search for: ocipher

Using stock OpenSSH 4.7 I found different behavior when trying to specify the use of the 'none' cipher depending on the command line option nomenclature. This is under linux 2.6.19-web100 using -ocipher=none [root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S /home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb rapier at localhost:/dev/null rapier at localhost's password: 2gb 3% 74MB 32.7MB/s 01:00 ETA using -cnone [root at delta openssh-4.7p1-hpnv19]# /...

Hello All, As the release notes of SSH-4.7 version says that a new MAC algorithm (UMAC-64 - RFC4418) was introduced with OpenSSH-4.7 which gives much better performance, I was tempted to check out the enhanced speed provided with new version. So I downloaded OpenSSH-5.1p1 and build it on Solaris 10 with Sun Compiler CC. My test setup:- 1. Two Sunfire 440 with 2 CPU (1281 MHz) and 4GB RAM. 2.

...Format of the configuration file: *************** *** 107,113 **** oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, ! oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias } OpCodes; --- 108,114 ---- oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictH...

...glemail.com --- Comment #11 from Bert Wesarg <Bert.Wesarg at googlemail.com> --- --- a/readconf.c +++ b/readconf.c @@ -130,6 +130,9 @@ typedef enum { oPasswordAuthentication, oRSAAuthentication, oChallengeResponseAuthentication, oXAuthLocation, oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, +#ifdef SCTP + oTransport, +#endif oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, @@ -198,6 +201,9 @@ stat...

...fix up missed diff hunks (mainly RCS idents) diff -u --recursive openssh-2.3.0p1/readconf.c openssh-2.3.0p1-new/readconf.c --- openssh-2.3.0p1/readconf.c Sat Oct 14 01:23:12 2000 +++ openssh-2.3.0p1-new/readconf.c Mon Nov 13 11:06:57 2000 @@ -98,7 +98,7 @@ #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, - oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, + oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oRetryDelay, oBatchMode, oCheckHostIP, oStrictHostKeyChecking...

...ughts? Ian Turner -------------- next part -------------- diff -Naur openssh-2.1.0p3/readconf.c openssh-2.1.0p3-new/readconf.c --- openssh-2.1.0p3/readconf.c Mon May 29 20:44:53 2000 +++ openssh-2.1.0p3-new/readconf.c Mon Jun 5 19:06:58 2000 @@ -102,9 +102,10 @@ oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, - oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, - oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTIS...

...dconf.c +++ b/readconf.c @@ -156,7 +156,7 @@ typedef enum { oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, oTCPKeepAlive, oNumberOfPasswordPrompts, - oLogFacility, oLogLevel, oLogVerbose, oCiphers, oMacs, + oLogFacility, oLogLevel, oLogPath, oLogVerbose, oCiphers, oMacs, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, @@ -271,6 +271,7 @@ static str...

On 2019-10-16 08:07, Nico Kadel-Garcia wrote: > > stunnel? https://www.stunnel.org/static/stunnel.html ? > stunnel doesn?t support multiplexing. As I mentioned in another email, my connection may not be over a network at all ? it may be over a serial line, Xen vchan, or other such stream. Using a full VPN is overkill here. The HPN patches for OpenSSH are the closest to a solution I

...//www.packetdesign.com -------------- next part -------------- diff -ur -x CVS /usr/src/crypto/openssh/readconf.c src/readconf.c --- /usr/src/crypto/openssh/readconf.c Thu Sep 27 18:33:34 2001 +++ src/readconf.c Wed Jul 17 16:14:44 2002 @@ -108,6 +108,7 @@ #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, + oProxyServer, oProxyPort, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, oCompressionLevel, oKeepAlives, oN...

...==================================================================== *** ../../openssh-2.5.1p2/readconf.c Wed Feb 14 22:02:00 2001 --- readconf.c Wed Mar 7 00:59:44 2001 *************** *** 109,115 **** oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, ! oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias } OpCodes; /* Textual representations of the tokens. */ --- 109,116 ---- oCompressionLevel, oKeepAlives, oNumberOfPasswordPro...

