search for: authfile

Displaying 20 results from an estimated 118 matches for "authfile".

2014 Mar 03
6
[Bug 2207] New: Potential NULL deference, found using coverity
...Assignee: unassigned-bugs at mindrot.org Reporter: arthurmesh at gmail.com This defect was found on OpenSSH 6.5; however, it appears that code in question has not changed between 6.5 and openssh-SNAP-20140204.tar.gz. Thoughts: while reading the code -- this caught attention: authfile.c: 279 kdfname = buffer_get_cstring_ret(&copy, NULL); 280 if (kdfname == NULL || 281 (!strcmp(kdfname, "none") && !strcmp(kdfname, "bcrypt"))) { 282 error("%s: unknown kdf name", __func__); 283 got...
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
...this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38 -------------------------------------- authfile.h | 1 - ssh-keygen.c | 20 +++++++++++--------- sshd.c | 5 +++-- 4 files changed, 14 insertions(+), 50 deletions(-) diff --git a/authfile.c b/authfile.c index c28652c8bdf..6d86c2dd4c6 100644 --- a/authfile.c +++ b/a...
1999 Nov 19
1
solaris compiling woes
...gcc 2.95.2 u_int32_t is missing somehow and i cannot find any includes which define it. gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\" -DSSH_PROGRAM=\"/usr/local/bin/ssh\" -DASKPASS_PROGRAM=\"/usr/local/lib/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c authfile.c authfile.c: In function `save_private_key': authfile.c:50: parse error before `rand' authfile.c:63: invalid lvalue in assignment authfile.c:64: invalid operands to binary & authfile.c:65: invalid operands to binary >> *** Error code 1 Thanks, Emmanuel Tardieu -------------- nex...
2010 Nov 27
0
[patch] Make passphrase-protected SSHv1 keys work again
...uot;, passphrase = "", commentp = &comment) key_parse_private_type(blob = <contents of ~/.ssh/identity>, KEY_RSA1, passphrase = "", commentp = &comment) key_parse_private_rsa1(blob, passphrase = "", commentp = &comment). In key_parse_private_rsa1, at authfile.c:423-424, we execute if (commentp) *commentp = buffer_get_string(blob, NULL); However, the empty passphrase is not correct (recall that my ~/.ssh/identity file has a passphrase), we fail to load the key and "goto fail" at authfile.c:455?, and execute fail: if (commentp) xfree(*c...
2001 May 25
1
ssh-keygen segfault (2.9p1)
...re dumped) > [nkukard at wigglytuff .ssh]$ > > > That is the error i get when trying to change the passphrase on one of my > keys, i'm just wonder if its summin i did wrong, a bug or anything > else. Most important is there a way i can fix it? please try this patch Index: authfile.c =================================================================== RCS file: /home/markus/cvs/ssh/authfile.c,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- authfile.c 2001/04/18 23:44:51 1.32 +++ authfile.c 2001/05/16 20:51:57 1.33 @@ -555,7 +555,8 @@ lseek(fd, (...
2010 Jan 12
1
[patch] Make keys work again
This patch makes keys work again. This bug was introduced in r1.78: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.77;r2=1.78. Joachim Index: authfile.c =================================================================== RCS file: /usr/obsd-repos/src/usr.bin/ssh/authfile.c,v retrieving revision 1.78 diff -u -N -p authfile.c --- authfile.c 11 Jan 2010 04:46:45 -0000 1.78 +++ authfile.c 11 Jan 201...
2019 Sep 10
3
[Bug 3068] New: Duplicate code in sshkey_load_private() function
https://bugzilla.mindrot.org/show_bug.cgi?id=3068 Bug ID: 3068 Summary: Duplicate code in sshkey_load_private() function Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Windows 10 Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:
2003 Sep 17
1
[Bug 662] memory leak in authfile.c
http://bugzilla.mindrot.org/show_bug.cgi?id=662 Summary: memory leak in authfile.c Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org ReportedBy: zardoz a...
