search for: bn_num_bits

...9: undefined reference to `RSA_free' /.../ssh/sshd.c:401: undefined reference to `RSA_free' /.../ssh/sshd.c:403: undefined reference to `RSA_free' sshd.elf2flt: In function `main': /.../ssh/sshd.c:559: undefined reference to `RSA_new' /.../ssh/sshd.c:599: undefined reference to `BN_num_bits' /opt/uClinux-dist/user/ssh/sshd.c:599: undefined reference to `BN_num_bits' /.../ssh/sshd.c:603: undefined reference to `BN_num_bits' /.../ssh/sshd.c:664: undefined reference to `RSA_new' /.../ssh/sshd.c:665: undefined reference to `RSA_new' sshd.elf2flt: In function `do_ssh1_k...

...Warning: This may be due to an old implementation of ssh. respond_to_rsa_challenge: public_key 1151 < host_key 1024 + SSH_KEY_BITS_RESERVED 128 ..and a resulting refusal to continue. I've done a bit of digging in the source, and have found the source of the problem to be the use of BN_num_bits to determine the length of the keys received in sshconnect1.c. The problem is that BN_num_bits does not return the number of significant bits of a given bignum, but rather the position of the most significant 1 bit, which is not necessarily the same thing. It is perfectly possible (and as demo...

------- Forwarded Message Subject: Re: Dubious use of BN_num_bits in sshconnect1.c From: Niels Provos <provos at citi.umich.edu> In-Reply-To: alex at foogod.com, Sun, 18 Feb 2001 19:38:56 PST To: alex at foogod.com Cc: openssh-unix-dev at mindrot.org Date: Mon, 19 Feb 2001 10:07:24 -0500 Sender: provos at citi.umich.edu Hi Alex, there is no problem in Op...

..., "%s bits %d\n", __func__, bits); return SSH_ERR_KEY_LENGTH; + } *ecdsap = NULL; if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -1881,6 +1888,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, goto out; } if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); ret = SSH_ERR_KEY_LENGTH; goto out; } @@ -2664,6 +2673,8 @@ sshkey_private_deserialize(struct...

...5 10:49:28 2001 @@ -37,6 +37,7 @@ #include "packet.h" #include "mpaux.h" #include "uidswap.h" +#include "compat.h" #include "log.h" #include "readconf.h" #include "key.h" @@ -960,7 +961,8 @@ sum_len += clen; rbits = BN_num_bits(host_key->n); - if (bits != rbits) { + if (bits != rbits && + !((datafellows & SSH_BUG_SERVERLIESSIZE) && (rbits + 1 == bits))) { log("Warning: Server lies about size of server host key: " "actual size is %d bits vs. announced %d.", rbits, bi...

Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169

...ec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c -o sshkey.o sshkey.c: In function ?sshkey_size?: sshkey.c:274:28: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}? return BN_num_bits(k->rsa->n); ^~ sshkey.c:277:28: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}? return BN_num_bits(k->dsa->p); ^~ sshkey.c: In function ?sshkey_new?: sshkey.c:478:11: error: dereferencing pointer to inc...

Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

...Running ssh-keygen through gdb, I get: (gdb) run -t rsa1 -f ssh_host_key -N "" Starting program: /usr/local/src/openssh-3.7.1p2/./ssh-keygen -t rsa1 -f ssh_host_key -N "" Generating public/private rsa1 key pair. Program received signal SIGSEGV, Segmentation fault. 0x1c338 in BN_num_bits () (gdb) bt #0 0x1c338 in BN_num_bits () #1 0x5d9c in key_save_private_rsa1 (key=0xd0600, filename=0xcaec8 "ssh_host_key", passphrase=0xd0670 "", comment=0xf7fff2f8 "root at oldyeek.mercea.net") at authfile.c:124 #2 0x617c in key_save_private (key=0xd0600, file...

.../sshconnect1.c openssh-3.7.1p2-serverlieswarning/sshconnect1.c --- openssh-3.7.1p2/sshconnect1.c 2003-09-02 08:51:17.000000000 -0400 +++ openssh-3.7.1p2-serverlieswarning/sshconnect1.c 2003-11-04 02:29:50.000000000 -0500 @@ -494,7 +494,8 @@ packet_get_bignum(server_key->rsa->n); rbits = BN_num_bits(server_key->rsa->n); - if (bits != rbits) { + if (bits == rbits + 1 && ! options.server_lies_warning) { + } else if (bits != rbits) { logit("Warning: Server lies about size of server public key: " "actual size is %d bits vs. announced %d.", rbits, bits);...

