notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

Two new features

Two two features were added on 2020-05-30:
  1. Repology links - each port now has a link to repology.org. See issue 148 for details.
  2. Ports I maintain report - port maintainers can now subscribe to a daily report of commits to the ports they maintain. See Watch ports I maintain at Report Subscriptions. Details at issue 138
Port details
rssh Restricted Secure SHell only for sftp/scp/rdist/rsync/CVS
2.3.4_2 shells Deleted on this many watch lists=9 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. 2.3.4_2Version of this port present on the latest quarterly branch.
Deprecated DEPRECATED: Abandoned by upstream
Expired This port expired on: 2019-06-11
Maintainer: jharris@widomaker.com search for ports maintained by this maintainer
Port Added: 2004-05-21 13:38:10
Last Update: 2019-06-13 09:31:30
SVN Revision: 504067

People watching this port, also watch: libiconv, sudo, unzip, pcre, screen

Also Listed In: security
License: BSD2CLAUSE
Description:
SVNWeb : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (8 items)
  1. /usr/local/share/licenses/rssh-2.3.4_2/catalog.mk
  2. /usr/local/share/licenses/rssh-2.3.4_2/LICENSE
  3. /usr/local/share/licenses/rssh-2.3.4_2/BSD2CLAUSE
  4. @shell bin/rssh
  5. man/man1/rssh.1.gz
  6. man/man5/rssh.conf.5.gz
  7. etc/rssh.conf.default.dist
  8. libexec/rssh_chroot_helper
Collapse this list.
Dependency lines:
  • rssh>0:shells/rssh
No installation instructions: this port has been deleted.
The package name of this deleted port was:
PKGNAME: rssh
Flavors: there is no flavor information for this port.
distinfo:
Packages:
rssh
ABIlatestquarterly
FreeBSD:11:aarch642.3.4_1-
FreeBSD:11:amd64--
FreeBSD:11:armv62.3.4_1-
FreeBSD:11:i386--
FreeBSD:11:mips2.3.4_1-
FreeBSD:11:mips642.3.4_1-
FreeBSD:12:aarch642.3.4_1-
FreeBSD:12:amd64--
FreeBSD:12:armv62.3.4_1-
FreeBSD:12:armv72.3.4_1-
FreeBSD:12:i386--
FreeBSD:12:mips2.3.4_1-
FreeBSD:12:mips642.3.4_1-
FreeBSD:12:powerpc64--
FreeBSD:13:aarch64--
FreeBSD:13:amd64--
FreeBSD:13:armv6--
FreeBSD:13:armv7--
FreeBSD:13:i386--
FreeBSD:13:mips--
FreeBSD:13:mips64--
FreeBSD:13:powerpc64--
 

There are no ports dependent upon this port

Configuration Options

USES:

Master Sites:
  1. http://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  2. http://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
  3. http://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  4. http://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  5. http://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  6. http://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  7. http://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  8. http://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  9. http://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  10. http://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  11. http://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  12. http://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  13. http://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  14. https://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  15. https://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
  16. https://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  17. https://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  18. https://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  19. https://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  20. https://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  21. https://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  22. https://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  23. https://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  24. https://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  25. https://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  26. https://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/
Port Moves
  • port deleted on 2019-06-13
    REASON: Has expired: Abandoned by upstream

Number of commits found: 33

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 Jun 2019 08:31:30
Original commit files touched by this commit  2.3.4_2
Revision:504067
rene search for other commits by this committer
Remove expired port:
2019-06-11 shells/rssh: Abandoned by upstream
11 Mar 2019 15:59:03
Original commit files touched by this commit  2.3.4_2
Revision:495357
kai search for other commits by this committer
shells/rssh: Mark as deprecated and set to expire

Upstream has officially abandoned the port some time ago and the software
was maintained then for a while by the Debian project.

But even Debian will now pull the plug and rssh won't be available in their
next stable release. Considering these facts it makes sense to let this port
expire towards the end of Q2.

