search for: ohostkeyalgorithms

...000 +0100 +++ b/readconf.c 2009-07-09 18:24:09.000000000 +0200 @@ -123,7 +123,7 @@ oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, + oHostKeyAlgorithms, oBindAddress, oBindPort, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -205,6 +205,...

https://bugzilla.mindrot.org/show_bug.cgi?id=2924 Bug ID: 2924 Summary: Order a limited host keys list in client based on the known hosts Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority:

...37 2001 +++ openssh-2.9p1S/readconf.c Thu May 17 19:23:52 2001 @@ -111,7 +111,7 @@ oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms + oHostKeyAlgorithms, oSleep } OpCodes; /* Textual representations of the tokens. */ @@ -177,6 +177,7 @@ { "dynamicforward", oDynamicForward }, { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, + { "s...

.../readconf.c 2011-07-17 20:57:52.385044096 +0100 @@ -125,7 +125,7 @@ typedef enum { oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, + oHostKeyAlgorithms, oBindAddress, oBindPort, oPKCS11Provider, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -210,6 +210,7...

...t key" shouldn't appear changed; it didn't know anything about it at all. In fact, the actual RSA key on the server never changed. What changed was the type of key offered by the server. I think the error message should reflect that. To reproduce, run /usr/sbin/sshd -ddd -p 23 -oHostKeyAlgorithms=ecdsa-sha2-nistp256 Connect to let ssh remember the key, then run /usr/sbin/sshd -ddd -p 23 -oHostKeyAlgorithms=rsa-sha2-256 Connect again and observe the error -- You are receiving this mail because: You are watching the assignee of the bug.

...emote server. But the question is I don't know how to check the ssh tunnel status. Is there a way to show whether the ssh tunnel is up? Thank you for your help. *"ssh -i /root/ah_rsa -oUserKnownHostsFile=/root/hosts -oStrictHostKeyChecking=yes -oNumberOfPasswordPrompts=0 -oBatchMode=yes -oHostKeyAlgorithms=ssh-rsa -R 20001:localhost:22 user at xxx.xxx.xxx.xxx -p 13422 -Nyv"* Best Regard, Vincent

In the changelog, there is an entry: 20001129 - (djm) Back out all the serverloop.c hacks. sshd will now hang again if there are background children with open fds. Does this mean that this is regarded as expected (and correct) behavior, that should not change in the future, or does it mean that this behavior is a known problem that someone will eventually fix? --Adam -- Adam McKenna

...++ openssh-2.9p2.servalive/readconf.c Wed Sep 26 10:14:25 2001 @@ -111,7 +111,7 @@ oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms + oHostKeyAlgorithms, oBogusTrafficIntervalMax, oBogusTrafficIntervalMin } OpCodes; /* Textual representations of the tokens. */ @@ -172,6 +172,8 @@ { "compression", oCompression }, { "compressionlevel", oCompressionLevel }, { "keepalive", oKeepAlives }, + {...

...stp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL+Lcu52+K6lal94JOmPItpyMiqL57VrWZ1fmX9ntom+RiJahg8dRMR8dCxtUdo8782LwbH0uYWj/iaGh4DMJRg= # localhost:23 SSH-2.0-OpenSSH_8.4 # localhost:23 SSH-2.0-OpenSSH_8.4 # localhost:23 SSH-2.0-OpenSSH_8.4 $ ssh user at localhost -p 23 -oHostKeyAlgorithms=ecdsa-sha2-nistp256 The authenticity of host '[localhost]:23 ([127.0.0.1]:23)' can't be established. ECDSA key fingerprint is SHA256:TsMF+1PrXvdV9XNfrN3oYMvlL6sUc4koxtX8JekLBIY. Are you sure you want to continue connecting (yes/no/[fingerprint])? ^C $ ssh user at localho...

...14:11:37 2001 +++ openssh/readconf.c Wed Jun 6 14:38:23 2001 @@ -111,7 +111,7 @@ oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms + oHostKeyAlgorithms, oSNKFile } OpCodes; /* Textual representations of the tokens. */ @@ -177,6 +177,7 @@ { "dynamicforward", oDynamicForward }, { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, + { &quot...

