search for: pennock

Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

On Wed, 5 Feb 2020, Phil Pennock wrote: > On 2020-02-06 at 10:29 +1100, Damien Miller wrote: > > * sshd(8): allow the UpdateHostKeys feature to function when > > multiple known_hosts files are in use. When updating host keys, > > ssh will now search subsequent known_hosts files, but will add > >...

also sprach Phil Pennock <phil.pennock at globnix.org> [2017-11-15 19:41 +0100]: > So, instead of running no command server side, would a suitable > workaround be to run 'while sleep 1; do echo .; done' as the server > command and discard stdout from ssh on the client side? That way, the > server...

...ut not tty Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh-add Assignee: unassigned-bugs at mindrot.org Reporter: phil.pennock at globnix.org Under SSH Agent Forwarding, when using an ssh-agent with keys loaded for key-types not recognized by the remote host, running "ssh-add -l" on the remote host will abort with fatal() when it sees the unrecognized key-type. If stdout is a tty, then stdio is line-buffered an...

Folks, MacOSX 10.6.x (Snow Leopard) runs { ssh-agent -l }; that's not an s/ssh-add/ssh-agent/ typo. It appears to be an undocumented addition (the man-pages were not updated). I *suspect* that it just tells the agent to honour whatever pre-existing value of $SSH_AUTH_SOCK it inherits and to try to listen to that. I don't know for sure. Does anyone have details on what exactly it does,

I've just written this patch, it's undergone minimal testing and "works for me" and I'm after feedback as to acceptability of approach, anything I should be doing differently for the feature to be acceptable upstream and what I should be doing about automated testing. Use-case: you have the host's SSH fingerprints via an out-of-band mechanism which you trust and want to

On Sat, May 30, 2015 at 10:38 AM, Phil Pennock <phil.pennock at globnix.org> wrote: > On 2015-05-30 at 15:00 +0200, Kasper Dupont wrote: >> On my laptop I have key1 and key2. I can use key1 to log in >> on server1, and I can use key2 to log in on server2. I want >> neither key to leave the laptop, and only key2 is all...

On 7/24/2017 8:39 PM, Nico Kadel-Garcia wrote: > > Why are the targets of the hardlinks evaporating on rebooting? Is that > a FreeBSD'ism? Its when syslogd stops/starts. The hardlinks need to be recreated for some reason. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike at sentex.net Providing Internet services since 1994

On Thu, 6 Feb 2020 at 12:46, Phil Pennock <phil.pennock at globnix.org> wrote: [...] > ssh_config(5) describes for `HostKeyAlgorithms` that: > } The list of available key types may also be obtained using "ssh -Q key" > > Running `ssh -Q key`, the output does not include these proposed > replacements. > &gt...

On 2020-02-06 at 13:28 +1100, Darren Tucker wrote: > Like this. > --- a/sshd_config.5 > +++ b/sshd_config.5 The ssh_config.5 also has a copy of this and presumably needs the same change, unless I've misunderstood. -Phil

On 2020-02-05 at 20:39 -0500, Phil Pennock wrote: > On 2020-02-06 at 10:29 +1100, Damien Miller wrote: > > OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a feature release. > > > * The RFC8332 RSA SHA-2 signature algorithms rsa-sha...

On Thu, Oct 15, 2015 at 07:02:58PM -0400, Nico Kadel-Garcia wrote: > On Thu, Oct 15, 2015 at 10:34 AM, hubert depesz lubaczewski > <depesz at depesz.com> wrote: > > Hi, > > > > I'm in a situation where I'm using multiple SSH keys, each to connect to > > different set of servers. > > > > I can't load/unload keys on demand, as I usually am

On 30/05/15 08.34, Nico Kadel-Garcia wrote: > On Sat, May 30, 2015 at 8:00 AM, Kasper Dupont > <kasperd at kdxdx.23.may.2015.kasperd.net> wrote: > > As far as I can tell when the ssh command uses an agent to > > authenticate to a server and then forwards an agent to that > > server, it will always use the same agent for both purposes. > > > > Has there

Before reading below: I am considering a new install rather than an upgrade of our servers. However, now I just want to beat this problem. :) At 02:19 PM 7/8/2003 +0000, Phil Pennock wrote: >On 2003-07-08 at 14:09 +0000, Phil Pennock wrote: > > There was a fairly major update to the IDE disk device handlers which > > required new device nodes. Bringing in the new MAKEDEV script and > > running that to create the disk devices will probably let you boot on &...

Hello, I'm tasked with establishing a persistent SSH connection across a very unreliable link, for a remote port forward (always port 2217). I figured I'd use ServerAliveInterval to make sure that the ssh(1) process dies when the connection appears down, and I use systemd to restart it in this case. This works fine. What does not work fine, however, is the server-side. If the connection

[ After looking over the openssh.com website, this seems to be the list to use, including for OpenBSD users? I've subscribed. ] I'm using OpenSSH_2.5.0 as currently found in OpenBSD's OPENBSD_2_8 CVS branch. I'm now finding a strange error when I try to su, _within_ the connection. The client side is _not_ OpenSSH. Every single time that I type "su -", and local

Folks, I read the 5.7 release announcement and updated, to try out ECDSA. Most parts worked very smoothly. The inability to create SSHFP records is understandable, since IANA haven't allocated a code yet. One apparent bug: I think StrictHostKeyChecking=ask is broken for ECDSA. % ssh -o HostKeyAlgorithms=ecdsa-sha2-nistp256 localhost

Hi, OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a feature release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

This one has me perplexed. OpenSSH6.4p1 on a FreeBSD 7 box (I know it's old; it's being replaced this month). I can't spot anything changed in OpenSSH commit logs or git blame of the current file. I ssh into the box from a system with OpenSSH6.6p1 and three keys loaded, RSA, ECDSA and ED25519. As expected, key_from_blob and key_fingerprint complain about the ED25519 key in the

OpenSSH 7.6 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested