Displaying 13 results from an estimated 13 matches for "rsa_verify".
Did you mean:
rpa_verify
2002 Apr 24
2
RSA_verify question on OpenSSH Client w/ OpenSSL0.9.6a
Using OpenSSH 2.3.1 client and OpenSSL 0.9.6a
When trying to ssh to OpenSSH server of
higher versions SSH-1.99-OpenSSH_2.5.2p2 or such,
I see error in RSA key exchange:
RSA_verify(..)routine.
I see:
error at:int RSA_verify(int dtype, unsigned char *m,
unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen,
RSA *rsa)
{
int i,ret=0,sigtype;
unsigned char *p,*s;
X509_SIG *sig=NULL;
if (siglen != (unsigned int)RSA_size(rsa))
{...
2002 Jun 28
2
ssh_rsa_verify: RSA_verify failed: error:
...us after
upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at
0.96d). Any time we try to connect from another unix box also running
openssh-3.4p1, we get the following error (on the server side) and host
based auth fails (it falls back to password prompt).
sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:
error:04077068:lib(4):func(119):reason(104)
We are running on AIX 4.3.3 using the IBM VAC C compiler.
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
As...
2001 Mar 26
2
Openssh-2.5.1p1 and Solaris 2.6 problem with ssh_rsa_verify
...t. The
other 200 systems are working fine. Every once in a blue-moon it will
connect with version 2.
When I try to connect to or from one of these hosts using SSH2 I
get the following error (I have sshd -d -d -d and ssh -2 -v -v -v
output if that helps):
dhaag at cyberpup> ssh -2 waltst2
ssh_rsa_verify: RSA_verify failed: error:04077068:rsa
routines:RSA_verify:bad signature
key_verify failed for server_host_key
Here's what I have done so far:
-recompiled on the suspect box, no change.
-compiled 2.5.2p2 on suspect box with no change.
-don't see any network errors (netstat -i).
-egd seems...
2008 Apr 28
1
Bug#478334: logcheck doesn't know about dkim-filter
Package: logcheck-database
Version: 1.2.63
> Apr 28 17:02:39 naam dkim-filter[15536]: 570BA180CE: bad signature data
> Apr 28 17:03:20 naam dkim-filter[15536]: A08D2180CE: bad signature data
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE SSL error:04077068:rsa routines:RSA_verify:bad signature
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE: bad signature data
> Apr 28 17:57:06 naam dkim-filter[15536]: AB641180CE SSL error:04077068:rsa routines:RSA_verify:bad signature
> Apr 28 17:57:06 naam dkim-filter[15536]: AB641180CE: bad signature data
> Apr 28 17:58...
2012 Apr 19
2
OpenSSL ASN.1 vulnerability: sshd not affected
...buffer code that
can be exploited to cause a heap overflow:
http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html
Fortunately OpenSSH's sshd is not vulnerable - it has avoided the use
of ASN.1 parsing since 2002 when Markus wrote a custom RSA verification
function (openssh_RSA_verify):
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c?rev=HEAD;content-type=text%2Fplain
That's now eight exploitable bugs that this change has saved us from.
It's a good lesson in how excising even a relatively small amount of
complex attack surface can make a substantial dif...
2011 Aug 18
1
RSA_public_decrypt and FIPS
Does anyone knows if there is a patch for OpenSSH in order to make it work
with 0.9.8r OpenSSL in FIPS Mode ?
I'm having problem with the RSA_public_decrypt() function that is failing in
FIPS Mode, I changed it to use RSA_verify instead and setting the flag
"RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if
this is allowed in FIPS Mode, does anyone knows something about that ? I
read something about the use of EVP_Verify* functions, is there any patch
for this ?
Great thanks !
--...
2010 May 04
1
Bug#580260: logcheck-database: dkim-filter needs tweak
.../ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400
+++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04 16:32:31.000000000 -0400
@@ -1,2 +1,2 @@
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dkim-filter\[[[:digit:]]+\]: [[:xdigit:]]{10} SSL error:04077068:rsa routines:RSA_verify:bad signature$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dkim-filter\[[[:digit:]]+\]: [[:xdigit:]]{10}: bad signature data$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dkim-filter\[[[:digit:]]+\]: [[:xdigit:]]{11} SSL error:04077068:rsa routines:RSA_verify:bad signature$
+^\w{3} [ :[:digit:]]{11} [._...