PR:		235121
Approved by:	miwi (mentor), maintainer
Differential Revision:	https://reviews.freebsd.org/D19503
06 Mar 2019 20:45:27
Original commit files touched by this commit  2.3.4_2
Revision:494837
kai search for other commits by this committer
shells/rssh: Apply fixes for basename(3) handling and some security issues

basename(3) has been changed to be POSIX compliant in r308264. This implies
that it can possibly write to the passed string. shells/rssh passes a const
string, so it always crashes on invocation with FreeBSD 12 and later. The
new patches remedy this issue. [1] [2]

During further tests and research came to light that there were also
recently discovered security issues with the parsing of rsync/scp command
line arguments and insufficient sanitization of environment variables when
using rysnc.

The corresponding fixes have been incorporated to the new patches and the
already existing patch for the RSYNC option has been tightened for the
argument parsing. Please note that with this patch the scp option "-3" can
(Only the first 15 lines of the commit message are shown above View all of this commit message)
01 Apr 2016 14:25:18
Original commit files touched by this commit  2.3.4_1
Revision:412349 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight
23 Apr 2015 09:49:38
Original commit files touched by this commit  2.3.4_1
Revision:384554 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add CPE info
11 Jun 2014 17:42:36
Original commit files touched by this commit  2.3.4_1
Revision:357511 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add an @shell keyword to handle adding and remove a shell path in /etc/shell
Bump port revision of all ports that were doing it wrong prior to the keyword

CR:		D208
Reviewed by:	antoine
With hat:	portmgr
01 Feb 2014 17:18:14
Original commit files touched by this commit  2.3.4
Revision:342195 This port version is marked as vulnerable.
pawel search for other commits by this committer
- Add rsync3 support
- Add LICENSE

PR:		ports/180573
Submitted by:	maintainer
27 Dec 2013 09:03:30
Original commit files touched by this commit  2.3.4
Revision:337656 This port version is marked as vulnerable.
bapt search for other commits by this committer
Support stage
Fix build with clang on head (symbol collision)
20 Sep 2013 22:57:24
Original commit files touched by this commit  2.3.4
Revision:327770 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
shells)
10 Jul 2013 04:05:14
Original commit files touched by this commit  2.3.4
Revision:322611 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Pass maintainership to submitter
- While here trim header

PR:		180420
Submitted by:	Jason Harris <jharris@widomaker.com>
09 Jul 2013 21:26:49
Original commit files touched by this commit  2.3.4
Revision:322581 This port version is marked as vulnerable.
pav search for other commits by this committer
- Drop all my ports
04 Dec 2012 20:34:41
Original commit files touched by this commit  2.3.4
Revision:308270 This port version is marked as vulnerable.
pav search for other commits by this committer
- Fix typo in OPTIONS code

Spotted by:	rm
Feature safe:	yes
04 Dec 2012 20:17:47
Original commit files touched by this commit  2.3.4
Revision:308265 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 2.3.4

PR:		ports/173980
Submitted by:	nemysis <nemysis@gmx.ch>
Feature safe:	yes
24 Aug 2012 04:27:35
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
rea search for other commits by this committer
shells/rssh: mark FORBIDDEN due to being vulnerable

http://www.vuxml.org/freebsd/65b25acc-e63b-11e1-b81c-001b77d09812.html
documents rather serious vulnerability that allows people to curcumvent
protections put by rssh, thus making it a kind of non-usable tool.

Security:	65b25acc-e63b-11e1-b81c-001b77d09812
18 Mar 2011 17:59:51
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Get Rid MD5 support

With hat:       portmgr (myself)
22 Aug 2009 00:35:32
Original commit files touched by this commit  2.3.2
  Sanity Test Failure This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch SourceForge ports to the new File Release System: categories starting
with P,R,S
21 Aug 2008 14:32:07
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Readd shells/rssh without rsync support. I'm still actively using it.
21 Aug 2008 14:05:08
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
2008-08-21 shells/rssh: No longer maintained upstream
18 Jun 2008 21:08:54
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Replace BROKEN with IGNORE
22 May 2008 03:37:45
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
- Mark as BROKEN, does not work with rsync 3
23 Aug 2007 04:00:04
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
- change maintainer address on ports I maintain

