search for: modp

I apologize up-front if this is the wrong list for this question. Can OpenSSH be made to work with the MODP Groups in RFC 5114? ?The RFC itself makes a comment in section 3.4 that mentions that RFC 4419 extended the original SSH model to allow Diffie-Hellman parameters to be transmitted as part of the key exchange messages, but I'm not clear how that works with OpenSSH's moduli file. Do I add th...

...d = new Module("test", getGlobalContext()); GlobalVariable* gv = cast<GlobalVariable>(mod->getOrInsertGlobal("TestGV", Type::getInt32Ty(getGlobalContext()))); gv->setInitializer(ConstantInt::get( Type::getInt32Ty(getGlobalContext()), 24601)); ModuleProvider* modp = new ExistingModuleProvider(mod); InitializeNativeTarget(); std::string errstring; ExecutionEngine* eeng = ExecutionEngine::create(modp, false, &errstring, CodeGenOpt::Default, true); if ( eeng == NULL ) { raw_cout << errstring << "\n"; exit(-1); } raw_cout...

On Tue, Oct 6, 2009 at 5:49 PM, Reid Kleckner <rnk at mit.edu> wrote: >> Also, the null pointer is coming from a call to JCE->allocateSpace(). >> This is a virtual function; I'm trying to discover what subclass it >> is. > > So, there's JITEmitter::allocateSpace which overrides > JITCodeEmitter::allocateSpace(), but *most* of the time it just calls >

Hi, I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success. The following are configuration : racoon.conf path certificate "/usr/local/openssl/certs" ; # "log" specifies logging level. It is followed by either "notify",

Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark

> 6. When ExecutionEngine::create was called with parameter > "GVsWithCode" set to its default value of true, I got a segfault when > trying to get a pointer to one of my globals.  JIT::getMemoryForGV was > returning NULL in that case.  Explicitly passing false for > "GVsWithCode" cleared it up. That's no good. Could you send me a stack trace and explain

On 09/24/2017 12:21 AM, Mark D. Baushke wrote: > I suggest you upgrade to a more recent edition of the OpenSSH software. > The most recent release is OpenSSH 7.5 and OpenSSH 7.6 will be released > very soon. This problem is in v7.5 and v7.6. See dh.c:436. > OpenSSH 6.6 was first released on October 6, 2014. I brought up v6.6 to give an example that older clients wouldn't be

On 25 September 2017 at 02:32, Mark D. Baushke <mdb at juniper.net> wrote: > [+CC Loganaden Velvindron <logan at hackers.mu>] primary author of > the RFC 4419 refresh draft. https://datatracker.ietf.org/doc/draft-lvelvindron-curdle-dh-group-exchange/ ? Tangent: has any consideration been given to increasing the maximum allowed beyond 8192 bits (which is below the current NIST

I have a list object, in which I have stored n lme4-models. For example: library(lme4); myModels <- list(); myModels[1] <- lmer(Reaction ~ Days + (Days|Subject), sleepstudy) myModels[2] <- lmer(Reaction ~ Days + (1|Subject) + (0+Days|Subject), sleepstudy) Now I would like to perform an anova over all models in the list. However, the anova function requires that every model is inserted

...rithm in the SSHv2 RFCs[3], mostly because alternative algorithms were encumbered by patents when the SSHv2 protocol was designed and specified. Since then, the world has moved on. RSA is unencumbered and support for it is ubiquitous. ECDSA offers significant performance and security benefits over modp DSA, and EdDSA overs further performance and security improvements over both again. The only remaining use of DSA at this point should be deeply legacy devices. As such, we no longer consider the costs of maintaining DSA in OpenSSH to be justified. Moreover, we hope that OpenSSH's final remova...

...rithm in the SSHv2 RFCs[3], mostly because alternative algorithms were encumbered by patents when the SSHv2 protocol was designed and specified. Since then, the world has moved on. RSA is unencumbered and support for it is ubiquitous. ECDSA offers significant performance and security benefits over modp DSA, and EdDSA overs further performance and security improvements over both again. The only remaining use of DSA at this point should be deeply legacy devices. As such, we no longer consider the costs of maintaining DSA in OpenSSH to be justified. Moreover, we hope that OpenSSH's final remova...

