search for: secsh

http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-05.txt So what do people think of this?

I could not find anything in the mailing list archive or bug tracker. In ssh2.h, the value (4) is re-used 148 #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3 149 #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4 150 #define SSH2_DISCONNECT_RESERVED 4 151 #define SSH2_DISCONNECT_MAC_ERROR 5 Is this intentional? Thanks, Noah Zalev

http://bugzilla.mindrot.org/show_bug.cgi?id=187 ------- Additional Comments From markus at openbsd.org 2002-03-27 09:44 ------- (1) exporting openssh private keys is not supported (2) rsa bugs from ssh.com 2.0.12 are not supported (3) this is probably another 2.0.12 bug. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hello, I had some difficulties in order to convert private keys between different implementations of SSH. So, I wrote the following patch to allow export of SSH2 RSA and DSA private keys into IETF SECSH format. Note that I also slightly revised the IETF SECSH key import code. Usage: use of the "-e" option on a private key file generates an unencrypted private key file in IETF SECSH format. I suggest you incorporate this patch into both the OpenBSD and portable OpenSSH. --- authfile...

Old news, but ... http://lwn.net/Articles/298833/ I first posted about this back in 2001 and it's still not resolved: http://osdir.com/ml/ietf.secsh/2001-09/msg00000.html 1) high latency networks are a reality that will never go away. In fact they will only become more prevalent since distributed networks continue to grow broader but (surprise) the speed of light remains a constant. 2) character-at-a-time protocols have both security and per...

Greetings, Just wondering if there is an RFC describing the secure shell protocols? Thanks, Chris

Hi, After reading the source code of openssh and man page of sftp. In sftp.h it define 27 /* 28 * draft-ietf-secsh-filexfer-01.txt 29 */ 30 31 /* version */ 32 #define SSH2_FILEXFER_VERSION 3 and In the end of the man page, T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material. In wikipedia of "SSH File Transfer Protocal&q...

On Thu, Mar 14, 2002 at 12:12:20PM -0800, Bob Smith wrote: > i find it amusing that the OpenBSD web site states on the main index page > "Our efforts emphasize portability, standardization,...." but by not > following standards like secsh's key format you're failing according to > your own goals. This is not exactly the truth. You have to consider your user base before you consider switching to a completely different key format and make their life harder. This is why OpenSSH uses a one-key-per-line representation of t...

Dear list, Attached is a patch that adds support for the SSH_FXP_LINK request, as described in draft-ietf-secsh-filexfer-07 onwards, to the sftp server and client. It is for and has been tested on the current portable snapshot but also applies to openbsd CVS. Thanks, -- Peter -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-sftp-hardlink-pcvs-v2.patch Type: text/...

...nssh-2.5.2p1-krb5.patch This patch includes updated Kerberos v5 support for protocol version 1, and also adds GSSAPI support for protocol version 2. Unlike the Kerberos v5 code (which will still not interoperate with ssh.com clients and servers), the GSSAPI support is based on two I-Ds draft-galb-secsh-gssapi-01.txt and draft-ietf-secsh-gsskeyex-01.txt. It adds two different points of authentication - the gsskeyex draft uses GSSAPI at the key exchange level, and removes the requirement to have hostkeys when it is used as the exchange mechanism. The first draft adds GSSAPI at the userauthenticatio...

https://bugzilla.mindrot.org/show_bug.cgi?id=2948 Bug ID: 2948 Summary: implement "copy-data" sftp extension Product: Portable OpenSSH Version: -current Hardware: All URL: https://tools.ietf.org/html/draft-ietf-secsh-filexfer- extensions-00#section-7 OS: All Status: NEW Severity: enhancement Priority: P5 Component: sftp Assignee: unassigned-bugs at mindrot.org Reporter: vapier at gentoo.org i posted some patches [1...

Hi, My name is Stefan Mangard and I plan to implement an extension to ssh as a final project in a cryptography class. Since I want to use an open source of ssh, I decided to use the openssh implementation. I am currently working with openssh-1.2.3, but I'd also like to implement my extension for protocol 2, I wanted to ask you how far the development of the implementation of openssh-2 is.

http://bugzilla.mindrot.org/show_bug.cgi?id=187 Summary: ssh-keygen not converting from and to SECSH standard correctly Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo: openssh-unix-dev a...

Just to bring everyone up to date, could we get a report on the status of support for the 2.x protocol? The home page says "next major release" - is that 1.3 or 2.0? And is there any feel for when it'll be generally available? -- John Hardin Internal Systems Administrator Apropos Retail Management Systems, Inc. <johnh at aproposretail.com>

Hi Joel, Joel GUITTET wrote: > Hi, > We currently work on a project that require SSH server with FIPS and using OpenSSL v3. There is no way to work with OpenSSL v3 due to many reasons. If you like to get FIPS capable secsh implementation compatible with OpenSSL FIPS validated modules 1.2 and 2.0 , RedHat ES, or Oracle Solaris you could use PKIX-SSH. Regards, Roumen Petrov -- Advanced secure shell implementation with X.509 certificate support http://roumenpetrov.info/secsh/

>Is there a simple way to achieve this behavior? Is there a document on >the sftp protocol somewhere? http://search.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt -- Darren J Moffat

...n: 6.6p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement Priority: P5 Component: sftp-server Assignee: unassigned-bugs at mindrot.org Reporter: dkocher at cyberduck.io As in http://tools.ietf.org/wg/secsh/draft-ietf-secsh-filexfer/draft-ietf-secsh-filexfer-13.txt. -- You are receiving this mail because: You are watching the assignee of the bug.

Hello, It seems to me the algorithm negotiation of the transport layer has a bug, it does not follow the specification of draft-ietf-secsh-transport-24, page 19, where the behaviour of first_kex_packet_follows is specified. I've got an ssh client that sends an SSH_MSG_KEXINIT message and specifies only 'diffie-hellman-group1-sha1' as key exchange algorithm. It sets first_kex_packet_follows to true, and immediately sends t...

...they have even contacted people like Markus or Theo about this. The RFC is written by them, and it looks like they sell some commercial software around this idea as well. Here is links to more info: http://www.vandyke.com/download/os/pks_ossh.html http://www.vandyke.com/technology/draft-ietf-secsh-publickey- subsystem.txt The idea of it sounds interesting, but I would really like to know if they have approached anyone regarding having it included in openssh proper. Thanks. -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx - source http://linsec.ca/vdanen.asc | gpg -...

Hello, I am investigating a data-loss bug in SSHFS (https://github.com/libfuse/sshfs/issues/72). While the root cause is in SSHFS and has already been fixed, there seems to be some unfortunate interaction with what I believe is an OpenSSH bug: As far as I can tell, when sending a SSH_FXP_OPEN request with SSH_FXF_WRITE (i.e., opening the file write only), and then following up with a