search for: compat_datafellow

Hello, I'd like to inform you that the next release of WinSCP SFTP client (version 5.7.5) will support Diffie-Hellman group exchange as specified by RFC 4419. http://winscp.net/tracker/show_bug.cgi?id=1345 So I'd like to ask you to kindly update the check in compat_datafellows() to WinSCP_release_4* WinSCP_release_5.0* WinSCP_release_5.1* WinSCP_release_5.2* WinSCP_release_5.5* WinSCP_release_5.6* WinSCP_release_5.7 WinSCP_release_5.7.1 WinSCP_release_5.7.2 WinSCP_release_5.7.3 WinSCP_release_5.7.4 If you want to test this, please use: http://winscp.net/public/winscp2...

hi all, I got "xmalloc: out of memory" when i used ssh-keyscan to a remote host that is using SSH protocol 2 and only protocol 2 (no fallback to SSH protocol 1). Looks to me more like ssh-keyscan doesn't talk SSH protocol 2 to the server. Please help. Here is the exact error: # /usr/local/bin/ssh-keyscan -v miad_1 # miad_1 SSH-2.0-OpenSSH_3.0.2p1 xmalloc: out of memory

...: compat.c =================================================================== RCS file: /var/cvs/openssh/compat.c,v retrieving revision 1.82 retrieving revision 1.85 diff -u -p -r1.82 -r1.85 --- compat.c 31 Dec 2013 01:25:41 -0000 1.82 +++ compat.c 20 Apr 2014 03:33:59 -0000 1.85 @@ -95,6 +95,9 @@ compat_datafellows(const char *version) { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_4*", 0 }, { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, + { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, + { "OpenSSH_6.5*," + "OpenSSH_6.6*&qu...

....xx.xx.xx... : Connected to sd099001. : Escape character is '^]'. : SSH-2.0-2.1.0.pl2 SSH Secure Shell (non-commercial) : % ssh <mymachine> : .. : autodetect SSH_BUG_SIGBLOB : .. : len 20 datafellows -2 : : Received packet with bad string length ...... : ...DIES.... Actual problem: compat_datafellows() in compat.c does not recognize 2.1.0.pl2 version of SSH as 2.1.0, so it sets the variable "datafellows" to the wrong value. This causes death. one Working patch to the problem: --------------------------------- *** compat.c Sat Nov 4 21:42:36 2000 --- compat.c.new Fri Dec 22 1...

...ompat.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/compat.c,v retrieving revision 1.71 diff -u -p -r1.71 compat.c --- compat.c 1 Mar 2005 10:24:33 -0000 1.71 +++ compat.c 9 Jun 2005 07:54:45 -0000 @@ -151,6 +151,8 @@ compat_datafellows(const char *version) "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, { "*SSH_Version_Mapper*", SSH_BUG_SCANNER }, + { "Cisco-1.25", + SSH_BUG_BIGV1PACKET|SSH_BUG_IGNOREMSG }, { "Probe-*", SSH_BUG_PROBE }, { NULL, 0 } Index: compat.h...

On Sun, Feb 11, 2018 at 11:27 PM, Darren Tucker <dtucker at dtucker.net> wrote: > Sigh. If you could provide the server's identity string (eg from "ssh > -v yourthing") we could add a bug bit to stop it from being sent. $ ssh -v nathan at 10.0.0.1 OpenSSH_7.4p1, LibreSSL 2.5.0 [snip] debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version

On Sun, Apr 15, 2018 at 06:38:37PM +1000, Damien Miller wrote: > On Sat, 14 Apr 2018, Colin Watson wrote: > > This isn't an OpenSSH bug, but just in case anyone else is ambitious > > enough to automatically run interoperability tests against other SSH > > implementations, here's a heads-up: > > > > https://twistedmatrix.com/trac/ticket/9422 > >

Greetings. (Third try at sending this, the first two seemed to disappear without a trace. Perhaps use of MS Outlook was the problem, even though in plain text...? Or attachment too big (22Kb)? Would like to know...) The final source code and documentation package for a FIPS 140 validated mode of OpenSSL was recently submitted. Once the final certification is awarded by NIST, in a month or

> Turns out the problem is the new protocol extension for sending host keys to > the client after user authentication (section 2.5 of the PROTOCOLS > document). Commenting out the notify_hostkeys() call in sshd.c fixes the > issues with Cisco scp. Maybe a new bug compatibility flag in on order to > add to the "Cisco-1.*" client string that was added in 6.9? There's

...Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Other Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: martin at winscp.net The compat_datafellows function in compat.c includes this rule: { "WinSCP_release_4*," "WinSCP_release_5.0*," "WinSCP_release_5.1*," "WinSCP_release_5.5*," "WinSCP_release_5.6*,"...

Hi, I have a problem with a Linux box which I updated from 2.5.2p2 to 2.9p2 recently. It's running a tunnel started via inittab using a script which starts ssh -2 -N -o 'ConnectionAttempts 3600' -L <tunnel> $host This has run reliable with 2.5.2 over the last months. Now, after I have upgraded to 2.9p2, the tunnel is closed right after each attempt of an application to use

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

...snprintf(buf, sizeof buf, "SSH-1.5-OpenSSH-keyscan\r\n"); + if (c->c_keytype != KT_RSA1) { + int remote_major, remote_minor; + char remote_version[sizeof buf]; + + if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", + &remote_major, &remote_minor, remote_version) == 3) + compat_datafellows(remote_version); + else + datafellows = 0; + if (!ssh2_capable(remote_major, remote_minor)) { + debug("%s doesn't support ssh2", c->c_name); + confree(s); + return; + } + } + n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", + c->c_keytype...

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex