search for: rsa_private_decrypt

Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169

Hello, I'm running several Sparcs with Solaris 2.7 on them. They all have Openssh 2.9 installed, and all work fine. Except one. Every once in a while I get this: "Disconnecting: Corrupted check bytes on input." When I truss or I am at the console I get this: "rsa_private_decrypt() failed" I've tried reinstalling with OpenSSH 2.5, 2.9 and the commercial versions. I get these errors from Linux and x86 Solaris boxes too in random intervals. It's just this one box. Obviously it seems like a lib is screwed up. All of my boxes are at the same patch level. I&...

I have openssl-0.9.5a and openssh-2.1.0. I configured ssl with rsaref and it passes the tests. When I configure ssh I get: ---- checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install ---- it is failing RSA_private_decrypt function call. The RSA_generate_key seems to work (does not return null) but then goes on to fail at RSA_private_decrypt. Like I said, the openssl tests passed.... AnyHELP? conftest.c generated by configure: --------- gcc -o conftest -g -O2 -Wall -I/opt/openssl/include -L/opt/openssl/lib -L/op...

In the source code of openssh(my source code is 6.0 for Openbsd?? The content below is Rsa.h #ifndef RSA_H #define RSA_H #include <openssl/bn.h> #include <openssl/rsa.h> void rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); void rsa_generate_additional_parameters(RSA *); #endif /* RSA_H */ Question: Where is the file openssl/rsa.h? So where is the struct RSA defined??

...unsigned char p_in[] = "blahblah"; - unsigned char c[256], p[256]; - memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c)); - if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1); - num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING); - return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING)); -} - ], - [ + AC_TRY_LINK( + [ + #include <string.h> + #include <openssl/rand.h> + #include <openssl/rsa.h> + #include <openssl/bn.h> + #include <openssl/sha.h> + ], + [ + int num; RSA *key; static unsigned char p_in[] = &q...

..../config no-rc5 no-idea -DRSA_NULL results in libraries without rc5 and idea and (AFAIK) with the patented parts of rsa removed. compiled and installed this way openssh compiles and installs fine. When run there are errors though. specifically: rsa_public_encrypt() failed on the client side or rsa_private_decrypt() failed on the server side ------------------actual sample------------- ( squid is known working version from violet rpms, wednesday is new test version) [squid at chrismcc]$ slogin -v wednesday SSH Version OpenSSH-1.2.2, protocol version 1.5. Compiled with SSL. debug: Reading configuration da...

The following code snippet will not compile support for RSAref on NetBSD even if it exists on the system (which breaks OpenSSL): for WANTS_RSAREF in "" 1 ; do if test -z "$WANTS_RSAREF" ; then LIBS="$saved_LIBS -lcrypto" else LIBS="$saved_LIBS -lcrypto -lRSAglue

We recently upgraded from an older version of SSH to OpenSSH 2.5.1p1 (OpenSSH_2.5.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f) and are having problems on just a few hosts in our environment. The other 200 systems are working fine. Every once in a blue-moon it will connect with version 2. When I try to connect to or from one of these hosts using SSH2 I get the following error (I have sshd -d

...bn.h> #include <openssl/sha.h> int main(void) { RSA *key; char a[2048],b[2048];; memset(a, 0, sizeof(a));memset(b, 0, sizeof(b)); RAND_add(a, sizeof(a), sizeof(a)); key=RSA_generate_key(32,3,NULL,NULL); ---> if (key==NULL) return(1); return(-1==RSA_private_decrypt(RSA_size(key),a,b,key,RSA_NO_PADDING)); } The arrowhead points to the line that fails. I built this exact code on a Linux system, then wrote a Perl wrapper to get the return code. I got the 1 return code per that arrowheaded line. It should also be noted that I used the standard RSARef 2.0 code...

...d != NULL && ((!confirm && !id->confirm) || confirm_key(id) == 0)) { + if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { Key *private = id->key; /* Decrypt the challenge using the private key. */ if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0) @@ -306,7 +303,7 @@ key = key_from_blob(blob, blen); if (key != NULL) { Identity *id = lookup_identity(key, 2); - if (id != NULL && ((!confirm && !id->confirm) || confirm_key(id) == 0...

...a.c:310: warning: pointer targets in passing argument 2 of ''RSA_private_encrypt'' differ in signedness ossl_pkey_rsa.c:310: warning: pointer targets in passing argument 3 of ''RSA_private_encrypt'' differ in signedness ossl_pkey_rsa.c: In function ''ossl_rsa_private_decrypt'': ossl_pkey_rsa.c:335: warning: pointer targets in passing argument 2 of ''RSA_private_decrypt'' differ in signedness ossl_pkey_rsa.c:335: warning: pointer targets in passing argument 3 of ''RSA_private_decrypt'' differ in signedness S -DHAVE_ENGINE_GET_...

Hello, Would it be possible to add generic engine support to OpenSSH? One use in particular would be to support TCP forwarding for secure mail server connections and similar applications. This would permit an administrator to configure in an arbitrary external engine to establish a secure RSA-based tunnel. OpenSSH would need no information built into it to accomodate any particular engine. One

...eference to `EVP_sha1' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_ctrl' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_STORE_CTX_init' /usr/local/ssl/lib/libssl.so: undefined reference to `i2d_DHparams' /usr/local/ssl/lib/libssl.so: undefined reference to `RSA_private_decrypt' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_CipherInit' /usr/local/ssl/lib/libssl.so: undefined reference to `ERR_put_error' /usr/local/ssl/lib/libssl.so: undefined reference to `RSA_new' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_write' /usr/local/...

...ess_authentication_challenge1(Socket id = lookup_identity(key, 1); if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { - struct sshkey *private = id->key; + struct sshkey *private = id->idkey->key; /* Decrypt the challenge using the private key. */ if ((r = rsa_private_decrypt(challenge, challenge, private->rsa) != 0)) { @@ -380,7 +428,7 @@ process_sign_request2(SocketEntry *e) u_int compat = 0, flags; int r, ok = -1; struct sshbuf *msg; - struct sshkey *key; + struct sshkey *key, *sign_key; struct identity *id; if ((msg = sshbuf_new()) == NULL) @@...