search for: herrb

On Sun, Oct 04, 2020 at 10:50:32PM +1100, Damien Miller wrote: > On Sun, 4 Oct 2020, Matthieu Herrb wrote: > > > On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote: > > > On Sun, 4 Oct 2020, Damien Miller wrote: > > > > > > > No - I think you've stumbled on a corner case I hadn't anticipated. > > > > Does your configuration o...

...ntries for the hostname and IP? > > Also, do you use HashKnownHosts? or do you have any hashed host lines > in known_hosts? Yes I use HashKnownHosts yes Here are all the lines from my known_hosts.old that contains the public keys for this host. (the name is 'freedom' or freedom.herrb.net and IP adresses are 192.168.31.41 and 2a03:7220:8081:6101:6552:9ca8:512b:9251) |1|LDNls9zwwKUtszPxTWOn1hEP+30=|2C9Jva6DwfnWqEHHjylVV9gAfSs= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF2yT8wIR716QLjlhgLO3XGvFB7QHxguK2UXaFoVFEgQwRHpi5aLRjT3eENZNYHDUj/Nr4wFWDrOW1whtU...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alan Coopersmith (2): Sun Bug 6504978: xman on Solaris x86 does not render correctly, nroff visible renamed: .cvsignore -> .gitignore Matthieu Herrb (1): Bump version for release git tag: xman-1.0.3 http://xorg.freedesktop.org/archive/individual/app/xman-1.0.3.tar.bz2 MD5: 3d3a4b310a65ccce82472ef83acbbf97 xman-1.0.3.tar.bz2 SHA1: 1612166e4ccc93e9e18904c0d297b0135ee5dd62 xman-1.0.3.tar.bz2 http://xorg.freedesktop.org/archive/individua...

On Sun, 4 Oct 2020, Matthieu Herrb wrote: > Hi, > > on OpenBSD-current I now get this when connecting to an existing > machine for which I have both ecdsa an ed25519 keys in my existing > known_hosts (but apparently ed25519 keys where added only for the name > previsously by ssh): > > Warning: the ED25519...

...b2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9 [3] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-10 On Sun, Feb 25, 2018 at 2:16 AM, Matthieu Herrb <matthieu at herrb.eu> wrote: > On Fri, Feb 23, 2018 at 12:32:38PM +0000, Kim Minh Kaplan wrote: >> Hello, >> >> I use hosts that are dual stack configured (IPv4 and IPv6) and it >> happens that connectivity through one or the other is broken and >> timeouts....

...things work again. Is this an oversight when the ECDSA-SK key type was added, or is it an ancient bug in OpenSSH 6.7's agent implementation wrt unknown key types that cannot be fixed ? (other than by updating SSH on the debian host) Thanks for any help / suggestion / bug fixes... -- Matthieu Herrb

Jörg Sonnenberger (1): Fix abs() usage. Matthieu Herrb (1): libXpm 3.5.12 Tobias Stoeckmann (4): Fix out out boundary read on unknown colors Gracefully handle EOF while parsing files. Avoid OOB write when handling malicious XPM files. Handle size_t in file/buffer length git tag: libXpm-3.5.12 https://xorg.freedesktop.or...

Alan Coopersmith (1): Stop compiling empty sm_auth.c stub Emil Velikov (1): autogen.sh: use quoted string variables Fab (1): Fix callbacks signatures in libSM documentation Jon TURNEY (1): Include unistd.h for getpid() Matthieu Herrb (3): Fix uuid_to_string(3) type Get rid of strcpy() in the HAVE_UUID_CREATE case libSM 1.2.3 Mihail Konev (1): autogen: add default patch prefix Peter Hutterer (1): autogen.sh: use exec instead of waiting for configure to finish Tobias Stoeckmann (1): Fixed ou...

Fixes CVE-2018-14665 (local file overwrite bugs), and a trivial fix in fbdevhw initialization. All users are advised to upgrade. Thanks to Narendra Shinde and Thomas Hoger for the report, and Matthieu Herrb for the fix. Adam Jackson (1): xserver 1.20.3 Matthieu Herrb (2): Disable -logfile and -modulepath when running with elevated privileges LogFilePrep: add a comment to the unsafe format string. Peter Hutterer (1): xfree86: fix readlink call git tag: xorg-server-1.20.3 ht...

Adam Jackson (1): Fix XTS regression in XCopyColormapAndFree Alan Coopersmith (1): Fix spelling/wording issues Alex Henrie (1): Handle small final sigma in XConvertCase Marko Myllynen (1): Update Finnish compose sequences for SFS 5966:2019 standard Matthieu Herrb (2): Change the data_len parameter of _XimAttributeToValue() to CARD16 libX11 1.6.10 Peter Hutterer (1): Handle ssharp in XConvertCase() Raul Fernandes (1): Use memcmp and memcpy Samuel Thibault (2): Braille: Fix default lookup xlibi18n: Fix converting horizli...