Approved by:    clsung (mentor)
22 Jun 2007 07:30:42
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
beech search for other commits by this committer
- Remove 4.x cruft
- Partial commit (use of destdir is deprecated)

PR:             ports/113930
Submitted by:   Thomas Abthorpe <thomas@goodking.ca> (maintainer)
Approved by:    sat (mentor)
17 Jul 2006 20:03:19
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Pass maintainership to submitter
- Reformat pkg-descr

PR:             ports/100447
Submitted by:   Thomas Abthorpe <thomas at goodking.ca>
23 Jun 2006 04:18:53
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Reset bouncing maintainer address enigmatyc@laposte.net.

Hat:            portmgr
11 Mar 2006 17:47:22
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 2.3.2 and UnFORBIDDEN

PR:             94255
Submitted by:   delphij
Approved by:    portmgr (marcus)
16 Feb 2006 15:10:24
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
simon search for other commits by this committer
Mark FORBIDDEN due to local privilege escalation.

Security:      
http://vuxml.FreeBSD.org/e34d0c2e-9efb-11da-b410-000e0c2e438a.html
Security:       http://www.pizzashack.org/rssh/security.shtml
Prodded by:     remko
24 Jan 2006 01:04:19
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
edwin search for other commits by this committer
SHA256ify

Approved by: krion@
05 Jun 2005 20:12:50
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Add itself to /etc/shells

PR:             ports/81257
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>
Approved by:    maintainer timeout (16 days)
26 Jan 2005 09:07:49
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
simon search for other commits by this committer
Update to version 2.2.3 to fix security vulnerability.

Security:      
http://vuxml.FreeBSD.org/f11b219a-44b6-11d9-ae2f-021106004fd6.html
With hat:       secteam
Approved by:    maintainer timeout (security; 2 days), erwin (mentor)
03 Nov 2004 09:17:41
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
leeym search for other commits by this committer
There is a string format vulnerability in rssh-2.2.1
http://www.pizzashack.org/rssh/security.shtml

- update to 2.2.2
- use REINPLACE_CMD instead of the patch file
- correct the knob for RDIST

PR:             73143
Submitted by:   leeym
21 Sep 2004 20:37:18
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
leeym search for other commits by this committer
- rssh < 2.2.1 has information disclosure vulnerability, so update to 2.2.1
- rssh depends on rsync and rdist (optionally)

PR:             71472
Submitted by:   leeym
Approved by:    portmgr (marcus)
23 May 2004 13:31:11
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Mark rssh as IGNORE on 4.x (wordexp() is not supported)
  Maintainer informed.
21 May 2004 13:37:24
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add rssh 2.1.1, a Restricted Secure SHell only for sftp or/and scp.

rssh is a Restricted Secure SHell that allow only the use of sftp or
scp. It could be use when you need an account (and a valid shell) in
order to execute sftp or scp but when you don't want to give the
possibility to log in to this user.

WWW: http://www.pizzashack.org/rssh/index.shtml

PR:             ports/65860
Submitted by:   enigmatyc

Number of commits found: 33

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mysql56-clientJul 11
mysql56-serverJul 11
mysql57-clientJul 11
mysql57-serverJul 11
mysql80-clientJul 11
mysql80-serverJul 11
unbound*Jul 10
mybbJul 09
sqlite3*Jul 09
rubygem-kramdownJul 08
gitlab-ceJul 07
mbedtlsJul 07
anydeskJul 04
dbusJul 03
py-matrix-synapseJul 03

19 vulnerabilities affecting 148 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2020-07-11 12:42:41


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 39955
Broken 78
Deprecated 587
Ignore 309
Forbidden 5
Restricted 146
No CDROM 76
Vulnerable 25
Expired 4
Set to expire 557
Interactive 0
new 24 hours 5
new 48 hours11
new 7 days32
new fortnight57
new month143

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2020 Dan Langille. All rights reserved.