Displaying 20 results from an estimated 118 matches for "authfile".
2014 Mar 03
6
[Bug 2207] New: Potential NULL deference, found using coverity
...Assignee: unassigned-bugs at mindrot.org
Reporter: arthurmesh at gmail.com
This defect was found on OpenSSH 6.5; however, it appears that code in
question has not changed between 6.5 and openssh-SNAP-20140204.tar.gz.
Thoughts:
while reading the code -- this caught attention:
authfile.c:
279 kdfname = buffer_get_cstring_ret(©, NULL);
280 if (kdfname == NULL ||
281 (!strcmp(kdfname, "none") && !strcmp(kdfname,
"bcrypt"))) {
282 error("%s: unknown kdf name", __func__);
283 got...
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
...this function's role
is similar to sshkey_load_private_type().
---
Dependency:
This change depends over recently merged change in openbsd:
https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0
Change log:
v1->v2
- Remove declaration of sshkey_load_private() in authfile.h
authfile.c | 38 --------------------------------------
authfile.h | 1 -
ssh-keygen.c | 20 +++++++++++---------
sshd.c | 5 +++--
4 files changed, 14 insertions(+), 50 deletions(-)
diff --git a/authfile.c b/authfile.c
index c28652c8bdf..6d86c2dd4c6 100644
--- a/authfile.c
+++ b/a...
1999 Nov 19
1
solaris compiling woes
...gcc 2.95.2
u_int32_t is missing somehow and i cannot find any includes which define it.
gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\"
-DSSH_PROGRAM=\"/usr/local/bin/ssh\"
-DASKPASS_PROGRAM=\"/usr/local/lib/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c
authfile.c
authfile.c: In function `save_private_key':
authfile.c:50: parse error before `rand'
authfile.c:63: invalid lvalue in assignment
authfile.c:64: invalid operands to binary &
authfile.c:65: invalid operands to binary >>
*** Error code 1
Thanks,
Emmanuel Tardieu
-------------- nex...
2010 Nov 27
0
[patch] Make passphrase-protected SSHv1 keys work again
...uot;, passphrase = "", commentp = &comment)
key_parse_private_type(blob = <contents of ~/.ssh/identity>, KEY_RSA1, passphrase = "", commentp = &comment)
key_parse_private_rsa1(blob, passphrase = "", commentp = &comment).
In key_parse_private_rsa1, at authfile.c:423-424, we execute
if (commentp)
*commentp = buffer_get_string(blob, NULL);
However, the empty passphrase is not correct (recall that my
~/.ssh/identity file has a passphrase), we fail to load the key and
"goto fail" at authfile.c:455?, and execute
fail:
if (commentp)
xfree(*c...
2001 May 25
1
ssh-keygen segfault (2.9p1)
...re dumped)
> [nkukard at wigglytuff .ssh]$
>
>
> That is the error i get when trying to change the passphrase on one of my
> keys, i'm just wonder if its summin i did wrong, a bug or anything
> else. Most important is there a way i can fix it?
please try this patch
Index: authfile.c
===================================================================
RCS file: /home/markus/cvs/ssh/authfile.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- authfile.c 2001/04/18 23:44:51 1.32
+++ authfile.c 2001/05/16 20:51:57 1.33
@@ -555,7 +555,8 @@
lseek(fd, (...
2010 Jan 12
1
[patch] Make keys work again
This patch makes keys work again. This bug was introduced in r1.78:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.77;r2=1.78.
Joachim
Index: authfile.c
===================================================================
RCS file: /usr/obsd-repos/src/usr.bin/ssh/authfile.c,v
retrieving revision 1.78
diff -u -N -p authfile.c
--- authfile.c 11 Jan 2010 04:46:45 -0000 1.78
+++ authfile.c 11 Jan 201...
2019 Sep 10
3
[Bug 3068] New: Duplicate code in sshkey_load_private() function
https://bugzilla.mindrot.org/show_bug.cgi?id=3068
Bug ID: 3068
Summary: Duplicate code in sshkey_load_private() function
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee:
2003 Sep 17
1
[Bug 662] memory leak in authfile.c
http://bugzilla.mindrot.org/show_bug.cgi?id=662
Summary: memory leak in authfile.c
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: zardoz a...
