notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Port details
rssh Restricted Secure SHell only for sftp/scp/rdist/rsync/CVS
2.3.4_2 shells Deleted on this many watch lists=9 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port 2.3.4Version of this port present on the latest quarterly branch.
Deprecated DEPRECATED: Abandoned by upstream
Expired This port expired on: 2019-06-11
Maintainer: jharris@widomaker.com search for ports maintained by this maintainer
Port Added: 2004-05-21 13:38:10
Last Update: 2019-06-13 09:31:30
SVN Revision: 504067
Also Listed In: security
License: BSD2CLAUSE
Description:
SVNWeb : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (8 items)
  1. /usr/local/share/licenses/rssh-2.3.4_2/catalog.mk
  2. /usr/local/share/licenses/rssh-2.3.4_2/LICENSE
  3. /usr/local/share/licenses/rssh-2.3.4_2/BSD2CLAUSE
  4. @shell bin/rssh
  5. man/man1/rssh.1.gz
  6. man/man5/rssh.conf.5.gz
  7. etc/rssh.conf.default.dist
  8. libexec/rssh_chroot_helper
Collapse this list.
Dependency lines:
  • rssh>0:shells/rssh
No installation instructions: this port has been deleted.
The package name of this deleted port was:
PKGNAME: rssh
Flavors: there is no flavor information for this port.
distinfo:

There are no ports dependent upon this port

Configuration Options

USES:

Master Sites:
  1. http://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  2. http://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
  3. http://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  4. http://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  5. http://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  6. http://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  7. http://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  8. http://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  9. http://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  10. http://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  11. http://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  12. http://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  13. http://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  14. https://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  15. https://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
  16. https://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  17. https://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  18. https://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  19. https://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  20. https://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  21. https://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  22. https://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  23. https://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  24. https://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  25. https://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
  26. https://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/
Port Moves
  • port deleted on 2019-06-13
    REASON: Has expired: Abandoned by upstream

Number of commits found: 33

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 Jun 2019 08:31:30
Original commit files touched by this commit  2.3.4_2
Revision:504067
rene search for other commits by this committer
Remove expired port:
2019-06-11 shells/rssh: Abandoned by upstream
11 Mar 2019 15:59:03
Original commit files touched by this commit  2.3.4_2
Revision:495357
kai search for other commits by this committer
shells/rssh: Mark as deprecated and set to expire

Upstream has officially abandoned the port some time ago and the software
was maintained then for a while by the Debian project.

But even Debian will now pull the plug and rssh won't be available in their
next stable release. Considering these facts it makes sense to let this port
expire towards the end of Q2.

PR:		235121
Approved by:	miwi (mentor), maintainer
Differential Revision:	https://reviews.freebsd.org/D19503
06 Mar 2019 20:45:27
Original commit files touched by this commit  2.3.4_2
Revision:494837
kai search for other commits by this committer
shells/rssh: Apply fixes for basename(3) handling and some security issues

basename(3) has been changed to be POSIX compliant in r308264. This implies
that it can possibly write to the passed string. shells/rssh passes a const
string, so it always crashes on invocation with FreeBSD 12 and later. The
new patches remedy this issue. [1] [2]

During further tests and research came to light that there were also
recently discovered security issues with the parsing of rsync/scp command
line arguments and insufficient sanitization of environment variables when
using rysnc.

The corresponding fixes have been incorporated to the new patches and the
already existing patch for the RSYNC option has been tightened for the
argument parsing. Please note that with this patch the scp option "-3" can
(Only the first 15 lines of the commit message are shown above View all of this commit message)
01 Apr 2016 14:25:18
Original commit files touched by this commit  2.3.4_1
Revision:412349 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight
23 Apr 2015 09:49:38
Original commit files touched by this commit  2.3.4_1
Revision:384554 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add CPE info
11 Jun 2014 17:42:36
Original commit files touched by this commit  2.3.4_1
Revision:357511 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add an @shell keyword to handle adding and remove a shell path in /etc/shell
Bump port revision of all ports that were doing it wrong prior to the keyword

CR:		D208
Reviewed by:	antoine
With hat:	portmgr
01 Feb 2014 17:18:14
Original commit files touched by this commit  2.3.4
Revision:342195 This port version is marked as vulnerable.
pawel search for other commits by this committer
- Add rsync3 support
- Add LICENSE

PR:		ports/180573
Submitted by:	maintainer
27 Dec 2013 09:03:30
Original commit files touched by this commit  2.3.4
Revision:337656 This port version is marked as vulnerable.
bapt search for other commits by this committer
Support stage
Fix build with clang on head (symbol collision)
20 Sep 2013 22:57:24
Original commit files touched by this commit  2.3.4
Revision:327770 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
shells)
10 Jul 2013 04:05:14
Original commit files touched by this commit  2.3.4
Revision:322611 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Pass maintainership to submitter
- While here trim header

PR:		180420
Submitted by:	Jason Harris <jharris@widomaker.com>
09 Jul 2013 21:26:49
Original commit files touched by this commit  2.3.4
Revision:322581 This port version is marked as vulnerable.
pav search for other commits by this committer
- Drop all my ports
04 Dec 2012 20:34:41
Original commit files touched by this commit  2.3.4
Revision:308270 This port version is marked as vulnerable.
pav search for other commits by this committer
- Fix typo in OPTIONS code

Spotted by:	rm
Feature safe:	yes
04 Dec 2012 20:17:47
Original commit files touched by this commit  2.3.4
Revision:308265 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 2.3.4

PR:		ports/173980
Submitted by:	nemysis <nemysis@gmx.ch>
Feature safe:	yes
24 Aug 2012 04:27:35
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
rea search for other commits by this committer
shells/rssh: mark FORBIDDEN due to being vulnerable

http://www.vuxml.org/freebsd/65b25acc-e63b-11e1-b81c-001b77d09812.html
documents rather serious vulnerability that allows people to curcumvent
protections put by rssh, thus making it a kind of non-usable tool.

