Displaying 12 results from an estimated 12 matches for "shostkeyfil".
Did you mean:
shostkeyfile
2012 Nov 21
1
HostKey in hardware?
Hi,
Is there any way to store HostKey in hardware (and delegate the related
processing)?
I have been using Roumen Petrov's x509 patch for clients, which works via an
OpenSSL engine, but it does not seem to support server HostKey:
http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html
For PKCS#11, I have found an email on this list from a year back suggesting
this
2015 Jan 30
5
[Bug 2346] New: sshd -T doesn't write all configuration options in valid format
https://bugzilla.mindrot.org/show_bug.cgi?id=2346
Bug ID: 2346
Summary: sshd -T doesn't write all configuration options in
valid format
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2002 Nov 24
1
[PATCH] PamServiceNameAppend
...protocol == SSH_PROTO_UNKNOWN)
@@ -275,7 +282,7 @@ fill_default_server_options(ServerOption
typedef enum {
sBadOption, /* == unknown option */
/* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
+ sPAMAuthenticationViaKbdInt, sPAMServiceNameAppend,
/* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
@@ -312,6 +319,7 @@ static struct {
} keywords[] = {
/* Portable-specific options */
{ "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
+ { "PAMServiceNameAppend&quo...
2002 Dec 05
1
patch to add a PAMServiceName config option
...tions->pam_service_name = SSHD_PAM_SERVICE;
/* Standard Options */
if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -276,6 +281,7 @@
sBadOption, /* == unknown option */
/* Portable-specific options */
sPAMAuthenticationViaKbdInt,
+ sPAMServiceName,
/* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
@@ -312,6 +318,7 @@
} keywords[] = {
/* Portable-specific options */
{ "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
+ { "PAMServiceName", sPAMServiceName },...
2002 Apr 26
0
PAM keyboard-interactive
...KNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2;
if (options->num_host_key_files == 0) {
@@ -258,9 +249,6 @@
/* Keyword tokens. */
typedef enum {
sBadOption, /* == unknown option */
- /* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
- /* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
@@ -294,9 +282,6 @@
const char *name;
ServerOpCodes opcode;
} keywords[] = {
- /* Portable-specific options */
- { "...
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly
soon.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
2002 Jul 02
3
New PAM kbd-int diff
...KNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2;
if (options->num_host_key_files == 0) {
@@ -271,9 +262,6 @@
/* Keyword tokens. */
typedef enum {
sBadOption, /* == unknown option */
- /* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
- /* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
@@ -307,9 +295,6 @@
const char *name;
ServerOpCodes opcode;
} keywords[] = {
- /* Portable-specific options */
- { "...
2016 Jun 03
3
[Bug 2581] New: Coverity patches from Fedora
...t than -1) and comparison of the return dup() return
value should be >=0 instead of >0 -- 0 is also valid FD.
3. process_server_config_line: sAuthorizedPrincipalsFile option handles
intptr, without any possible label (therefore always null), which is
dead code (probably copy-paste error from sHostKeyFile)
4. box variable for sandbox context is not freed in the child process
after calling ssh_sandbox_child(), which makes it memory leak.
5. server_accept_loop() allocates fdset variable, but does not free it
in the end.
These are the most obvious problems and it would be nice to have them
addresse...
2002 Jun 25
4
PAM kbd-int with privsep
...KNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2;
if (options->num_host_key_files == 0) {
@@ -271,9 +262,6 @@
/* Keyword tokens. */
typedef enum {
sBadOption, /* == unknown option */
- /* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
- /* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
@@ -307,9 +295,6 @@
const char *name;
ServerOpCodes opcode;
} keywords[] = {
- /* Portable-specific options */
- { "...
2000 Aug 04
0
Combining RSA host authentication with another method
...tions->rsa_authentication = 1;
+ if (options->rsa_host_other_authentication == -1)
+ options->rsa_host_other_authentication = 0;
if (options->dsa_authentication == -1)
options->dsa_authentication = 1;
#ifdef KRB4
***************
*** 170,175 ****
--- 173,179 ----
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication,
+ sRSAHostOtherAuthentication,
#ifdef KRB4
sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,...
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2006 Nov 15
11
OpenSSH Certkey (PKI)
...stbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -282,6 +288,7 @@
u_int flags;
} keywords[] = {
{ "port", sPort, SSHCFG_GLOBAL },
+ { "cakeyfile", sCAKeyFile, SSHCFG_GLOBAL },
{ "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
{ "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */
{ "pidfile", sPidFile, SSHCFG_GLOBAL },
@@ -296,6 +303,7 @@
{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_GLOBAL },
{ "hostbasedusesnamefrompacketonly", sHo...