Hi, You will be aware of https://weakdh.org/ by now, I presume; the take-home seems to be that 1024-bit DH primes might well be too weak. I'm wondering what (if anything!) you propose to do about this issue, and what Debian might do for our users? openssh already prefers ECDH, which must reduce the impact somewhat, although the main Windows client (PuTTY) doesn't support ECDH yet. But

...n=0 2004-07-26 16:23:15: DEBUG2: cfparse.y:1316:expand_isakmpspec(): p:1 t:1 2004-07-26 16:23:15: DEBUG2: cfparse.y:1320:expand_isakmpspec(): 3DES-CBC(5) 2004-07-26 16:23:15: DEBUG2: cfparse.y:1320:expand_isakmpspec(): MD5(1) 2004-07-26 16:23:15: DEBUG2: cfparse.y:1320:expand_isakmpspec(): 1024-bit MODP group(2) 2004-07-26 16:23:15: DEBUG2: cfparse.y:1320:expand_isakmpspec(): pre-shared key(1) 2004-07-26 16:23:15: DEBUG2: cfparse.y:1327:expand_isakmpspec(): 2004-07-26 16:23:15: DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024) 2004-07-26 16:23:15: DEBUG2: cftoken.l:207:yylex(): begin <...

...ser > administrator\@svitla3.room at SVITLA3.ROOM > lastLogonTimestamp is 132502676716079710 > sync interval is 14 > randomised sync interval is 9 (-5) > old timestamp is 132502676716079710, threshold 132495020852973370, diff > 7655863106340 > Kerberos: PK-INIT using dh rfc3526-MODP-group14 > Kerberos: AS-REQ authtime: 2020-11-19T17:14:45 starttime: unset endtime: > 2020-11-20T03:14:45 renew till: 2020-11-26T17:14:45 > Kerberos: Client supported enctypes: 12, 15, aes256-cts-hmac-sha1-96, > aes128-cts-hmac-sha1-96, arcfour-hmac-md5, 24, -135, des-cbc-md5, using >...

...if (key == NULL) { + error("do_convert_private_ssh2_to_blob: key == NULL"); + return 0; + } + buffer_init(&b); + buffer_put_int(&b, SSH_COM_PRIVATE_KEY_MAGIC); + buffer_put_int(&b, 0); + + switch (key->type) { + case KEY_DSA: + buffer_put_cstring(&b, "dl-modp{sign{dsa-nist-sha1},dh{plain}}"); + break; + case KEY_RSA: + buffer_put_cstring(&b, "if-modn{sign{rsa-pkcs1-md5}}"); + break; + default: + error("do_convert_private_ssh2_to_blob: unsupported key type %d", + key->type); + buffer_free(&b); + ret...

...dware: All OS: All Status: ASSIGNED Severity: enhancement Priority: P3 Component: ssh Assignee: dtucker at zip.com.au Reporter: dtucker at zip.com.au Blocks: 2451 The IETF ssh working group has proposed adding MODP groups 15 and 16 with SHA256 and deprecating group14-sha1 (we're already doing the latter). https://datatracker.ietf.org/doc/draft-baushke-ssh-dh-group-sha2/ Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2451 [Bug 2451] Bugs intended to be fixed in 7.2 -- You are receiving...

...01 close(3) = 0 open("var/log/daemon.log", O_RDONLY|O_LARGEFILE) = 3 fstat64(3, {st_mode=S_IFREG|0640, st_size=265082, ...}) = 0 mmap2(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb78f2000 read(3, "Oct 7 06:25:20 newsletter modpr"..., 262500) = 262500 read(3, "k7/modules.dep: No such file or "..., 2582) = 2582 select(2, NULL, [1], [1], {60, 0}) = 1 (out [1], left {60, 0}) write(1, "\374\17\0\7", 4) = 4 gettimeofday({1191827977, 789629}, NULL) = 0 select(2, NULL, [1], [1], {60, 0})...

Greetings, I got the below dmesg and the first bad commit is commit cf39c8e5352b4fb9efedfe7e9acb566a85ed847c Merge: 3398d25 23b7eaf Author: Linus Torvalds <torvalds@linux-foundation.org> Date: Wed Sep 4 17:45:39 2013 -0700 Merge tag ''stable/for-linus-3.12-rc0-tag'' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull Xen updates from Konrad