search for: gex

...//bugzilla.mindrot.org/show_bug.cgi?id=2302 --- Comment #13 from Darren Tucker <dtucker at zip.com.au> --- (In reply to Christoph Anton Mitterer from comment #10) [...] > Even though an attacker cannot (AFAIU??) for a connection to > downgrade to the weaker groups, The server's DH-GEX exchange hash includes the DH group sizes it received from the client. If these are modified in transit the exchange hash will not match. > it still doesn't give the server > admin a good way to "block out" weak clients. Do any such clients actually exist? RFC4419 says DH-GE...

https://bugzilla.mindrot.org/show_bug.cgi?id=2303 Bug ID: 2303 Summary: ssh (and perhaps even sshd) should allow to specify the minimum DH group sizes for DH GEX Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: calestyo at scien...

.... But I am stuck at the step (b). Can anybody suggest what's the best way to achieve my aim above? This is the sample code I have so far (not working). __BEGIN__ #data <- read.table("testdata.txt") # Is this a right way to initialize? all.arr = NULL for (gi in 1:nofrow) { gex <- as.vector(data.matrix(data[gi,],rownames.force=FALSE)) #compute variance gexvar <- var(gex) # join variance with its original vector nvec <- c(gexvar,gex) # I'm stuck here.....This doesn't seem to work all.arr <- data.frame(nvec) } print(all.arr) __END__...

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Comment on attachment 2630 --> https://bugzilla.mindrot.org/attachment.cgi?id=2630 Make the DH-GEX fallback group 4k bit. Where did this group come from? IMO it would be best to use one of the standard groups if we're picking another fixed one - logjam attacks aren't remotely plausible at this length, and doing so avoids any questions over the group's provenance. You could use the...

On Fri 2015-06-12 01:52:54 -0400, Mark D. Baushke wrote: > I have communicated with Allen Roginsky on this topic and I have been given permission to post his response. > > In this message below, the 'vendor' was Darren Tucker's generated prime > that used a generator value of 5. > > -- Mark > > From: "Roginsky, Allen" <allen.roginsky at

...onent: ssh Assignee: unassigned-bugs at mindrot.org Reporter: calestyo at scientia.net Hi. In a recent discussion[0], Christian Weisgerber pointed me to the fact that ssh/sshd fall back to diffie-hellman-group14-sha1 if client and server couldn't agree on parameters for DH GEX,... even when client and/or server intentionally removed diffie-hellman-group14-sha1 from their KEX preference list (which is like explicitly/intentionally disabling it). It seems that this is not exactly correct - I made some tests and it seems that this fallback only happens if /etc/ssh/moduli i...

...onent: ssh Assignee: unassigned-bugs at mindrot.org Reporter: calestyo at scientia.net Hi. In a recent discussion[0], Christian Weisgerber pointed me to the fact that ssh/sshd fall back to diffie-hellman-group14-sha1 if client and server couldn't agree on parameters for DH GEX,... even when client and/or server intentionally removed diffie-hellman-group14-sha1 from their KEX preference list (which is like explicitly/intentionally disabling it). It seems that this is not exactly correct - I made some tests and it seems that this fallback only happens if /etc/ssh/moduli i...

...ith the default group is still presumably several miles more secure than SSH-1. The OpenSSH client and server should both allow dh-group-exchange to be turned off (and in general, allow configuration of kex method preferences). Supporting data: On slow machines (e.g., 486-class, old SPARCs), dh-gex takes an unreasonably long time (e.g., 14 seconds for gex followed by kex on a SS20 server). Disabling gex (at the client end - there's a config option in PuTTY) gives a much more sensible delay (2 seconds). Also, from draft-ietf-secsh-architecture-15.txt: The following policy issues SH...

Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark

...bugzilla.mindrot.org/attachment.cgi?id=2400&action=edit Possible fix for kex.c GSSAPIKeyExchange strcmp problem Reported problem: Attempted connections from new 6.4p1 client to old 6.0p1 server fails when using "GSSAPIKeyExchange yes". Client error message: unsupported kex alg gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g== Server error message: (nothing much useful, even with -ddd) Cause: In kex.c :: choose_kex() prior to 6.3p1 the search for Kex k->name was performed using a mix of strcmp() and strncmp(). The strncmp() name comparisons on just the leading part of the name were nece...

