search for: kdf

Displaying 20 results from an estimated 20 matches for "kdf".

Did you mean: df
2012 Aug 30
2
Shell access to SSH KDF
Hi everyone. I'm currently running through FIPS validation, and this year CAVP requires KDF tests for SSH. I'm running OpenSSH v5.6p1 and I see that the 6 keys that I need are derived in kex_derived_keys in kex.c. However, I don't yet see any way for me to access this function from an existing command line tool, being able to pass in K, H, and the session_id from the test vector...
2014 Apr 02
1
Openssh KDF testing
Hello Everyone, I am writing code to test derive_keys functionality. The function signature is: static u_char * derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, BIGNUM *shared_secret) Now, the input which is provided to us is K(share_secret) as an array of characters. H(Hash) as an array of characters. Session_id as an array of characters Now, first I converted hash
2014 Mar 03
6
[Bug 2207] New: Potential NULL deference, found using coverity
...signed-bugs at mindrot.org Reporter: arthurmesh at gmail.com This defect was found on OpenSSH 6.5; however, it appears that code in question has not changed between 6.5 and openssh-SNAP-20140204.tar.gz. Thoughts: while reading the code -- this caught attention: authfile.c: 279 kdfname = buffer_get_cstring_ret(&copy, NULL); 280 if (kdfname == NULL || 281 (!strcmp(kdfname, "none") && !strcmp(kdfname, "bcrypt"))) { 282 error("%s: unknown kdf name", __func__); 283 goto out; 284...
2013 May 23
1
Time for key stretching in encrypted private keys?
...i?id=1550) the motivation for this being that 128-bits of security is better than the 112 or so you get from 3DES these days. Interestingly that bug is about upgrading to AES-256, but we ended up with AES-128. Presumably due to the Solaris crippling? However ssh-keygen still uses a relatively weak KDF of MD5(IV[:8] . PWORD) which makes dictionary attacks quite feasible and means you need a much longer password to mitigate them. Seems like it might be useful if OpenSSH at least had the option of using an encoding with some decent key stretching to me. Is there any good reason not to, and to not h...
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
...EOF +?? ?if [ -z "$secret" -o "$format" = "PEM" ]; then +?? ??? ?# For PEM format, passphrase is not detected yet, should be fixed in ssh-keygen +?? ??? ?echo "no passphrase" >> $exp +?? ?else +?? ??? ?cat >> $exp << EOF +cipher: aes256-ctr +kdf: bcrypt +rounds: $rounds +EOF +?? ?fi + +?? ?if ! ${SSHKEYGEN} -yv -P "${secret}" -f $file > $OBJ/$t-pub ; then +?? ??? ?fail "ssh-keygen -y failed for $t-key" +?? ?fi +?? ?if ! sed '1 s/[^ ]* [^ ]* \?//' $OBJ/$t-pub > $OBJ/$t-tmp ; then +?? ??? ?fail "sed fai...
2023 Jul 31
5
Call for testing: OpenSSH 9.4
...cept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. * ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. Bugfixes -------- * ssh-agent(1): improve isolation between loaded PKCS#11 modules by running seperate ssh-pkcs11-helpers for each loaded provider. * ssh(1): make -f (fork after authentication) work corre...
2024 May 16
1
PEM_write_ed25519
For no particular reason, i'm looking to convert my ed25519 private key to pem. A user on stackoverflow suggested running `ssh-keygen -p -f path/to/your/key -m pem` [^1], which errors, printing `do_convert_to_pem: unsupported key type ED25519`. Looking at the corresponding line in source, it seems that only RSA, DSA, & ECDSA keys can be converted to pem.[^2] With new keys defaulting
2004 Aug 23
1
Update -> Someone with "Access Denied" from Windows plstry this test to compare notes with me
...t;If we're adding to the noise, turn off this song"--Switchfoot (2003) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBKjsSIR7qMdg1EfYRAs/AAKCo1kF/RCje6ETuq75aWprf2aZ8ZACfb2WV o8NuRucRR67ctLFJg5TP6pU= =/KDF -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
2015 Jul 29
0
Fedora change that will probably affect RHEL
.../sec, allowing a 9-character random password to survive a million years of constant attack. Offline is an entirely separate matter, and is already addressed by /etc/shadow salting and hashing in CentOS. We know how to make it even stronger if the threat requires it: move to OTP keys, use a better KDF than SHA512, etc. > I just fired my ISP because of the asininity of setting a 180 > compulsory expiration on passwords. Good for you. Password expiration is silly. A good strong password should last years under any reasonable threat. But we?ve not been talking about password expiration h...
2023 Aug 10
1
Announce: OpenSSH 9.4 released
...cept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. * ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. Bugfixes -------- * ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider. * ssh(1): make -f (fork after authentication) work corre...
