping. Was broken before the 1.5.4 release. Problem reported + by Kaloian Doganov. + +2006-05-09 Niels Möller <nisse(a)lysator.liu.se> + + * configure.ac: Bumped version number to 2.0.4. + + * Released lsh-2.0.2. + 2006-05-08 Niels Möller <nisse(a)lysator.liu.se> * doc/ssh-conv.1: Changed to ordinary line breaks in example diff -u -r1.126 -r1.126.2.1 --- NEWS 8 May 2006 20:28:30 -0000 1.126 +++ NEWS 5 Sep 2007 18:51:38 -0000 1.126.2.1 @@ -1,3 +1,7 @@ +News for the 2.0.4 release + + Fixed x11 forwarding bug in the lsh client. + News for the 2.0.3 release At startup, lshd now tries to close any spurious open file diff -u -r1.63 -r1.64 --- configure.ac 29 Apr 2006 20:00:10 -0000 1.63 +++ configure.ac 9 May 2006 18:16:30 -0000 1.64 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([lsh], [2.0.3], [bug-lsh(a)gnu.org]) +AC_INIT([lsh], [2.0.4], [bug-lsh(a)gnu.org]) AC_PREREQ(2.52) AC_CONFIG_SRCDIR([src/lsh.c]) # Needed to stop autoconf from looking for files in parent directories. diff -u -r1.26 -r1.26.4.1 --- src/client_x11.c 16 Nov 2003 18:40:37 -0000 1.26 +++ src/client_x11.c 5 Sep 2007 18:32:48 -0000 1.26.4.1 @@ -211,6 +211,7 @@ /* The small initial window size should ensure that all the data fits. */ lsh_string_write_string(self->buffer, self->i, data); + self->i += lsh_string_length(data); lsh_string_free(data); buffer = lsh_string_data(self->buffer);

1 0

Re: can't connect to lshd using midpssh
by nisse＠lysator.liu.se 19 Jul '07

19 Jul '07

Christiaan Welvaart <cjw(a)daneel.dyndns.org> writes: > Your example describes the actual problem: lsh-keygen defaults to RSA > while midpssh only supports DSA. After switching to a DSA hostkey, I > got: > > lshd: pty_open_slave: Invalid terminal modes from client. > > The CHANNEL_REQUEST was: > > 00000000: 6200000000000000077074792d726571 b........pty-req > 00000010: 000000000576743332300000003e0000 .....vt320...>.. > 00000020: 0028000000000000000000000000 .(............ > ^^^^^^^^ > Now the RFC 4254 is a bit strange, because it lists this field as: > > string encoded terminal modes > > while the description says it is a byte stream that is terminated by > opcode TTY_OP_END (0x00). So I'm not sure if the pty-req request from > midpssh is valid. With the patch below applied to lshd I can get a > shell, though. I'm in a hurry (packing for summer vacation), but I think most of the blame should be on midpssh. * I'm assuming that midpssh implements some kind of terminal emulation, presumably vt320. Otherwise, sending a pty-req doesn't make much sense. Then it ought to tell the server what terminal modes it is emulating, or it can expect a broken user experience. * But on the server side, it would make some sense to allow an empty terminal mode string, and interpret it as "I'm happy with any random selection of terminal modes that one gets by default on this particular operating system when requesting a new pty-pair." In lshd, I think it would be cleaner to do that check elsewhere, though, and never call tty_decode_term_mode at all if the provided string is empty. Regards, /Niels

1 0

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

lsh-bugs