2001 Jan 11
3
ssh-keygen: passphrase.
...gen -d -f /etc/ssh/ssh_host_dsa_key -N "" But when I try latter, I get: (gdb) n 1 0x35a6 in save_private_key_ssh2 ( filename=0xb2d2c "/mydir/ssh_host_dsa_key", _passphrase=0xb90f0 "''", key=0xc0360, comment=0xefbf91b0 "user at host") at authfile.c:172 ^^^^^^^^^ This means: In authfile.c - save_private_key_ssh2(..): <clipped> if (len > 0 && len <= 4) { error("passphrase too short: %d bytes", len); errno = 0; return 0; } <clipped> Any ideas why this check, when INSTALL...
2002 Aug 11
0
Problems installing printerdriver after successful upload to samba-2.2.5
...explained step by step. At the end of this mail you will find my references used in the text by [0] and so on. - starting with initial setup - getdriverdir NT x86 - uploading files with smbclient prompt; cd W32X86 - addriver - addprinter - debian:/scratch/W32X86# rpcclient debian -d 1 -A /scratch/authfile.txt -c "enumdrivers" - debian:/usr/local/samba/var/locks# strings ntdrivers.tdb - getdriverdir Windows 4.0 - uploading with smbclient prompt; cd WIN40.. - addriver - addprinter - enumdrivers Everything looks quite good until here. - Installation of the drivers from win98 Note: Debug outp...
2009 Jan 20
1
OpenSSH private key encryption: time for AES?
Hi, all. So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys should be, i realized that, if i update my 2048-bit keypairs to 4096 bits, it really doesn't matter that much, because they're still only encrypted with 3DES, which provides an effective 112 bits of symmetric encryption strength: $ head -4 ~/.ssh/id_rsa -----BEGIN RSA PRIVATE KEY----- Proc-Type:
2003 Nov 27
2
Question about adding another parameter for OpenSSH
...ave just one private key file for one user. Please, is it possible to add patches into openssh development tree like these, so that standard behavior of ssh is not changed, but when option GroupPrivateKey is used with ssh, it is allowed to have group readable private key? Thank you very much. --- authfile.c.orig Thu Nov 27 15:01:01 2003 +++ authfile.c Thu Nov 27 16:50:39 2003 @@ -496,7 +496,7 @@ } static int -key_perm_ok(int fd, const char *filename) +key_perm_ok(int fd, const char *filename, int group_private_key) { struct stat st; @@ -510,7 +510,10 @@ #ifdef HAVE_CYGWIN if (check_ntsec...
2002 Jan 31
7
x509 for hostkeys.
...Akey ca.key -CAcreateserial \ -extfile x509v3.cnf -extensions x509v3_DNSName \ -out HOSTKEY.crt $ umask 077 $ cat /etc/ssh_host_rsa_key HOSTKEY.crt > /etc/ssh_host_rsa_key+cert $ echo HostKey /etc/ssh_host_rsa_key+cert > sshd_config-test $ sudo sshd -p 2222 -ddd -f sshd_config-test Index: authfile.c =================================================================== RCS file: /home/markus/cvs/ssh/authfile.c,v retrieving revision 1.45 diff -u -r1.45 authfile.c --- authfile.c 29 Dec 2001 21:56:01 -0000 1.45 +++ authfile.c 31 Jan 2002 10:50:53 -0000 @@ -460,6 +460,24 @@ error("PEM_read_...
