search for: 3e07

Displaying 20 results from an estimated 293 matches for "3e07".

Did you mean: 307
2019 Feb 15
3
Can we disable diffie-hellman-group-exchange-sha1 by default?
...t; one of each size. I imagine that'd cause some complaints about > startup time. > > With those caveats, you are also welcome to add the appropriate > ssh-keygen commands to your startup scripts. > > -- > Darren Tucker (dtucker at dtucker.net) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement.
2020 Jun 01
5
"ssh -Q key" does not list rsa-sha2 algorithms
...so accept ssh_config keywords and emit the formats or algorithms accepted by that keyword, eg. $ ssh -V OpenSSH_8.2p1, OpenSSL 1.1.1g FIPS 21 Apr 2020 $ ssh -Q PubkeyAcceptedKeyTypes [...] ssh-rsa rsa-sha2-256 rsa-sha2-512 [...] -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2019 Feb 15
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
...the current group size selection code > is based, puts a 4k group at a little over 128 bits of security. This > is why we generate larger groups (and request them, when using 192 and > 256 bit ciphers). > > -- > Darren Tucker (dtucker at dtucker.net) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement.
2017 Feb 16
2
Issue with ssh-keygen
...ef WITH_OPENSSL +# ifdef WITH_SSH1 { NULL, "RSA1", KEY_RSA1, 0, 0 }, +# endif { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, # ifdef OPENSSL_HAS_ECC -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2016 Aug 02
2
OpenSSH 7.3p1 can't be build on Solaris 10
...The above explains where the XOPEN came from. As to why you're seeing it, my guess is your version of gcc defaults to -std=c99 and mine doesn't. You can try adding "-std=c89" to your CFLAGS and see if it builds. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2016 Jul 21
2
Openssh use enumeration
...unts have a hash set, but I also don't have password auth > enabled. IMO random delays are overrated for mitigating timing attacks; you can look for inconsistent behaviour as the indicator of whatever you're looking for. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2017 Apr 07
2
Any interest in a patch for setting the syslog facility for the ssh client?
...t; > configuring the client syslog facility to use. I made the change in > > openssh-6.6p1. If there is interest I can port the change to the openssh > > portable github. > > Sounds reasonable. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. >
2016 Jul 21
4
Openssh use enumeration
...rchr(passwd+1, '$')) != NULL) { + typelen = p - passwd + 1; + strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); + explicit_bzero(passwd, strlen(passwd)); + goto out; + } + } + out: + endpwent(); return salt; } -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2016 Oct 26
2
use PT_DENY_ATTACH on Mac OS X
...fatal("unable to make the process untraceable"); #endif +#ifdef PT_DENY_ATTACH + /* Mac OS X */ + if (ptrace(PT_DENY_ATTACH, 0, 0, 0) == -1 && strict) + fatal("unable to set PT_DENY_ATTACH"); +#endif } -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2017 Apr 07
2
Any interest in a patch for setting the syslog facility for the ssh client?
...> > In general, the OpenBSD style guide. From the README: > > Code contribution are welcomed, but please follow the OpenBSD > style guidelines[6]. > [...] > [6] http://man.openbsd.org/style.9 > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. >
2017 Apr 07
2
Any interest in a patch for setting the syslog facility for the ssh client?
...> > In general, the OpenBSD style guide. From the README: > > Code contribution are welcomed, but please follow the OpenBSD > style guidelines[6]. > [...] > [6] http://man.openbsd.org/style.9 > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > > > _______________________________________________ > openssh-unix-dev mailing listopenssh-unix-dev at mindrot.orghttps://...
2016 Jul 21
2
Openssh use enumeration
...string at 1k, > above which the password is immediately refused. There's other > possible embellishments (eg, add a possibly variable delay) but we > haven't decided on any yet. > > Thanks. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https:...
2017 Feb 13
3
Logfile encoding question
Hello. I've got a question about encoding in sshd's log files. When I try to log in with a "?" username, which is a cyrillic "h" (U+0445), I get this message in a logfile: input_userauth_request: invalid user \\321\\205 [preauth]. I am struggling to understand: is that hex, is that octal? It doesn't map to any encoding that I know of.
2024 Mar 06
2
Call for testing: OpenSSH 9.7
...ems, though, since there is no guarantee the bin/openssl in a non-default location is functional (eg if its libraries are not in the system default runtime linker path and it's built without -rpath, which it's usually not). -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2018 Aug 17
3
Call for testing: OpenSSH 7.8
On SPARC Solaris 10, using Solaris' native OpenSSL and Solaris Studio 12.2, I got the following errors: run test agent-getpeereid.sh ... ssh-add did not fail for nobody: 1 < 2 failed disallow agent attach from other uid gmake[1]: *** [t-exec] Error 1 gmake[1]: Leaving directory `/scratch/wieland/src/openssh/openssh-SNAP-20180817/regress' gmake: *** [tests] Error 2 -- Jeff Wieland,
2020 May 13
3
Call for testing: OpenSSH 8.3
...libraries with xlc so it can't build the sk-dummy library. We don't actually use it if you're not building with security key support, I'll see if I can make it skip building it too. Thanks for the thorough testing! -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2018 Jun 08
3
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
...if it will link at any point. Perhaps the problem is the problem is occurs due to an interaction with other flags b) try using LD=gcc and see if it behaves any different (also, see if the list of options it detects is different). -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
2016 Dec 20
2
Need Help to Fix CVE-2016-6210
Hi All, Actually I am working with the OpenSSH version 6.2p which is vulnerable to above mentioned vulnerabilities (CVE-2016-6210). So am looking for some help how I can fix these vulnerabilities in my version. I need to fix it in the OpenSSH code. Regards Abhishek
2017 Jan 10
2
Any interest in a patch for setting the syslog facility for the ssh client?
Hello, I recently made a change to the openssh ssh client code to allow configuring the client syslog facility to use. I made the change in openssh-6.6p1. If there is interest I can port the change to the openssh portable github. Cheers, Ethan
2017 Jan 24
2
Need information to bypass the preauth in openssh
...> equivalent for your platform so that getpwnam(3) knows about those > users (including things like uid/gid, home directory and shell). I'm > not sure TACACS can provide the required details, though. > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. >