Displaying 20 results from an estimated 32 matches for "keyped".
Did you mean:
keyed
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
Remove sshkey_load_private(), as this function's role
is similar to sshkey_load_private_type().
---
Dependency:
This change depends over recently merged change in openbsd:
https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0
Change log:
v1->v2
- Remove declaration of sshkey_load_private() in authfile.h
authfile.c | 38
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
Add private key protection information extraction to shh-keygen using -v
option on top of -y option which is already parsing the private key.
Technically, the passphrase isn't necessary to do this, but it is the
most logical thing to do for me.
Adding this to -l option is not appropriate because fingerprinting is
using the .pub file when available.
An other idea is to add a new option, I
2019 Sep 10
3
[Bug 3068] New: Duplicate code in sshkey_load_private() function
https://bugzilla.mindrot.org/show_bug.cgi?id=3068
Bug ID: 3068
Summary: Duplicate code in sshkey_load_private() function
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee:
2016 Feb 17
2
Call for testing: OpenSSH 7.2
On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote:
> > I need to make these error messages more user-friendly :(
> >
> > -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the
> > key for some reason. I'll make a patch to improve the error message,
> > but in the meantime you could probably figure out the exact failure
> > using
2016 Feb 17
4
Call for testing: OpenSSH 7.2
On Wed, Feb 17, 2016 at 3:51 AM, Hisashi T Fujinaka <htodd at twofifty.com> wrote:
> Sorry, I haven't been paying too much attention here, but I'm having
> repeated failures when I tried this morning.
>
> NetBSD-current:
> test_sshkey: ..................................[1] Segmentation fault
> (core dumped) ${V} /home/htodd...
> *** Error code 139
did it
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2020 Apr 15
2
[PATCH] regression of comment extraction in private key file without passphrase
Hello,
In one recent change
(https://anongit.mindrot.org/openssh.git/commit/?id=2b13d3934d5803703c04803ca3a93078ecb5b715),
I noticed a regression.
If ssh-keygen is given a private file without passphrase and without the
corresponding .pub file, I doesn't extract the comment after the commit,
while it did before:
Before the commit:
$ ./ssh-keygen -q -t dsa -N '' -C foobar -f
2016 Jul 22
18
Call for testing: OpenSSH 7.3
Hi,
OpenSSH 5.3 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This release contains some
substantial new features and a number of bugfixes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is
2020 Jul 14
7
[Bug 3192] New: openssh-8.2 & openssl-1.1.1d error: dereferencing pointer to incomplete type Not found struct BIO , bio->num_write
https://bugzilla.mindrot.org/show_bug.cgi?id=3192
Bug ID: 3192
Summary: openssh-8.2 & openssl-1.1.1d error: dereferencing
pointer to incomplete type Not found struct BIO ,
bio->num_write
Product: Portable OpenSSH
Version: 8.2p1
Hardware: Other
OS: Linux
Status: NEW
2020 Jul 02
8
[Bug 3190] New: Inconsistent handling of private keys without accompanying public keys
https://bugzilla.mindrot.org/show_bug.cgi?id=3190
Bug ID: 3190
Summary: Inconsistent handling of private keys without
accompanying public keys
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2016 Nov 16
3
[PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
Some HSM's such as Safenet Network HSM do not allow searching for keys
unauthenticated. To support such devices provide a mechanism for users
to provide a pin code that is always used to automatically log in to
the HSM when using PKCS11.
The pin code is read from a file specified by the environment variable
SSH_PKCS11_PINFILE if it is set.
Tested against Safenet Network HSM.
---
2005 Aug 16
2
SIP "agent" phone w/ headset
I have a call center where we're looking at converting it from a
traditional PBX w/ digital phone "agent" sets (keyless phones) that have
headsets to a SIP based environment.
I am having trouble finding anything on the market that resembles this
in the VoIP world.
For reference, we're currently using Inter-Tel Agent Sets, which are
basically a digital phone with out any keypad,
2016 Nov 16
2
[PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
I find this approach very bad in general.?
PKCS#11 standard says that *private* keys should not be accessible without authentication. *Public* keys and certificates of course can and should be accessible with no authentication.
SoftHSM misinterpreted this originally (older pkcs11 documents were less clear :), but they rectified this mistake. We should not repeat it.?
2017 Sep 22
2
Call for testing: OpenSSH 7.6
On Thu, Sep 21, 2017 at 02:22:10AM -0500, Zev Weiss wrote:
> test_kex: regress/unittests/kex/test_kex.c:91 test #1 "sshkey_generate"
> ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0) failed:
> sshkey_generate(keytype, bits, &private) = -56
That error code is:
$ grep -- -56 ssherr.h
#define SSH_ERR_KEY_LENGTH -56
Unfortunately there's lots of
2020 Sep 04
3
Incomplete attestation data for FIDO2 SKs?
I was recently looking at verifying the attestation data
(ssh-sk-attest-v00) for a SK key, but I believe the data saved in this
structure is insufficient for completing verification of the attestation.
While the structure has enough information for U2F devices, FIDO2 devices
sign their attestation over a richer "authData" blob [1] (concatenated with
the challenge hash). The authData blob
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list,
I have no idea if Damien Miller had the time to work on that.
I have an initial patch to authenticate using PKCS#11 and ECDSA keys.
This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the
required interfaces to override the signature function pointer for ECDSA.
The only limitation is that the OpenSSL API misses some cleanup function
(finish, for instance), hence I have yet
2017 Oct 11
1
[PATCH v1 01/27] x86/crypto: Adapt assembly for PIE support
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.
Signed-off-by: Thomas Garnier <thgarnie at google.com>
---
arch/x86/crypto/aes-x86_64-asm_64.S | 45 ++++++++-----
arch/x86/crypto/aesni-intel_asm.S
2017 Sep 21
19
Call for testing: OpenSSH 7.6
Hi,
OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2020 Jun 16
0
[PATCH v5 2/2] mm, treewide: Rename kzfree() to kfree_sensitive()
As said by Linus:
A symmetric naming is only helpful if it implies symmetries in use.
Otherwise it's actively misleading.
In "kzalloc()", the z is meaningful and an important part of what the
caller wants.
In "kzfree()", the z is actively detrimental, because maybe in the
future we really _might_ want to use that "memfill(0xdeadbeef)" or
2020 Apr 13
0
[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()
As said by Linus:
A symmetric naming is only helpful if it implies symmetries in use.
Otherwise it's actively misleading.
In "kzalloc()", the z is meaningful and an important part of what the
caller wants.
In "kzfree()", the z is actively detrimental, because maybe in the
future we really _might_ want to use that "memfill(0xdeadbeef)" or