...1- -oKexAlgorithms= curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=rsa-sha2-256,ecdsa-sha2-nistp256, ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384, ecdsa-sha2-nistp384-cert-v01 at openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521, ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519, ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-rsa-cert-v01 at o...

...t -------------- --- openssh-3.2.2p1/readconf.c.ORIG Tue Feb 5 02:26:35 2002 +++ openssh-3.2.2p1/readconf.c Tue May 21 15:40:06 2002 @@ -115,7 +115,8 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oConnectTimeout } OpCodes; /* Textual representations of the tokens. */ @@ -187,6 +188,7 @@ { "smartcarddevice", oSmartcardDevice }...

On 2020-02-05 at 20:39 -0500, Phil Pennock wrote: > On 2020-02-06 at 10:29 +1100, Damien Miller wrote: > > OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a feature release. > > > * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These > This actually affects me:

...#ifdef HAVE_LIMITS_H # include <limits.h> --- readconf.c.OK Wed Oct 3 19:39:39 2001 +++ readconf.c Sat Jan 26 21:44:35 2002 @@ -115,7 +115,8 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oConnectTimeout } OpCodes; /* Textual representations of the tokens. */ @@ -187,6 +188,7 @@ { "smartcarddevice", oSmartcardDevice...

...or user to disable the warning. - Morty diff -Nur openssh-3.7.1p2/readconf.c openssh-3.7.1p2-serverlieswarning/readconf.c --- openssh-3.7.1p2/readconf.c 2003-09-02 08:58:22.000000000 -0400 +++ openssh-3.7.1p2-serverlieswarning/readconf.c 2003-11-04 02:32:50.000000000 -0500 @@ -104,7 +104,7 @@ oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, - oAddressFamily, oGssAuthentication, oGssDelegateCreds, + oAddressFamily, oGssAuthentication, oGssDelegateCreds, oServerLiesWarning, o...

...gorithms= > curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 > -oHostKeyAlgorithms=rsa-sha2-256,ecdsa-sha2-nistp256, > ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384, > ecdsa-sha2-nistp384-cert-v01 at openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521, > ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519, > ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,s...

For systems where the local hostname is obtained as a short name without domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x from ssh.com. For the server, there might be a corresponding option in order to strip the domain name from the remote client name (if it matches the server's DefaultDomain) for use in auth_rhost2, since netgroups usually contain short

...<limits.h> --- openssh-3.0.1p1/readconf.c.ORIG Sat Nov 17 22:49:09 2001 +++ openssh-3.0.1p1/readconf.c Sat Nov 17 22:49:47 2001 @@ -115,7 +115,8 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oConnectTimeout } OpCodes; /* Textual representations of the tokens. */ @@ -187,6 +188,7 @@ { "smartcarddevice", oSmartcardDevice...

...drot.org/show_bug.cgi?id=207 for detailled info. -------------- next part -------------- --- openssh-3.6.1p1/readconf.c.ORIG Tue Apr 15 23:06:30 2003 +++ openssh-3.6.1p1/readconf.c Tue Apr 15 23:09:43 2003 @@ -114,7 +114,7 @@ oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, - oEnableSSHKeysign, + oEnableSSHKeysign, oConnectTimeout, oDeprecated } OpCodes; @@ -188,6 +188,7 @@ { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnab...

...part -------------- --- openssh-3.1p1/readconf.c.ORIG Tue Feb 5 02:26:35 2002 +++ openssh-3.1p1/readconf.c Wed Apr 3 23:34:34 2002 @@ -115,7 +115,8 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, - oClearAllForwardings, oNoHostAuthenticationForLocalhost + oClearAllForwardings, oNoHostAuthenticationForLocalhost, + oConnectTimeout } OpCodes; /* Textual representations of the tokens. */ @@ -187,6 +188,7 @@ { "smartcarddevice", oSmartcardDevice }...