Christopher Chavez (1): Fix typo GCCLipYOrigin -> GCClipYOrigin in XCreateGC() manpage Felix Yan (1): Correct a typo in GetStCmap.c Matthieu Herrb (2): Fix an integer overflow in init_om() libX11 1.6.12 Maya Rashish (1): Avoid the use of "register" keyword in XkbTranslateKeySym. Niclas Zeising (1): Fix input clients connecting to server git tag: libX11-1.6.12 https://xorg.freedesktop.org/archive/individua...

...ame of the user with the master password are submitted to the real server, which of course fails. Is there a way to tell the proxy to forward the master user to the real server, without forcing it in destuser, since we also need to have regular (non master) logins? Thanks in advance. -- Matthieu Herrb -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4051 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20081205/fb15312e/attachment-0002.bin>

...v4 address is specified as 'host', a dovecot proxy is created for clients connecting using IPv6 to this server, and symmetrically if the proxy is specified as an IPv6 address, clients connecting through IPv4 will get forwarded to the v6 address. Is there a way to avoid that? -- Matthieu Herrb -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4051 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20080811/31fda753/attachment-0002.bin>

The following patch is needed on Solaris, because <sys/stat.h> has a specific macro definition for struct stat. Without this patch the prototype for nfs_safe_stat() changes between the inclusion of nfs-workarounds.h and the definition of the function. -- Matthieu Herrb -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot_lib_nfs-workarounds_c.diff Type: text/x-patch Size: 412 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20060518/693ee728/attachment.bin>

Hello, I use hosts that are dual stack configured (IPv4 and IPv6) and it happens that connectivity through one or the other is broken and timeouts. In these case connection to the SSH server can take quite some time as ssh waits for the first address to timeout before trying the next. So I gave a stab at implementing RFC 8305. This patch implements part of it in sshconnect.c. * It does not do

Hi, I just fixed a couple of corner-cases relating to UpdateHostkeys in git HEAD and have enabled the option by default. IMO this protocol extension is important because it allows ssh clients to automatically migrate to the best available signature algorithms available on the server and supports our goal of deprecating RSA/SHA1 in the future. We would really appreciate your feedback on this

Release 1.3.2 of the joystick input driver for X.Org git tag: xf86-input-joystick-1.3.2 Matthieu Herrb: Makefile.am: nuke RCS Id Sascha Hlusiak: Typo in man page Increased default deadzone from 1000 to 5000 Added "StartMouseEnabled" and "StartKeysEnabled" options Allow '+' as separator for key mapping as in "key=Alt_L+Tab" Fi...

...ddleston (2): Added include of pwd.h so we build correctly on OS-X - see xorg mailing list Build fix for case-insensitive file systems Julien Cristau (3): Fix installation of app-defaults Fix build with builddir != srcdir $(builddir) is the current directory Matthieu Herrb (1): README: nuke RCS Id Samuel Thibault (1): Bug 10145: xdm passes file descriptors to children git tag: xdm-1.1.8 http://xorg.freedesktop.org/archive/individual/app/xdm-1.1.8.tar.bz2 MD5: cc1816bc62a3722ad509373b0b7f30fe xdm-1.1.8.tar.bz2 SHA1: 619d810d9cd60e193be72365791cdb4057fc...

...instead of argv[0] trick. Apple: Added some OSX version protection, so this will still compile on Tiger and below. Apple: No need for these bits being here in xinit as of xserver-1.4.0-apple9 Apple: Don't need to spew unneccessary 'directory exists' messages. Matthieu Herrb (2): OpenBSD: use openssl rand -hex 16 to generate the cookie. Replace sprintf() and strcpy() with snprintf(). git tag: xinit-1.0.9 http://xorg.freedesktop.org/archive/individual/app/xinit-1.0.9.tar.bz2 MD5: 224c36057e4416205d4e421af01a2f15 xinit-1.0.9.tar.bz2 SHA1: bbc8f28a38c103371...

...nto COPYING file Add hooks to check code with static analyzers like lint & sparse Replace sprintf with snprintf Version 1.0.1 James Cloos: Add *~ to .gitignore to skip patch/emacs droppings Replace static ChangeLog with dist-hook to generate from git log Matthieu Herrb: nuke RCS Ids Paulo Cesar Pereira de Andrade: libFS ansification. git tag: libFS-1.0.1 http://xorg.freedesktop.org/archive/individual/lib/libFS-1.0.1.tar.bz2 MD5: 81521249353fa33be7a4bb0062c2fbb9 SHA1: 7a78a88ab962cf5d62be6b0fef04d7054fba1b37 http://xorg.freedesktop.org/archive/indi...