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

...thorized keys. */ file = authorized_keys_file(pw); debug("trying public RSA key file %s", file); *************** *** 249,254 **** --- 255,263 ---- log("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); + + /* log comment */ + verbose("Comment on found key: %s", cp); /* We have found the desired key. */ /*

I remember a discussion to the effect that using DSA keys in sshd increases the requirement for random bits available on the system... and that this requirement (was it a 128 bit random number per connection?) presents security problems on systems that don't have a decent source of entropy? Am I misinterpreting those discussions? We are having a problem deploying sshd (no prngd) where sshd

...uzz.o regress/unittests/sshbuf/test_sshbuf_getput_fuzz.o regress/unittests/sshbuf/test_sshbuf_fixed.o regress/unittests/test_helper/libtest_helper.a -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lz -lcrypt ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn ld: 0711-317 ERROR: Undefined symbol: .BN_free ld: 0711-317 ERROR: Undefined symbol: .BN_new ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free ld: 0711-317 ERROR: Undefined symbol: .BN_cmp ld: 0711-...

...uzz.o regress/unittests/sshbuf/test_sshbuf_getput_fuzz.o regress/unittests/sshbuf/test_sshbuf_fixed.o regress/unittests/test_helper/libtest_helper.a -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lz -lcrypt ld: 0711-317 ERROR: Undefined symbol: .BN_hex2bn ld: 0711-317 ERROR: Undefined symbol: .BN_num_bits ld: 0711-317 ERROR: Undefined symbol: .BN_bn2bin ld: 0711-317 ERROR: Undefined symbol: .BN_bin2bn ld: 0711-317 ERROR: Undefined symbol: .BN_free ld: 0711-317 ERROR: Undefined symbol: .BN_new ld: 0711-317 ERROR: Undefined symbol: .BN_clear_free ld: 0711-317 ERROR: Undefined symbol: .BN_cmp ld: 0711-...

...{ diff -ur openssh/sshconnect1.c openssh-sshfp/sshconnect1.c --- openssh/sshconnect1.c 2006-11-07 13:14:42.000000000 +0100 +++ openssh-sshfp/sshconnect1.c 2010-11-27 23:57:11.267747490 +0100 @@ -535,7 +535,7 @@ debug("Received server public key (%d bits) and host key (%d bits).", BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); - if (verify_host_key(host, hostaddr, host_key) == -1) + if (verify_host_key(host, hostaddr, host_key, NULL) == -1) fatal("Host key verification failed."); client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_...

On Thu, 25 Jun 2015, Michael Felt wrote: > Just running a standard make, and then a make install to a packaging > directory. It seems to be complaining about missing keys - not sure yet if > this is a show stopper For packaging you want the install-nokeys rule not install. -- Tim Rice Multitalents tim at multitalents.net

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

...I.e. minimum and preferred group size is 1024-bit, - OpenSSH server in kexgexs.c:kexgex_server processes this message and selects 1024-bit group, sending it back to client. - however, later, when it goes to shared secret generation, in dh.c:dh_gen_key code checks group size to be 2 * need >= BN_num_bits(dh->p), where need is set to 512 bit (by the size of HMAC, i assume ), producing the error fatal("dh_gen_key: group too small: %d (2*need %d)". So, I think it would be more logical to check 'need' parameter somewhere during group selection. Or am I missing something? Thanks...

...2(msg, tab->nentries)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); TAILQ_FOREACH(id, &tab->idlist, next) { - if (id->key->type == KEY_RSA1) { + if (id->idkey->key->type == KEY_RSA1) { #ifdef WITH_SSH1 if ((r = sshbuf_put_u32(msg, - BN_num_bits(id->key->rsa->n))) != 0 || + BN_num_bits(id->idkey->key->rsa->n))) != 0 || (r = sshbuf_put_bignum1(msg, - id->key->rsa->e)) != 0 || + id->idkey->key->rsa->e)) != 0 || (r = sshbuf_put_bignum1(msg, - id->key->rsa-...