2002 Apr 24
1
Fwd: need help in ssh client: key exchange
This is debugs seen on server, whose keys are
not accepted by the client:
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.5.2p2
debug1: load_private_key_autodetect: type 0 RSA1
debug1: read SSH2 private key done: name rsa w/o
comment success 1
debug1: load_private_key_autodetect: type 1 RSA
debug1: read SSH2 private key done: name dsa w/o
comment success 1
debug1:
2002 Jun 28
1
hostbased authentication problem in 3.4
...quest_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_send_debug: Sending debug: Accepted for bester.cad.gatech.edu [130.20
7.84.20] by /etc/ssh/shosts.equiv.
debug3: mm_key_verify entering
debug3: mm_request_send entering: type 22
debug3: monitor_read: checking request 22
ssh_rsa_verify: RSA_verify failed: error:04077068:lib(4):func(119):reason(104)
debug1: ssh_rsa_verify: signature incorrect
debug3: mm_answer_keyverify: key 132398 signature unverified
debug3: mm_request_send entering: type 23
Failed hostbased for vf5 from 130.207.84.20 port 33083 ssh2
debug3: mm_request_receive e...
2004 May 17
4
Redhat 7.3 compiling problem
...ars in.)
res_crypto.c:400: dereferencing pointer to incomplete type
res_crypto.c:403: dereferencing pointer to incomplete type
res_crypto.c: In function `ast_check_signature':
res_crypto.c:424: dereferencing pointer to incomplete type
res_crypto.c:442: warning: implicit declaration of function `RSA_verify'
res_crypto.c:442: `NID_sha1' undeclared (first use in this function)
res_crypto.c:442: dereferencing pointer to incomplete type
res_crypto.c: In function `crypto_load':
res_crypto.c:462: dereferencing pointer to incomplete type
res_crypto.c:463: dereferencing pointer to incomplete type...
2013 May 15
2
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
Functionality request for supporting Digital Signatures for RSA and DSS
Public Key Algorithms in alignment with NIST SP800-131A.
I
assume this has been asked before, but I could not find in the
archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key
algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH
Extension Algorithms are supported, but not a
2005 Aug 09
2
error compiling asterisk on solaris
...ce to `ASN1_INTEGER_set'
/usr/local/ssl/lib/libssl.so: undefined reference to `i2d_ASN1_OCTET_STRING'
/usr/local/ssl/lib/libssl.so: undefined reference to `X509_STORE_CTX_get_ex_new_ index'
/usr/local/ssl/lib/libssl.so: undefined reference to `RSA_verify'
/usr/local/ssl/lib/libssl.so: undefined reference to `BN_dup'
/usr/local/ssl/lib/libssl.so: undefined reference to `ERR_add_error_data'
/usr/local/ssl/lib/libssl.so: undefined reference to `X509_NAME_cmp'
/usr/local/ssl/lib/libssl.so: undefined reference to `EVP_PKEY_size'
/usr...
2006 Nov 15
11
OpenSSH Certkey (PKI)
...t mismatch ('%s' != '%s')",
+ fp, ca_fp);
+ xfree(fp);
+ return 0;
+ }
+ xfree(fp);
+
+ fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+ snprintf(datbuf, sizeof(datbuf), "%s;%s;%s;%s;%lu;%lu",
+ fp, ca_name, ca_id, ca_opts, vf, vt);
+ xfree(fp);
+
+ if (RSA_verify(NID_ripemd160, datbuf, strlen(datbuf), sigbuf, siglen,
+ ca_key->rsa) != 1) {
+ debug2("cert_verify: signature not valid ('%s')", ca_sig);
+ return 0;
+ }
+ if (vf && vf > now) {
+ debug2("cert_verify: certificate is not yet valid (%lu > %lu)",
+...