2001 Jan 11
3
ssh-keygen: passphrase.
...gen -d -f /etc/ssh/ssh_host_dsa_key -N ""
But when I try latter, I get:
(gdb) n
1 0x35a6 in save_private_key_ssh2 (
filename=0xb2d2c "/mydir/ssh_host_dsa_key",
_passphrase=0xb90f0 "''", key=0xc0360, comment=0xefbf91b0
"user at host")
at authfile.c:172
^^^^^^^^^
This means:
In authfile.c - save_private_key_ssh2(..):
<clipped>
if (len > 0 && len <= 4) {
error("passphrase too short: %d bytes", len);
errno = 0;
return 0;
}
<clipped>
Any ideas why this check, when INSTALL...
2002 Aug 11
0
Problems installing printerdriver after successful upload to samba-2.2.5
...explained step by step.
At the end of this mail you will find my references used in the text by
[0] and so on.
- starting with initial setup
- getdriverdir NT x86
- uploading files with smbclient prompt; cd W32X86
- addriver
- addprinter
- debian:/scratch/W32X86# rpcclient debian -d 1 -A /scratch/authfile.txt -c
"enumdrivers"
- debian:/usr/local/samba/var/locks# strings ntdrivers.tdb
- getdriverdir Windows 4.0
- uploading with smbclient prompt; cd WIN40..
- addriver
- addprinter
- enumdrivers
Everything looks quite good until here.
- Installation of the drivers from win98
Note: Debug outp...
2009 Jan 20
1
OpenSSH private key encryption: time for AES?
Hi, all.
So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys
should be, i realized that, if i update my 2048-bit keypairs to 4096
bits, it really doesn't matter that much, because they're still
only encrypted with 3DES, which provides an effective 112 bits of
symmetric encryption strength:
$ head -4 ~/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type:
2003 Nov 27
2
Question about adding another parameter for OpenSSH
...ave just one private key file for one user. Please, is it possible
to add patches into openssh development tree like these, so that standard
behavior of ssh is not changed, but when option GroupPrivateKey is used
with ssh, it is allowed to have group readable private key?
Thank you very much.
--- authfile.c.orig Thu Nov 27 15:01:01 2003
+++ authfile.c Thu Nov 27 16:50:39 2003
@@ -496,7 +496,7 @@
}
static int
-key_perm_ok(int fd, const char *filename)
+key_perm_ok(int fd, const char *filename, int group_private_key)
{
struct stat st;
@@ -510,7 +510,10 @@
#ifdef HAVE_CYGWIN
if (check_ntsec...
2002 Jan 31
7
x509 for hostkeys.
...Akey ca.key -CAcreateserial \
-extfile x509v3.cnf -extensions x509v3_DNSName \
-out HOSTKEY.crt
$ umask 077
$ cat /etc/ssh_host_rsa_key HOSTKEY.crt > /etc/ssh_host_rsa_key+cert
$ echo HostKey /etc/ssh_host_rsa_key+cert > sshd_config-test
$ sudo sshd -p 2222 -ddd -f sshd_config-test
Index: authfile.c
===================================================================
RCS file: /home/markus/cvs/ssh/authfile.c,v
retrieving revision 1.45
diff -u -r1.45 authfile.c
--- authfile.c 29 Dec 2001 21:56:01 -0000 1.45
+++ authfile.c 31 Jan 2002 10:50:53 -0000
@@ -460,6 +460,24 @@
error("PEM_read_...
2014 Jul 29
0
PAM and YubiKeys
...pam
args = failure_show_msg=yes dovecot
override_fields = proxy host=1.2.3.4 master=XXXXXX pass=XXXXXX
}
userdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/users
}
The dovecot Pam config file is :-
auth sufficient pam_yubico.so id=99999 key="xxxxxxxxxxx"
authfile=/etc/yubikey_mappings debug
@include common-auth
@include common-account
@include common-session
When failing to authenticate with Dovecot, the PAM debug log shows :-
[../pam_yubico.c:parse_cfg(761)] called.