2023 Aug 09
1
Call for testing: OpenSSH 9.4
...quences: %D which expands to > the routing domain of the connected session and %C which expands > to the addresses and port numbers for the source and destination > of the connection. > > * ssh-keygen(1): increase the default work factor (rounds) for the > bcrypt KDF used to derive symmetric encryption keys for passphrase > protected key files by 50%. > > Bugfixes > -------- > > * ssh-agent(1): improve isolation between loaded PKCS#11 modules > by running seperate ssh-pkcs11-helpers for each loaded provider. > > * ssh(1):...
2014 Jan 30
0
Announce: OpenSSH 6.5 released
...r support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. * Add a new private key format that uses a bcrypt KDF to better protect keys at rest. This format is used unconditionally for Ed25519 keys, but may be requested when generating or saving existing keys of other types via the -o ssh-keygen(1) option. We intend to make the new format the default in the near future. Details of the new forma...
2015 Jul 30
2
Fedora change that will probably affect RHEL
On Thu, Jul 30, 2015 at 12:20 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 29, 2015, at 5:40 PM, Chris Murphy <lists at colorremedies.com> wrote: >> >> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: >> >>> Security is *always* opposed to convenience. >> >> False. OS X by default runs only signed
2014 Jan 30
1
Announce: OpenSSH 6.5 released
...r support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. * Add a new private key format that uses a bcrypt KDF to better protect keys at rest. This format is used unconditionally for Ed25519 keys, but may be requested when generating or saving existing keys of other types via the -o ssh-keygen(1) option. We intend to make the new format the default in the near future. Details of the new forma...
2005 Dec 20
7
wrong id for activerecord object when using :joins in mysql
I''m using a find with a :joins clause, like this: :joins => "JOIN table_b ON table_b.id=table_b_id" The records returned are used in a scaffold generated list page. The edit, show, and destroy links are getting the wrong id. They are getting the id of the table b record. When I run the query using mysql, I see that the query returns *2* id columns, the id of the main
2024 Jul 08
0
[Announce] GnuPG 2.5.0 released for public testing
...agent: Consider an empty pattern file as valid. [rGc27534de95] * agent: Fix error handling of READKEY. [T6012] * agent: Avoid random errors when storing key in ephemeral mode. [T7129, rGfdc5003956] * agent: Make "SCD DEVINFO --watch" more robust. [T7151] * scd: Improve KDF data object handling for OpenPGP cards. [T7058] * scd: Avoid buffer overrun with more than 16 PC/SC readers. [T7129, rG4c1b007035] * scd: Fix how the scdaemon on its pipe connection finishes. [T7160] * gpgconf: Check readability of some files with -X and change its output form...
2015 Jul 29
5
Fedora change that will probably affect RHEL
On Wed, Jul 29, 2015 at 2:15 PM, Warren Young <wyml at etr-usa.com> wrote: > Just because one particular method of prophylaxis fails to protect against all threats doesn?t mean we should stop using it, or increase its strength. Actually it does.There is no more obvious head butting than with strong passwords vs usability. Strong login passwords and usability are diametrically opposed.
2014 Jan 17
15
Call for testing: OpenSSH-6.5
...r support it. * ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. * Add a new private key format that uses a bcrypt KDF to better protect keys at rest. This format is used unconditionally for Ed25519 keys, but may be requested when generating or saving existing keys of other types via the -o ssh-keygen(1) option. We intend to make the new format the default in the near future. Details of the new forma...
2012 Jun 08
13
Default password hash
We still have MD5 as our default password hash, even though known-hash attacks against MD5 are relatively easy these days. We've supported SHA256 and SHA512 for many years now, so how about making SHA512 the default instead of MD5, like on most Linux distributions? Index: etc/login.conf =================================================================== --- etc/login.conf (revision
2009 Jul 23
1
[PATCH server] changes required for fedora rawhide inclusion.
...RvwT_t9j at n|WcBXG8I-Odz{fbcAU%%fDfdC?is353l!Y2E^2(s_HnHiEGi|oiE zh$0Ar<o`MMEi-{=`~Ci_oV at q$J@?#mw{y=qcbQDI12i8bD*Oio>IjLZ`9>IwBJ_b_ zB6Oq}S3ZO$9+)CR-WDN^M94<Tol at SBRJ3?w3KeYrGAZWAcO_ZR%KjZmYNb>wjPp|d zIE(Wd2!S3#n&#dLNm><ADZ97=g~iI7oqsJld|pKJ=b;=h9^$-1DJNYl8R7nEbQwU+ z3KdFIvsHC<N#s3Bl2LQ7Vm>HhHBhc7FBROOv*!22Tp69NR~0m;b|Hp))Fe^sIq1B_ zU2`923<+`{BqmZW53036o}G^b!3}am^>2`+=thW*heVGr?ix{v$9%z~DtM%fMAQl; z1=`JK*44EIU++l at 3jZPsUtX%Buo}SAWWJzzsk|mxSkTE9qcik!WNm)Q{WEo`M=2&3 z^OW<>(S<oQ3RKA~T`sQ)whq1~CH)w5LJzD><wHG9-3J*=nh$0}Wd6R?C^st`+EZuB z6`...