search for: key_types

On Tue, 12 Oct 2004 14:01:21 -0500 (CDT) Chris Lattner <sabre at nondot.org> wrote: > On Tue, 12 Oct 2004, Morten Ofstad wrote: > > > This is my first post on this mailing list, so bear with me... My name > > is Morten Ofstad and I work for Hue AS (www.hue.no), a company that > > makes 3D Visualization software. We are looking into using LLVM for JIT > >

Key types are getting longer and the current implementation of visual host key breaks with ED25519, resulting in (note the missing bracket): +--[ED25519 256--+ This reworks the calculation of visual host key upper border. Please be aware that this slightly modifies the output for other key types as well: +--[ DSA 1024]----+ +---[DSA 1024]----+ +--[ RSA 2048]----+ +---[RSA 2048]----+

Hi, during our usual work I found it anoying that one can not easily see who logged in using public key authentication. In newer versions of SSH the fingerprint of the public key gets logged, but who can tell which key belongs to whom from his head? So I wrote a little ad-hoc patch (vs. 3.5.p1) so that the comment field on the keys in the authorized_keys[2] files get logged to make life

Just wondering is anyone can explain this code to me: Base64.encode64(@key.send("#{key_type}_encrypt", text)) I have this code the encrypts some information. This part seems to work fine. I using some software on the back end that I have written in VB to decrypt it and it seems to have issues. So I just wanted to make sure that the code i have written in Ruby does what I think it does,

Both are working well on VC. Just tested. template<class STy> void set_intersect(STy &S1, const STy &S2) { for(STy::iterator I = S1.begin(), E = S1.end(); I != E; ) if (S2.count(*I)) S1.erase(*I++); else ++I; } template <class S1Ty, class S2Ty> void set_intersect(S1Ty &S1, const S2Ty &S2) { for (typename S1Ty::iterator I = S1.begin(); I !=

This patch is against 3.0.2p1. It produces output like the first line in the example below for both v1 and v2 logins. Logging is turned on by sticking ``LogFingerprint yes'' in sshd_conf. It would be nice if something like this would make it into OpenSSH. Dec 4 14:21:09 lizzy.bugworks.com sshd[7774]: [ID 800047 auth.info] Found matching RSA1 key:

Hello all, I recently found myself wanting to run sshd with passphrase-protected host keys rather than the usual unencrypted format, and was somewhat surprised to discover that sshd did not support this. I'm not sure if there's any particular reason for that, but I've developed the below patch (relative to current CVS at time of writing) that implements this. It prompts for the

The patch to enable FIPS mode for openssh 6.0p1 missed two instances of the ssh client trying to use MD5. It causes pubkey-based authentication to fail in FIPS mode. I have copied the missing changes from auth2-pubkey.c into sshconnect2.c. Here is a patch: diff -cr openssh-6.0p1/sshconnect2.c openssh-6.0p1-patched/sshconnect2.c *** openssh-6.0p1/sshconnect2.c Sun May 29 07:42:34 2011 ---

----- Original Message ----- From: "Paolo Invernizzi" <arathorn at fastwebnet.it> To: "LLVM Developers Mailing List" <llvmdev at cs.uiuc.edu> Sent: Wednesday, October 13, 2004 3:12 AM Subject: Re: [LLVMdev] set_intersect and Visual C compiler > Both are working well on VC. Just tested. > > template<class STy> > void set_intersect(STy &S1,

...return sshkey_private_rsa1_to_blob(key, blob, passphrase, comment); #endif /* WITH_SSH1 */ but ssh-keygen.c will still include RSA1: static void do_gen_all_hostkeys(struct passwd *pw) { struct { char *key_type; char *key_type_display; char *path; } key_types[] = { { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, which leads to runtime errors like: ssh-keygen: generating new host keys: RSA1 Saving key "/etc/ssh/ssh_host_key" failed: unknown or unsupported key type -- You are receiving this mail because: You are watchin...

Key types are getting longer and the current implementation of visual host key breaks with ED25519, resulting in (note the missing bracket): +--[ED25519 256--+ This reworks the calculation of visual host key upper border. Please be aware that this may change the output for other key types as well. --- key.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/key.c

https://bugzilla.mindrot.org/show_bug.cgi?id=2561 Bug ID: 2561 Summary: ssh-keygen -A does not recreate broken zero-sized host keys Product: Portable OpenSSH Version: 7.2p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh-keygen

Hi All, libcxx is fairly well designed to work in a no-exceptions environment, with most of the sources diligently using the _LIBCPP_NO_EXCEPTIONS macro. However, it seems to have bit-rotted a bit and could use some TLC right now. A no-exceptions variety of libcxx would be quite useful when you want to use all of libcxx goodness without the overhead of exceptions (especially in embedded

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1930 --- Comment #34 from Damien Miller <djm at mindrot.org> 2011-09-06 10:34:24 EST --- Retarget unresolved

Hi, I don't see any way to view the details of a certificate once it is generated. Having such a capability would be very handy for debugging purposes to check what constraints, principals, and validity interval are associated with a given cert. -- Iain Morgan

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 With the overhaul of the cifscreds utility, I figured this would be a good time to do a new release. Highlights: * admins can now tell cifs.upcall to use an alternate krb5.conf file * on remount, mount.cifs no longer adds a duplicate mtab entry * the cifscreds utility has seen a major overhaul to allow for multiuser mounts without krb5 auth

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

In order to comply with our internal security guidelines, we created a patch on top of openssh-3.6.1p2. With that patch, if sshd sets up a session based on key authentication, it logs to syslog which one of the keys in authorized_keys or authorized_keys2 is actually being used. The patch logs the key comment (typically the key owner's email address) as well as the name of the file containing

hi, the corner case of '-HF' hashes the whole hostline and not just the host xor IP address which means that usually it will hash "HOST,IP". This will never be matched if manually included into the known_host file. Patch against 4.7p1 attached. J. -- Jan Pechanec -------------- next part -------------- --- openssh-4.7p1/ssh-keygen.c Mon Feb 19 12:10:25 2007 +++