search for: packet_get_bignum

...t to this keyword is the device diff -Nur openssh-3.7.1p2/sshconnect1.c openssh-3.7.1p2-serverlieswarning/sshconnect1.c --- openssh-3.7.1p2/sshconnect1.c 2003-09-02 08:51:17.000000000 -0400 +++ openssh-3.7.1p2-serverlieswarning/sshconnect1.c 2003-11-04 02:29:50.000000000 -0500 @@ -494,7 +494,8 @@ packet_get_bignum(server_key->rsa->n); rbits = BN_num_bits(server_key->rsa->n); - if (bits != rbits) { + if (bits == rbits + 1 && ! options.server_lies_warning) { + } else if (bits != rbits) { logit("Warning: Server lies about size of server public key: " "actual size...

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

...type); + /*if -u is enabled print a message and then exit*/ + if (options.checkey) { + snprintf(buf, sizeof(buf), "RSA key '%.100s' is Valid",comment); + xfree(comment); + packet_disconnect("%s",buf); + } + packet_get_bignum(challenge); packet_check_eom(); + debug("Received RSA challenge from server."); /* Ask the agent to decrypt the challenge. */ @@ -136,12 +145,16 @@ type = packet_read(); /* The server returns success if it accepted the authentication. */ + if (type == SSH_SMSG_SUCCE...

...#ifdef KRB4 #include <krb.h> diff -u5 openssh-3.0.2p1.orig/auth1.c openssh-3.0.2p1/auth1.c --- openssh-3.0.2p1.orig/auth1.c Tue Nov 13 13:46:19 2001 +++ openssh-3.0.2p1/auth1.c Tue Jan 29 13:40:20 2002 @@ -231,11 +231,11 @@ } /* RSA authentication requested. */ n = BN_new(); packet_get_bignum(n, &nlen); packet_integrity_check(plen, nlen, type); - authenticated = auth_rsa(pw, n); + authenticated = auth_rsa(pw, n, info, sizeof(info)); BN_clear_free(n); break; case SSH_CMSG_AUTH_PASSWORD: if (!options.password_authentication) { diff -u5 openssh-3.0.2p1.orig/aut...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

...is successful */ static void - -do_authloop(Authctxt *authctxt) +do_authloop(Authctxt *authctxt, const char *realname) { int authenticated = 0; u_int bits; @@ -229,7 +229,7 @@ fatal("do_authloop: BN_new failed"); packet_get_bignum(n); packet_check_eom(); - - authenticated = auth_rsa(pw, n); + authenticated = auth_rsa(pw, n, realname, sizeof(realname)); BN_clear_free(n); break; @@ -363,6 +363,12 @@ u_i...