2014 Jul 29
0
PAM and YubiKeys
...pam args = failure_show_msg=yes dovecot override_fields = proxy host=1.2.3.4 master=XXXXXX pass=XXXXXX } userdb { driver = passwd-file args = username_format=%u /etc/dovecot/users } The dovecot Pam config file is :- auth sufficient pam_yubico.so id=99999 key="xxxxxxxxxxx" authfile=/etc/yubikey_mappings debug @include common-auth @include common-account @include common-session When failing to authenticate with Dovecot, the PAM debug log shows :- [../pam_yubico.c:parse_cfg(761)] called. [../pam_yubico.c:parse_cfg(762)] flags 0 argc 4 [../pam_yubico.c:parse_cfg(764)] argv[0]=...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...lable. An other idea is to add a new option, I can do it if you prefer. Also, I'm laking information for information extraction from PEM and PKCS8 file format, I'm OK to have a pointer to implement this correctly. This patch is also adding a regression test for the functionnality. --- ?authfile.c??????????????????????????? |? 16 ++-- ?authfile.h??????????????????????????? |?? 7 +- ?regress/Makefile????????????????????? |?? 3 +- ?regress/keygen-private-information.sh |? 81 +++++++++++++++++++++ ?ssh-keygen.c????????????????????????? |? 44 +++++++---- ?ssh-keysign.c????????????????????????...
2001 Nov 25
2
displaying identity key comment string in passphrase prompt
...ntication() add a keycomment pointer and a few lines to print the keycomment string if requested and the comment string exists. diff: 212a213 > char *keycomment; //BUCC: key comment string 259c260,267 < private = key_load_private_type(KEY_RSA1, authfile, "", NULL); --- > { > //BUCC, change: private = key_load_private_type(KEY_RSA1, authfile, "", NULL); > //BUCC, to: > private = key_load_private_type(KEY_RSA1, authfile, "", &keycomment); > if (options.display_c...
2013 Sep 05
1
Using multiple certificates for a given private key
.../id_ecdsaB, and similarly for ~/.ssh/id_ecdsa.pub, and placing the A and B certificates at ~/.ssh/id_ecdsaA-cert.pub and ~/.ssh/id_ecdsaB-cert.pub respectively, thereby creating two copies of the key, each with its own certificate? Looking at the source code, it looks as though not: key_load_cert (authfile.c) calls key_try_load_public (authfile.c), which parses ${keyfile}-cert.pub until a key is found, loads it, and returns, thus ignoring any subsequent certificates in the file. The cert filename is also hardcoded to be ${keyfile}-cert.pub in key_load_cert. Best wishes, Ryan -- |_)|_/ Ryan Kavanag...
2020 Apr 15
2
[PATCH] regression of comment extraction in private key file without passphrase
...t is worth it. Or any other suggestion. Note that the upper commit is very useful because it does extract the fingerprint from a private file with passphrase while previously ssh-keygen failed with the unsatisfying error "test_dsa is not a key file". Thanks for it ! Regards Lo?c --- ?authfile.c?? | 5 +++++ ?ssh-keygen.c | 6 +----- ?2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/authfile.c b/authfile.c index 50fa48e4a3b6..9e6e2a00a896 100644 --- a/authfile.c +++ b/authfile.c @@ -304,6 +304,11 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **comment...
2001 Oct 07
0
trivial grammatical patch
Hi. Debug message "No RSA1 key file blah" misled me for a few seconds earlier today. The message is meaning to say "key file blah is not an RSA1 key file", whereas I interpreted it to mean "key file blah does not exist". Trivial patch against 2.9.9p2's authfile.c: --- authfile.c.orig Sat Oct 6 19:52:16 2001 +++ authfile.c Sat Oct 6 19:53:11 2001 @@ -250,7 +250,7 @@ /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("No RSA1 key file %.200s.", filename); + debug3(&qu...
2005 Mar 29
0
Loading keys in SSH2
...eys are found in 'ssh_host_rsa_key' and 'ssh_host_rsa_key.pub' respectively. Now I am tracing through the sshd.c file and I am interested about how the SSH2 protocol loads the host keys. Below I drew a rough call graph as [fileName]functionName [sshd.c]main() | \/ [authfile.c]key_load_private() | \/ [authfile.c]key_load_private_pem() | \/ [in openssl library]PEM_read_PrivateKey() I am a bit confused about the call to the function PEM_read_PrivateKey() Below is the call to PEM_read_PrivateKey() on line 463 of authfile.c ==================...