On Wed, May 27, 2015 at 05:08:25PM -0400, Daniel Kahn Gillmor wrote: > On Tue 2015-05-26 15:39:49 -0400, Mark D. Baushke wrote: > > Hi Folks, > > > > The generator value of 5 does not lead to a q-ordered subgroup which > > is needed to pass tests in > > > > http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf > > I

Hi All, I am trying to decode the message received from openssh client 3.1.0 Following is the third message which I received. length = 0000 008c padding length = 06 messagetype = 1e (SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) padding = b8 218e c680 and the next four byte should have the n which is 0000 0080 which is less than 1024. 0000 008c 061e 0000 0080 2a19 a9e4 05fb aee2 b107 4fa9 f0c1 83d3 3bf0 15a2 8dc8 a74b 7be1 6cab 817f cffc b835 04f2 0958 850c b2ec dc0a 81de 0929 2d4c 9a6c 17a8 5a81 95bc 657b 0...

https://bugzilla.mindrot.org/show_bug.cgi?id=2553 Bug ID: 2553 Summary: 7.2p2 on server breaks GSSAPI with older clients Product: Portable OpenSSH Version: 7.2p1 Hardware: amd64 OS: Solaris Status: NEW Severity: normal Priority: P5 Component: Kerberos support Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2209 Bug ID: 2209 Summary: Problem logging into Cisco devices under 6.5p1 (kexgexc.c) Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: openssh a...

Hi Kaushal, I maintain a set of SSH hardening guides for various platforms, including RHEL 8. You can find them here: https://ssh-audit.com/hardening_guides.html - Joe -- Joseph S. Testa II Founder & Principal Security Consultant Positron Security On Thu, 2024-01-25 at 18:39 +0530, Kaushal Shriyan wrote: > Hi, > > I am running the below servers on Red Hat Enterprise

...: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jrouman at gmail.com Please consider adding "PuTTY_Local*" to the PuTTY versions allowed to use SSH_OLD_DHGEX in compat.c. This is the ID for iSSH and the PuTTY distributed with Ubuntu and Mint Linux. Sadly, iSSH is no longer being maintained so a fix on that end is unlikely. -- You are receiving this mail because: You are watching the assignee of the bug.

...keygen(1): support "ssh-keygen -lF hostname" to search known_hosts and print key hashes rather than full keys. * ssh-agent(1): add -D flag to leave ssh-agent in foreground without enabling debug mode; bz#2381 Bugfixes -------- * ssh(1), sshd(8): deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message and do not try to use it against some 3rd-party SSH implementations that use it (older PuTTY, WinSCP). * Many fixes for problems caused by compile-time deactivation of SSH1 support (including bz#2369) * ssh(1), sshd(8): cap DH-GEX group size at 4Kbits for Cisco i...

On 25 September 2017 at 02:32, Mark D. Baushke <mdb at juniper.net> wrote: > [+CC Loganaden Velvindron <logan at hackers.mu>] primary author of > the RFC 4419 refresh draft. https://datatracker.ietf.org/doc/draft-lvelvindron-curdle-dh-group-exchange/ ? Tangent: has any consideration been given to increasing the maximum allowed beyond 8192 bits (which is below the current NIST

...the use of a single security architecture. This patch adds support for the RFC4462 GSSAPI key exchange mechanisms to OpenSSH, along with adding some additional features to the GSSAPI code that is already in the tree. The patch implements: *) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key exchange mechanisms. (#1242) *) Support for the null host key type (#1242) *) Support for CCAPI credentials caches on Mac OS X (#1245) *) Support for better error handling when an authentication exchange fails due to server misconfiguration (#1244) *) Support for GSSAPI c...

https://bugzilla.mindrot.org/show_bug.cgi?id=2310 Bug ID: 2310 Summary: functionality to start process before ssh and/or to "wrap" such command around ssh Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5