search for: rekey_limit

...function): if (strstr(enc->name, "chacha")) *max_blocks = (u_int64_t)1 << (16*2); else if (enc->block_size >= 16) *max_blocks = (u_int64_t)1 << (enc->block_size*2); else *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; if (state->rekey_limit) to force it to reduce the rekey rate but I'm deeply unsure of what impact that would have on the security of the cipher as it's implemented. Especially the without-openssl internal implementation. Chris On 3/24/23 4:36 PM, Christian Weisgerber wrote: > Chris Rapier: > >>...

...2^31 bytes only since it's a signed integer. However, the default value for rekeying limit is 2^32 since AES's block size is 16 bytes (limit set in packet.c). 2^(block_size * 2) = 2^32 since there is no support for ciphers with block sizes of 32 bytes it's enough to use u_int32_t for rekey_limit + fix the casting and replace INT_MAX with UINT_MAX. patch attached. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.

...gt;name, "chacha")) > *max_blocks = (u_int64_t)1 << (16*2); > else if (enc->block_size >= 16) > *max_blocks = (u_int64_t)1 << (enc->block_size*2); > else > *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; > if (state->rekey_limit) > > to force it to reduce the rekey rate but I'm deeply unsure of what impact that > would have on the security of the cipher as it's implemented. Especially the > without-openssl internal implementation. This is what I'm playing with at the moment: diff --git a/cipher.c...

...if (strstr(enc->name, "chacha")) > *max_blocks = (u_int64_t)1 << (16*2); > else if (enc->block_size >= 16) > *max_blocks = (u_int64_t)1 << (enc->block_size*2); > else > *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; > if (state->rekey_limit) > > to force it to reduce the rekey rate but I'm deeply unsure of what impact that > would have on the security of the cipher as it's implemented. Especially the > without-openssl internal implementation. This is what I'm playing with at the moment: diff --git a/cipher.c...

...;chacha")) > > *max_blocks = (u_int64_t)1 << (16*2); > > else if (enc->block_size >= 16) > > *max_blocks = (u_int64_t)1 << (enc->block_size*2); > > else > > *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; > > if (state->rekey_limit) > > > > to force it to reduce the rekey rate but I'm deeply unsure of what impact > that > > would have on the security of the cipher as it's implemented. Especially > the > > without-openssl internal implementation. > > This is what I'm playing wit...

...0 1.448 +++ sshd.c 20 Apr 2014 03:28:41 -0000 1.453 @@ -2462,6 +2438,9 @@ do_ssh2_kex(void) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + myproposal[PROPOSAL_KEX_ALGS]); + if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); Index: sshconnect2.c =================================================================== RCS file: /var/cvs/openssh/sshconnect2.c,v retrieving revision 1.197 retrieving revi...

...;chacha")) > > *max_blocks = (u_int64_t)1 << (16*2); > > else if (enc->block_size >= 16) > > *max_blocks = (u_int64_t)1 << (enc->block_size*2); > > else > > *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; > > if (state->rekey_limit) > > > > to force it to reduce the rekey rate but I'm deeply unsure of what impact > that > > would have on the security of the cipher as it's implemented. Especially > the > > without-openssl internal implementation. > > This is what I'm playing with...

I'm wondering why the ChaCha20 cipher rekeys so frequently. At speed I'm seeing rekeys every second or two. So I'm spending a large amount of time in the rekey process. From what I've read about ChaCha20 it shouldn't need to be rekeyed quite so frequently. Am I missing something obvious? Just curious more than anything else. Chris

...se oServerLiesWarning: + intptr = &options->server_lies_warning; + goto parse_flag; + case oStrictHostKeyChecking: intptr = &options->strict_host_key_checking; arg = strdelim(&s); @@ -856,6 +861,7 @@ options->no_host_authentication_for_localhost = - 1; options->rekey_limit = - 1; options->verify_host_key_dns = -1; + options->server_lies_warning = -1; } /* @@ -968,6 +974,8 @@ options->rekey_limit = 0; if (options->verify_host_key_dns == -1) options->verify_host_key_dns = 0; + if (options->server_lies_warning == -1) + options->server...

On Tue, 3 May 2016, Rogan Dawes wrote: > Hi Damien, > Thanks for the response! > > I tried moving the StreamLocalBindUnlink directive outside of the Match > rule, and it worked. But that doesn't explain why the Match was not > correctly setting the directive: > > This is running on an alternate port with -ddd: > > debug3: checking match for 'User

...pPrivateKey: + intptr = &options->group_private_key; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -859,6 +864,7 @@ options->no_host_authentication_for_localhost = - 1; options->rekey_limit = - 1; options->verify_host_key_dns = -1; + options->group_private_key = -1; } /* @@ -973,6 +979,8 @@ options->rekey_limit = 0; if (options->verify_host_key_dns == -1) options->verify_host_key_dns = 0; + if (options->group_private_key == -1) + options->group_priv...

..._options(ServerOptions *options) options->permit_user_env_allowlist = NULL; } if (options->compression == -1) -#ifdef WITH_ZLIB - options->compression = COMP_DELAYED; -#else - options->compression = COMP_NONE; -#endif + options->compression = COMP_ALL_S; if (options->rekey_limit == -1) options->rekey_limit = 0; @@ -1303,9 +1299,15 @@ static const struct multistate multistate_permitrootlogin[] = { { NULL, -1 } }; static const struct multistate multistate_compression[] = { +#if defined(WITH_ZLIB) || defined(HAVE_LIBZSTD) + { "yes", COMP_ALL_S }, +#endif...

http://bugzilla.mindrot.org/show_bug.cgi?id=1056 ------- Comment #2 from djm at mindrot.org 2005-10-30 10:59 ------- hm, I haven't been able to reproduce the hang you have experienced when setting rekeylimit low. Even setting RekeyLimit=16 produces a working session for me. This isn't to say that we shouldn't set a minimum. ------- You are receiving this mail because:

I added ZSTD support to OpenSSH roughly three years ago and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

https://bugzilla.mindrot.org/show_bug.cgi?id=2264 Bug ID: 2264 Summary: RekeyLimit option does not allow '4G' value when UINT_MAX is 0xffffffff Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5

I hacked zstd support into OpenSSH a while ago and just started to clean it up in the recent days. The cleanup includes configuration support among other things that I did not have. During testing I noticed the following differences compared to zlib: - highly interactive shell output (as in refreshed at a _very_ high rate) may result in higher bandwidth compared to zlib. Since zstd is quicker

I added ZSTD support to OpenSSH roughly over a year and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

On 2020-02-05 at 20:39 -0500, Phil Pennock wrote: > On 2020-02-06 at 10:29 +1100, Damien Miller wrote: > > OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a feature release. > > > * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These > This actually affects me:

Hi, OpenSSH 6.3 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |