Displaying 20 results from an estimated 32 matches for "bn_num_bit".
Did you mean:
bn_num_bits
2002 Aug 30
1
LIBCRYPTO?
...9: undefined reference to `RSA_free'
/.../ssh/sshd.c:401: undefined reference to `RSA_free'
/.../ssh/sshd.c:403: undefined reference to `RSA_free'
sshd.elf2flt: In function `main':
/.../ssh/sshd.c:559: undefined reference to `RSA_new'
/.../ssh/sshd.c:599: undefined reference to `BN_num_bits'
/opt/uClinux-dist/user/ssh/sshd.c:599: undefined reference to `BN_num_bits'
/.../ssh/sshd.c:603: undefined reference to `BN_num_bits'
/.../ssh/sshd.c:664: undefined reference to `RSA_new'
/.../ssh/sshd.c:665: undefined reference to `RSA_new'
sshd.elf2flt: In function `do_ssh1_...
2001 Feb 19
1
Dubious use of BN_num_bits in sshconnect1.c
...Warning: This may be due to an old implementation of ssh.
respond_to_rsa_challenge: public_key 1151 < host_key 1024 +
SSH_KEY_BITS_RESERVED 128
..and a resulting refusal to continue.
I've done a bit of digging in the source, and have found the source of the
problem to be the use of BN_num_bits to determine the length of the keys
received in sshconnect1.c. The problem is that BN_num_bits does not return
the number of significant bits of a given bignum, but rather the position of
the most significant 1 bit, which is not necessarily the same thing.
It is perfectly possible (and as dem...
2001 Feb 19
2
Dubious use of BN_num_bits in sshconnect1.c (resend)
------- Forwarded Message
Subject: Re: Dubious use of BN_num_bits in sshconnect1.c
From: Niels Provos <provos at citi.umich.edu>
In-Reply-To: alex at foogod.com, Sun, 18 Feb 2001 19:38:56 PST
To: alex at foogod.com
Cc: openssh-unix-dev at mindrot.org
Date: Mon, 19 Feb 2001 10:07:24 -0500
Sender: provos at citi.umich.edu
Hi Alex,
there is no problem in O...
2017 Sep 22
2
Call for testing: OpenSSH 7.6
..., "%s bits %d\n", __func__, bits);
return SSH_ERR_KEY_LENGTH;
+ }
*ecdsap = NULL;
if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) {
ret = SSH_ERR_ALLOC_FAIL;
@@ -1881,6 +1888,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
goto out;
}
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ fprintf(stderr, "%s num_bits %d min %d\n", __func__,
+ BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
ret = SSH_ERR_KEY_LENGTH;
goto out;
}
@@ -2664,6 +2673,8 @@ sshkey_private_deserialize(struct...
2001 Jul 05
1
Patch to workaround host key size mismatch bug in old SSH sshd
...5 10:49:28 2001
@@ -37,6 +37,7 @@
#include "packet.h"
#include "mpaux.h"
#include "uidswap.h"
+#include "compat.h"
#include "log.h"
#include "readconf.h"
#include "key.h"
@@ -960,7 +961,8 @@
sum_len += clen;
rbits = BN_num_bits(host_key->n);
- if (bits != rbits) {
+ if (bits != rbits &&
+ !((datafellows & SSH_BUG_SERVERLIESSIZE) && (rbits + 1 == bits))) {
log("Warning: Server lies about size of server host key: "
"actual size is %d bits vs. announced %d.", rbits, b...
2001 Feb 08
1
ssh1 keyexchange problem ?
Hi,
Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange
problem that Core-SDI described ? ( I noticed that fix is already
in openbsd tree ).
-Jarno
--
Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi
University of Kuopio - Computer Center | Work: +358 17 162822
PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169
2017 Feb 03
2
compilation errors on master
...ec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c -o sshkey.o
sshkey.c: In function ?sshkey_size?:
sshkey.c:274:28: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}?
return BN_num_bits(k->rsa->n);
^~
sshkey.c:277:28: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}?
return BN_num_bits(k->dsa->p);
^~
sshkey.c: In function ?sshkey_new?:
sshkey.c:478:11: error: dereferencing pointer to in...
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi,
OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2003 Sep 30
0
3.7.1p2 on OpenBSD 2.8/sparc
...Running ssh-keygen through gdb, I get:
(gdb) run -t rsa1 -f ssh_host_key -N ""
Starting program: /usr/local/src/openssh-3.7.1p2/./ssh-keygen -t rsa1
-f ssh_host_key -N ""
Generating public/private rsa1 key pair.
Program received signal SIGSEGV, Segmentation fault.
0x1c338 in BN_num_bits ()
(gdb) bt
#0 0x1c338 in BN_num_bits ()
#1 0x5d9c in key_save_private_rsa1 (key=0xd0600, filename=0xcaec8
"ssh_host_key", passphrase=0xd0670 "",
comment=0xf7fff2f8 "root at oldyeek.mercea.net") at authfile.c:124
#2 0x617c in key_save_private (key=0xd0600, fil...
