search for: key_type

...avily at all, so if the implementation above works, > lets use it. :) > > -Chris I think a better version is: template <class S1Ty, class S2Ty> void set_intersect(S1Ty &S1, const S2Ty &S2) { for (typename S1Ty::iterator I = S1.begin(); I != S1.end();) { const S1Ty::key_type &E = *I; ++I; if (!S2.count(E)) S1.erase(E); // Erase element if not in S2 } } This eliminates the use of a template templates while keeping the same flexibility. Not that I actually to compile this...

...field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); @@ -587,11 +588,14 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k) field[FLDSIZE_X / 2][FLDSIZE_Y / 2] = len - 1; field[x][y] = len; - /* fill in retval */ - snprintf(retval, FLDSIZE_X, "+--[%4s %4u]", key_type(k), key_size(k)); - p = strchr(retval, '\0'); + /* assemble key detail string */ + snprintf(key_details, FLDSIZE_X, "[%s %u]", key_type(k), key_size(k)); /* output upper border */ + *p++ = '+'; + for (i = 0; i < (FLDSIZE_X - strlen(key_details)) / 2; i++) + *p++ =...

...7:09 2003 *************** *** 183,188 **** --- 183,193 ---- debug("trying public key file %s", file); + /* log public key */ + + fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + verbose("Attempt public key authentication for %s with %s key: %s", pw->pw_name, key_type(key), fp); + /* Fail quietly if file does not exist */ if (stat(file, &st) < 0) { /* Restore the privileged uid. */ *************** *** 244,249 **** --- 249,255 ---- fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); verbose("Found matching %s key: %s",...

Just wondering is anyone can explain this code to me: Base64.encode64(@key.send("#{key_type}_encrypt", text)) I have this code the encrypts some information. This part seems to work fine. I using some software on the back end that I have written in VB to decrypt it and it seems to have issues. So I just wanted to make sure that the code i have written in Ruby does what I think it do...

...(STy::iterator I = S1.begin(), E = S1.end(); I != E; ) if (S2.count(*I)) S1.erase(*I++); else ++I; } template <class S1Ty, class S2Ty> void set_intersect(S1Ty &S1, const S2Ty &S2) { for (typename S1Ty::iterator I = S1.begin(); I != S1.end();) { const S1Ty::key_type &E = *I; ++I; if (!S2.count(E)) S1.erase(E); // Erase element if not in S2 } } --- Paolo Invernizzi

...is key. */ @@ -251,6 +251,15 @@ * otherwise continue searching. */ authenticated = 1; + if (options.log_fingerprint) { + Key *auth_key = key_new(KEY_RSA1); + auth_key->rsa->n = pk->n; + auth_key->rsa->e = pk->e; + log("Found matching %s key: %s", + key_type(auth_key), + key_fingerprint(auth_key, SSH_FP_MD5, SSH_FP_HEX)); + key_free(auth_key); + } break; } diff -ruN openssh-3.0.2p1.dist/auth2.c openssh-3.0.2p1/auth2.c --- openssh-3.0.2p1.dist/auth2.c Tue Nov 13 04:46:19 2001 +++ openssh-3.0.2p1/auth2.c Tue Dec 4 14:12:37 2001 @@ -690,8 +6...

...er_put_int(buffer, key->flags); + + switch (key->type) { + case KEY_RSA1: + case KEY_RSA: + buffer_put_key_rsa(buffer, key->rsa); + break; + case KEY_DSA: + buffer_put_key_dsa(buffer, key->dsa); + break; + default: + fatal("%s: unsupported key type (%s)", __func__, + key_type(key)); + } +} + +Key * +buffer_get_key(Buffer *buffer) +{ + Key *key; + int type, flags; + + type = buffer_get_int(buffer); + flags = buffer_get_int(buffer); + + key = key_new_private(type); + key->flags = flags; + + switch (type) { + case KEY_RSA1: + case KEY_RSA: + buffer_get_key_rsa(buffer,...

...! SSH_FP_HEX); debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); *************** *** 1204,1210 **** int have_sig = 1; char *fp; ! fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); xfree(fp); --- 1218,1225 ---- int have_sig = 1; char *fp; ! fp = key_fingerprint(id->key, FIPS_mode() ? SSH_FP_SHA1 : SSH_FP_MD5, ! SSH_FP_HEX); debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); xfree(fp...