[../pam_yubico.c:parse_cfg(762)] flags 0 argc 4
[../pam_yubico.c:parse_cfg(764)] argv[0]=...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...lable.
An other idea is to add a new option, I can do it if you prefer.
Also, I'm laking information for information extraction from PEM and
PKCS8 file format, I'm OK to have a pointer to implement this correctly.
This patch is also adding a regression test for the functionnality.
---
?authfile.c??????????????????????????? |? 16 ++--
?authfile.h??????????????????????????? |?? 7 +-
?regress/Makefile????????????????????? |?? 3 +-
?regress/keygen-private-information.sh |? 81 +++++++++++++++++++++
?ssh-keygen.c????????????????????????? |? 44 +++++++----
?ssh-keysign.c????????????????????????...
2001 Nov 25
2
displaying identity key comment string in passphrase prompt
...ntication() add a keycomment pointer
and a few lines to print the keycomment string if requested
and the comment string exists.
diff:
212a213
> char *keycomment; //BUCC: key comment string
259c260,267
< private = key_load_private_type(KEY_RSA1, authfile, "", NULL);
---
> {
> //BUCC, change: private = key_load_private_type(KEY_RSA1, authfile, "", NULL);
> //BUCC, to:
> private = key_load_private_type(KEY_RSA1, authfile, "", &keycomment);
> if (options.display_c...
2013 Sep 05
1
Using multiple certificates for a given private key
.../id_ecdsaB, and similarly
for ~/.ssh/id_ecdsa.pub, and placing the A and B certificates at
~/.ssh/id_ecdsaA-cert.pub and ~/.ssh/id_ecdsaB-cert.pub respectively,
thereby creating two copies of the key, each with its own certificate?
Looking at the source code, it looks as though not: key_load_cert
(authfile.c) calls key_try_load_public (authfile.c), which parses
${keyfile}-cert.pub until a key is found, loads it, and returns, thus
ignoring any subsequent certificates in the file. The cert filename is
also hardcoded to be ${keyfile}-cert.pub in key_load_cert.
Best wishes,
Ryan
--
|_)|_/ Ryan Kavanag...
2020 Apr 15
2
[PATCH] regression of comment extraction in private key file without passphrase
...t is worth it. Or any other
suggestion.
Note that the upper commit is very useful because it does extract the
fingerprint from a private file with passphrase while previously
ssh-keygen failed with the unsatisfying error "test_dsa is not a key
file". Thanks for it !
Regards
Lo?c
---
?authfile.c?? | 5 +++++
?ssh-keygen.c | 6 +-----
?2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/authfile.c b/authfile.c
index 50fa48e4a3b6..9e6e2a00a896 100644
--- a/authfile.c
+++ b/authfile.c
@@ -304,6 +304,11 @@ sshkey_load_public(const char *filename, struct
sshkey **keyp, char **comment...
2001 Oct 07
0
trivial grammatical patch
Hi.
Debug message "No RSA1 key file blah" misled me for a few seconds earlier
today. The message is meaning to say "key file blah is not an RSA1 key
file", whereas I interpreted it to mean "key file blah does not exist".
Trivial patch against 2.9.9p2's authfile.c:
--- authfile.c.orig Sat Oct 6 19:52:16 2001
+++ authfile.c Sat Oct 6 19:53:11 2001
@@ -250,7 +250,7 @@
/* Check that it is at least big enough to contain the ID string. */
if (len < sizeof(authfile_id_string)) {
- debug3("No RSA1 key file %.200s.", filename);
+ debug3(&qu...
2005 Mar 29
0
Loading keys in SSH2
...eys
are found in 'ssh_host_rsa_key' and 'ssh_host_rsa_key.pub'
respectively.
Now I am tracing through the sshd.c file and I am interested about how
the SSH2 protocol loads the host keys. Below I drew a rough call graph
as [fileName]functionName
[sshd.c]main()
|
\/
[authfile.c]key_load_private()
|
\/
[authfile.c]key_load_private_pem()
|
\/
[in openssl library]PEM_read_PrivateKey()
I am a bit confused about the call to the function PEM_read_PrivateKey()
Below is the call to PEM_read_PrivateKey() on line 463 of authfile.c
==================...