Hi, OpenSSH 6.5 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is

I think we are not detecting and setting endianness properly for rijndael.c. Can someone on a big endian machine do a "ssh -2 -oCiphers=rijndael128-cbc littleendianmachine" and vice versa? -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer ---------- Forwarded message ---------- Date: Mon, 26 Feb 2...

...oPort: intptr = &options->port; parse_int: - cp = strtok(NULL, WHITESPACE); + cp = strtok(NULL, WHITESPACE_EQ); if (!cp) fatal("%.200s line %d: Missing argument.", filename, linenum); if (cp[0] < '0' || cp[0] > '9') @@ -434,7 +435,7 @@ case oCipher: intptr = &options->cipher; - cp = strtok(NULL, WHITESPACE); + cp = strtok(NULL, WHITESPACE_EQ); value = cipher_number(cp); if (value == -1) fatal("%.200s line %d: Bad cipher '%s'.", @@ -445,7 +446,7 @@ case oLogLevel: intptr = (int *) &options-&gt...

...01 at openssh.com So I found the unit file for sshd that refers to /etc/crypto-policies/back-ends/opensshserver.config In the mean time I was able to reach my target going and editing the /etc/sysconfig/sshd file adding the whole line obtained from the above and adding ssh-dss CRYPTO_POLICY='-oCiphers=aes256-gcm at openssh.com, chacha20-poly1305 at openssh.com,aes256-ctr,aes256-cbc,aes128-gcm at openssh.com,aes128-ctr,aes128-cbc -oMACs=hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com, umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com ,hmac-sha2-256,hmac-sha1,umac-128 at...

...= none */ Index: readconf.c --- openssh-3.8p1.orig/readconf.c (.../.transvn:beginning) (revision 25) +++ openssh-3.8p1/readconf.c (revision 25) @@ -93,7 +93,8 @@ oPasswordAuthentication, oRSAAuthentication, oChallengeResponseAuthentication, oXAuthLocation, oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, - oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, + oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, + oOpenCommand, oCloseCommand, oProxyCommand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, o...

...connection unexpectedly closed (147189 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(342) rsync: connection unexpectedly closed (701 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(342) Running rsync with: SSH='ssh -oCipher=blowfish-cbc' rsync -azq -e "${SSH}" --timeout=60 host:/dir/ /localdir/ Here's the end of a truss on the remote side: 8050: write(1, "FC0F\007E3 ~ { z z sFADD".., 4096) = 4096 8050: time() = 1097834603 8050: poll(0xFFBE6...

...mmand, oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, - oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, + oCompressionLevel, oKeepAlives, oIdle, oNumberOfPasswordPrompts, oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, @@ -178,6 +178,7 @@ { "compression", oCompression }, { "compressionlevel", oCompressionLevel }, { "keepal...

...SG_NONE packets to keep + * firewall connections from + * timing out */ LogLevel log_level; /* Level for logging. */ int port; /* Port to connect. */ --- readconf.c 2001/03/11 01:49:20 1.40 +++ readconf.c 2001/03/14 19:11:15 @@ -110,7 +110,7 @@ oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, - oPreferredAuthentications + oPreferredAuthentications,oNoopMsgFrequency } OpCodes; /* Textual representations of the tokens. */ @@...

...the unit file for sshd that refers > to /etc/crypto-policies/back-ends/opensshserver.config > In the mean time I was able to reach my target going and editing the > /etc/sysconfig/sshd file adding the whole line obtained from the above and > adding ssh-dss > > CRYPTO_POLICY='-oCiphers=aes256-gcm at openssh.com, > chacha20-poly1305 at openssh.com,aes256-ctr,aes256-cbc,aes128-gcm at openssh.com,aes128-ctr,aes128-cbc > -oMACs=hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com, > umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com > ,hmac-sha2-256,hm...

...:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activat ion --syslog-only root 37 0.0 0.0 368376 7076 ? Ssl Oct06 0:03 /usr/sbin/NetworkManager --no-daemon root 42 0.0 0.0 78536 4124 ? Ss Oct06 0:00 /usr/sbin/sshd -D -oCiphers=aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256 -ctr,aes256-cbc,aes128-gcm at openssh.com,aes128-ctr,aes128-cbc -oMACs=hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac- sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at o...