search for: jjelen

https://bugzilla.mindrot.org/show_bug.cgi?id=2714 Bug ID: 2714 Summary: Allow specifying a key description when loading from stdin Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-add

...ublic keys Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com It comes up from time to time that somebody uses private key without public key in separate file. OpenSSH is trying to be helpful to read the separate public key file initially, to prevent decrypting private keys to early, but currently it is very inconsistent. See the following step...

...rolPersist Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 2616 --> https://bugzilla.mindrot.org/attachment.cgi?id=2616&action=edit proposed patch +++ This bug was cloned from Red Hat Bugzilla ? Bug 1218351 +++ The new ControlPersist feature undesireably closes fds that are loaded by an adhoc LD_PRELOAD applicat...

...512) Product: Portable OpenSSH Version: 7.6p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 3111 --> https://bugzilla.mindrot.org/attachment.cgi?id=3111&action=edit PKCS#11 URI (RFC7512) support There is a series of patches adding a support for PKCS#11 URIs [1] with testsuite and improving the existing tests to be actually run against a software...

...card Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com The support for PKCS#11 in ssh-agent is limited to the smart cards that are not removed from the computer. Once removed and reinserted one needs to do the same also with the agent: ssh-add -e /usr/lib64/opensc-pkcs11.so ssh-add -s /usr/lib64/opensc-pkcs11.so The ssh-agent inter...

...ermitOpen Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 2525 --> https://bugzilla.mindrot.org/attachment.cgi?id=2525&action=edit Make config parser more strict to ip:port values According to manual pages above mentioned options in sshd_config accept only values in format ip:port, but parser used in code also a...

https://bugzilla.mindrot.org/show_bug.cgi?id=3202 Bug ID: 3202 Summary: Ed25519 key on HSM is not getting listed in ssh-add -l command Product: Portable OpenSSH Version: 8.2p1 Hardware: ARM64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-add

...uct: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 3198 --> https://bugzilla.mindrot.org/attachment.cgi?id=3198&action=edit possibility to order host keys in client The HostKeyAlgorithms option in the client has a difference from all the other algorithm limiting options that should be sorted according to...

...Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 2701 --> https://bugzilla.mindrot.org/attachment.cgi?id=2701&action=edit proof of concept with patch I am really wondering if nobody ever hit this issue before so I apologize that this report will be a bit longer, because I would like to express the state...

...one Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Based on the report in our bugzilla [1] (though on older version and with different use case), I can reproduce the same behaviour with two different key pairs on smartcard (opencryptoki softtoken), when only the second is accepted. This is caused by the fact, that when the public ke...

https://bugzilla.mindrot.org/show_bug.cgi?id=2652 Bug ID: 2652 Summary: PKCS11 login skipped if login required and no pin set Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: Smartcard Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2531 Bug ID: 2531 Summary: MaxSessions config parameter name is highly ambigious Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2510 Bug ID: 2510 Summary: building fail for unsupported key type Product: Portable OpenSSH Version: 7.1p1 Hardware: ix86 OS: Linux Status: NEW Severity: critical Priority: P5 Component: Build system Assignee: unassigned-bugs at

...directory Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: scp Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com This bug was created as a copy from RHBZ#1159307 (https://bugzilla.redhat.com/show_bug.cgi?id=1159307) ------------------------------------------------ Description of problem: scp -3r a:foo user at b: foo didn't exist, but scp gave no error message. (a and b are rhel7 boxen, a...

https://bugzilla.mindrot.org/show_bug.cgi?id=2187 Bug ID: 2187 Summary: ssh-add unnecessarily prompts for PKCS#11 pin when removing key Product: Portable OpenSSH Version: 6.3p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-add

https://bugzilla.mindrot.org/show_bug.cgi?id=2605 Bug ID: 2605 Summary: ssh-keyscan generates errors in /var/log/secure Product: Portable OpenSSH Version: 6.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keyscan Assignee:

...work with ssh-agent. It does not bring any new dependency, provides unit and regress tests (while fixing agent-pkcs11 regress test). The code is on github and ready for comments/reviews (some details will need to be adjusted): https://github.com/openssh/openssh-portable/compare/master...Jakuje:jjelen-pkcs11 I will fill a bugzilla later. I would be grateful for your ideas, comments or reviews for this feature. Other useful parts of RFC, that could be implemented would be a way to provide a PIN or a PIN source for the token, other ways of providing module-path (module-name). Regards, -- Ja...

...card Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Based on our investigation of Smart Cart usability with openSSH we found several minor problems that were filled in our red hat bugzilla [1]. Next is problem again with softHSM. It is hiding by default both public and private key, until you login to the card. This is not rare feature...

...ct: Portable OpenSSH Version: 8.2p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 3358 --> https://bugzilla.mindrot.org/attachment.cgi?id=3358&action=edit Mark the RDomain configuration option unsupported on non-openbsd builds Experimenting with RDomain configuration option on non-OpenBSD platform prevents sshd from accepting connectio...

https://bugzilla.mindrot.org/show_bug.cgi?id=2693 Bug ID: 2693 Summary: ssh: Include'ed host is not resolved by ssh Product: Portable OpenSSH Version: 7.4p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at