2003 Nov 04
0
ServerLiesWarning
.../sshconnect1.c openssh-3.7.1p2-serverlieswarning/sshconnect1.c
--- openssh-3.7.1p2/sshconnect1.c 2003-09-02 08:51:17.000000000 -0400
+++ openssh-3.7.1p2-serverlieswarning/sshconnect1.c 2003-11-04 02:29:50.000000000 -0500
@@ -494,7 +494,8 @@
packet_get_bignum(server_key->rsa->n);
rbits = BN_num_bits(server_key->rsa->n);
- if (bits != rbits) {
+ if (bits == rbits + 1 && ! options.server_lies_warning) {
+ } else if (bits != rbits) {
logit("Warning: Server lies about size of server public key: "
"actual size is %d bits vs. announced %d.", rbits, bits);...
2013 May 15
2
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
Functionality request for supporting Digital Signatures for RSA and DSS
Public Key Algorithms in alignment with NIST SP800-131A.
I
assume this has been asked before, but I could not find in the
archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key
algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH
Extension Algorithms are supported, but not a
2003 Feb 09
1
Logging of comments on keys
...thorized keys. */
file = authorized_keys_file(pw);
debug("trying public RSA key file %s", file);
***************
*** 249,254 ****
--- 255,263 ----
log("Warning: %s, line %lu: keysize mismatch: "
"actual %d vs. announced %d.",
file, linenum, BN_num_bits(key->rsa->n), bits);
+
+ /* log comment */
+ verbose("Comment on found key: %s", cp);
/* We have found the desired key. */
/*
2001 Nov 02
7
Entropy and DSA keys
I remember a discussion to the effect that using DSA keys in sshd
increases the requirement for random bits available on the system... and
that this requirement (was it a 128 bit random number per connection?)
presents security problems on systems that don't have a decent source of
entropy? Am I misinterpreting those discussions?
We are having a problem deploying sshd (no prngd) where sshd
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...uzz.o
regress/unittests/sshbuf/test_sshbuf_getput_fuzz.o
regress/unittests/sshbuf/test_sshbuf_fixed.o
regress/unittests/test_helper/libtest_helper.a -lssh -lopenbsd-compat
-lssh -lopenbsd-compat -lz -lcrypt
ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin
ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_free
ld: 0711-317 ERROR: Undefined symbol: .BN_new
ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free
ld: 0711-317 ERROR: Undefined symbol: .BN_cmp
ld: 0711...
2015 Mar 24
5
[Bug 2371] New: make check fails when using --without-openssl on AIX
...uzz.o
regress/unittests/sshbuf/test_sshbuf_getput_fuzz.o
regress/unittests/sshbuf/test_sshbuf_fixed.o
regress/unittests/test_helper/libtest_helper.a -lssh -lopenbsd-compat
-lssh -lopenbsd-compat -lz -lcrypt
ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits
ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin
ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn
ld: 0711-317 ERROR: Undefined symbol: .BN_free
ld: 0711-317 ERROR: Undefined symbol: .BN_new
ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free
ld: 0711-317 ERROR: Undefined symbol: .BN_cmp
ld: 0711...
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
...{
diff -ur openssh/sshconnect1.c openssh-sshfp/sshconnect1.c
--- openssh/sshconnect1.c 2006-11-07 13:14:42.000000000 +0100
+++ openssh-sshfp/sshconnect1.c 2010-11-27 23:57:11.267747490 +0100
@@ -535,7 +535,7 @@
debug("Received server public key (%d bits) and host key (%d bits).",
BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n));
- if (verify_host_key(host, hostaddr, host_key) == -1)
+ if (verify_host_key(host, hostaddr, host_key, NULL) == -1)
fatal("Host key verification failed.");
client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG...
2015 Jun 25
3
Call for testing: OpenSSH 6.9
On Thu, 25 Jun 2015, Michael Felt wrote:
> Just running a standard make, and then a make install to a packaging
> directory. It seems to be complaining about missing keys - not sure yet if
> this is a show stopper
For packaging you want the install-nokeys rule not install.
--
Tim Rice Multitalents
tim at multitalents.net
2005 Feb 24
3
Suggestion: SSHD pseudo/fake mode. Source available.
Hi,
SSH brute force attacks seem to enjoy increasing popularity. Call me an
optimist or a misrouted kind of contributer to the community, but on our
company server I actually go through the logs and report extreme cases
to the providers of the originating IP's. With the increasing number of
these attacks, however, I have now decided that it's better to move the
SSHd to a different
2013 May 31
0
DH group selection for SHA2-512 bit HMAC.
...I.e. minimum and preferred group size is 1024-bit,
- OpenSSH server in kexgexs.c:kexgex_server processes this message and
selects 1024-bit group, sending it back to client.
- however, later, when it goes to shared secret generation, in
dh.c:dh_gen_key code checks group size to be
2 * need >= BN_num_bits(dh->p), where need is set to 512 bit (by the
size of HMAC, i assume ), producing the error fatal("dh_gen_key: group
too small: %d (2*need %d)".
So, I think it would be more logical to check 'need' parameter somewhere
during group selection.
Or am I missing something?
Thank...
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...2(msg, tab->nentries)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
TAILQ_FOREACH(id, &tab->idlist, next) {
- if (id->key->type == KEY_RSA1) {
+ if (id->idkey->key->type == KEY_RSA1) {
#ifdef WITH_SSH1
if ((r = sshbuf_put_u32(msg,
- BN_num_bits(id->key->rsa->n))) != 0 ||
+ BN_num_bits(id->idkey->key->rsa->n))) != 0 ||
(r = sshbuf_put_bignum1(msg,
- id->key->rsa->e)) != 0 ||
+ id->idkey->key->rsa->e)) != 0 ||
(r = sshbuf_put_bignum1(msg,
- id->key->rsa...