...E; ) > if (S2.count(*I)) > S1.erase(*I++); > else > ++I; > } > > template <class S1Ty, class S2Ty> > void set_intersect(S1Ty &S1, const S2Ty &S2) { > for (typename S1Ty::iterator I = S1.begin(); I != S1.end();) { > const S1Ty::key_type &E = *I; > ++I; > if (!S2.count(E)) S1.erase(E); // Erase element if not in S2 > } > } > > --- > Paolo Invernizzi But like Alkis said we should probably just use the stl set_intersection, it runs in linear time instead of n*lg(n). > _____________________...

...: switch (key->type) { #ifdef WITH_SSH1 case KEY_RSA1: return sshkey_private_rsa1_to_blob(key, blob, passphrase, comment); #endif /* WITH_SSH1 */ but ssh-keygen.c will still include RSA1: static void do_gen_all_hostkeys(struct passwd *pw) { struct { char *key_type; char *key_type_display; char *path; } key_types[] = { { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, which leads to runtime errors like: ssh-keygen: generating new host keys: RSA1 Saving key "/etc/ssh/ssh_host_key" failed: unknown or unsupport...

...field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char)); @@ -570,11 +571,14 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k) field[FLDSIZE_X / 2][FLDSIZE_Y / 2] = len - 1; field[x][y] = len; - /* fill in retval */ - snprintf(retval, FLDSIZE_X, "+--[%4s %4u]", key_type(k), key_size(k)); - p = strchr(retval, '\0'); + /* assemble key detail string */ + snprintf(key_details, FLDSIZE_X, "[%s %u]", key_type(k), key_size(k)); /* output upper border */ + *p++ = '+'; + for (i = 0; i < (FLDSIZE_X - strlen(key_details)) / 2; i++) + *p++ =...

https://bugzilla.mindrot.org/show_bug.cgi?id=2561 Bug ID: 2561 Summary: ssh-keygen -A does not recreate broken zero-sized host keys Product: Portable OpenSSH Version: 7.2p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh-keygen

...I'm done with it. Note that it's not just the tests that need to be updated. For example, take unordered_map::at(key) definition: template <class _Key, class _Tp, class _Hash, class _Pred, class _Alloc> _Tp& unordered_map<_Key, _Tp, _Hash, _Pred, _Alloc>::at(const key_type& __k) { iterator __i = find(__k); #ifndef _LIBCPP_NO_EXCEPTIONS if (__i == end()) throw out_of_range("unordered_map::at: key not found"); #endif return __i->second; } Here the behavior is not correct w.r.t no-exceptions use case, __i == end() should...

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #34 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:24 EST --- Retarget unresolved

Hi, I don't see any way to view the details of a certificate once it is generated. Having such a capability would be very handy for debugging purposes to check what constraints, principals, and validity interval are associated with a given cert. -- Iain Morgan

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

...other to "borrow" those creds. Signed-off-by: Jeff Layton <jlayton at samba.org> commit 32238d0e8e0994b0614d31f6922c7bfa56ac74bc Author: Jeff Layton <jlayton at samba.org> Date: Tue Jan 17 16:35:50 2012 -0500 cifscreds: make cifscreds use the "logon" key_type ...and have it loosen the permissions to allow searching. There seems to be no clear way to make user keys unreadable, but still allow for them to be searched, so we'll need a new key_type that doesn't allow you to read the payload from userspace. That will be proposed...

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

...len(cp)-1] = '\0'; + log("Authorized key '%s' in %s", cp, file); debug("matching key found: file %s, line %lu", file, linenum); fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); verbose("Found matching %s key: %s", key_type(found), fp);

...ash) +print_host(FILE *f, const char *name, Key *public, int hash) { if (hash && (name = host_hash(name, NULL, 0)) == NULL) fatal("hash_host failed"); @@ -726,7 +726,7 @@ printf("# Host %s found: " "line %d type %s\n", name, num, key_type(public)); - print_host(out, cp, public, hash_hosts); + print_host(out, name, public, hash_hosts); } if (delete_host && !c) print_host(out, cp, public, 0);