Security:	65b25acc-e63b-11e1-b81c-001b77d09812
18 Mar 2011 17:59:51
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Get Rid MD5 support

With hat:       portmgr (myself)
22 Aug 2009 00:35:32
Original commit files touched by this commit  2.3.2
  Sanity Test Failure This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch SourceForge ports to the new File Release System: categories starting
with P,R,S
21 Aug 2008 14:32:07
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Readd shells/rssh without rsync support. I'm still actively using it.
21 Aug 2008 14:05:08
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
2008-08-21 shells/rssh: No longer maintained upstream
18 Jun 2008 21:08:54
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Replace BROKEN with IGNORE
22 May 2008 03:37:45
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
- Mark as BROKEN, does not work with rsync 3
23 Aug 2007 04:00:04
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
tabthorpe search for other commits by this committer
- change maintainer address on ports I maintain

Approved by:    clsung (mentor)
22 Jun 2007 07:30:42
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
beech search for other commits by this committer
- Remove 4.x cruft
- Partial commit (use of destdir is deprecated)

PR:             ports/113930
Submitted by:   Thomas Abthorpe <thomas@goodking.ca> (maintainer)
Approved by:    sat (mentor)
17 Jul 2006 20:03:19
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Pass maintainership to submitter
- Reformat pkg-descr

PR:             ports/100447
Submitted by:   Thomas Abthorpe <thomas at goodking.ca>
23 Jun 2006 04:18:53
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Reset bouncing maintainer address enigmatyc@laposte.net.

Hat:            portmgr
11 Mar 2006 17:47:22
Original commit files touched by this commit  2.3.2
 This port version is marked as vulnerable.
mnag search for other commits by this committer
- Update to 2.3.2 and UnFORBIDDEN

PR:             94255
Submitted by:   delphij
Approved by:    portmgr (marcus)
16 Feb 2006 15:10:24
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
simon search for other commits by this committer
Mark FORBIDDEN due to local privilege escalation.

Security:      
http://vuxml.FreeBSD.org/e34d0c2e-9efb-11da-b410-000e0c2e438a.html
Security:       http://www.pizzashack.org/rssh/security.shtml
Prodded by:     remko
24 Jan 2006 01:04:19
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
edwin search for other commits by this committer
SHA256ify

Approved by: krion@
05 Jun 2005 20:12:50
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Add itself to /etc/shells

PR:             ports/81257
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>
Approved by:    maintainer timeout (16 days)
26 Jan 2005 09:07:49
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
simon search for other commits by this committer
Update to version 2.2.3 to fix security vulnerability.

Security:      
http://vuxml.FreeBSD.org/f11b219a-44b6-11d9-ae2f-021106004fd6.html
With hat:       secteam
Approved by:    maintainer timeout (security; 2 days), erwin (mentor)
03 Nov 2004 09:17:41
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
leeym search for other commits by this committer
There is a string format vulnerability in rssh-2.2.1
http://www.pizzashack.org/rssh/security.shtml

- update to 2.2.2
- use REINPLACE_CMD instead of the patch file
- correct the knob for RDIST

PR:             73143
Submitted by:   leeym
21 Sep 2004 20:37:18
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
leeym search for other commits by this committer
- rssh < 2.2.1 has information disclosure vulnerability, so update to 2.2.1
- rssh depends on rsync and rdist (optionally)

PR:             71472
Submitted by:   leeym
Approved by:    portmgr (marcus)
23 May 2004 13:31:11
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Mark rssh as IGNORE on 4.x (wordexp() is not supported)
  Maintainer informed.
21 May 2004 13:37:24
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add rssh 2.1.1, a Restricted Secure SHell only for sftp or/and scp.

rssh is a Restricted Secure SHell that allow only the use of sftp or
scp. It could be use when you need an account (and a valid shell) in
order to execute sftp or scp but when you don't want to give the
possibility to log in to this user.

WWW: http://www.pizzashack.org/rssh/index.shtml

PR:             ports/65860
Submitted by:   enigmatyc

Number of commits found: 33

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
drm-current-kmod*Dec 04
drm-devel-kmod*Dec 04
drm-fbsd11.2-kmod*Dec 04
drm-fbsd12.0-kmod*Dec 04
py-django21Dec 03
py-django22Dec 03
gitlab-ceNov 28
py-matrix-synapseNov 28
gitlab-ceNov 27
webkit2-gtk3Nov 27
py-urllib3Nov 26
clamavNov 25
unboundNov 23
asterisk13Nov 22
asterisk13Nov 22

13 vulnerabilities affecting 78 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-12-06 20:23:44


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 38185
Broken 743
Deprecated 106
Ignore 1012
Forbidden 3
Restricted 155
No CDROM 72
Vulnerable 26
Expired 6
Set to expire 75
Interactive 0
new 24 hours 4
new 48 hours7
new 7 days30
new fortnight59
new month129

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.