search for: shostkeyfil

Displaying 12 results from an estimated 12 matches for "shostkeyfil".

Did you mean: shostkeyfile
2012 Nov 21
1
HostKey in hardware?
Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this
2015 Jan 30
5
[Bug 2346] New: sshd -T doesn't write all configuration options in valid format
https://bugzilla.mindrot.org/show_bug.cgi?id=2346 Bug ID: 2346 Summary: sshd -T doesn't write all configuration options in valid format Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:
2002 Nov 24
1
[PATCH] PamServiceNameAppend
...protocol == SSH_PROTO_UNKNOWN) @@ -275,7 +282,7 @@ fill_default_server_options(ServerOption typedef enum { sBadOption, /* == unknown option */ /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, + sPAMAuthenticationViaKbdInt, sPAMServiceNameAppend, /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, @@ -312,6 +319,7 @@ static struct { } keywords[] = { /* Portable-specific options */ { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + { "PAMServiceNameAppend&quo...
2002 Dec 05
1
patch to add a PAMServiceName config option
...tions->pam_service_name = SSHD_PAM_SERVICE; /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) @@ -276,6 +281,7 @@ sBadOption, /* == unknown option */ /* Portable-specific options */ sPAMAuthenticationViaKbdInt, + sPAMServiceName, /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, @@ -312,6 +318,7 @@ } keywords[] = { /* Portable-specific options */ { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt }, + { "PAMServiceName", sPAMServiceName },...
2002 Apr 26
0
PAM keyboard-interactive
...KNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -258,9 +249,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -294,9 +282,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "...
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)
2002 Jul 02
3
New PAM kbd-int diff
...KNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -271,9 +262,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -307,9 +295,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "...
2016 Jun 03
3
[Bug 2581] New: Coverity patches from Fedora
...t than -1) and comparison of the return dup() return value should be >=0 instead of >0 -- 0 is also valid FD. 3. process_server_config_line: sAuthorizedPrincipalsFile option handles intptr, without any possible label (therefore always null), which is dead code (probably copy-paste error from sHostKeyFile) 4. box variable for sandbox context is not freed in the child process after calling ssh_sandbox_child(), which makes it memory leak. 5. server_accept_loop() allocates fdset variable, but does not free it in the end. These are the most obvious problems and it would be nice to have them addresse...
2002 Jun 25
4
PAM kbd-int with privsep
...KNOWN) options->protocol = SSH_PROTO_1|SSH_PROTO_2; if (options->num_host_key_files == 0) { @@ -271,9 +262,6 @@ /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ - /* Portable-specific options */ - sPAMAuthenticationViaKbdInt, - /* Standard Options */ sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, @@ -307,9 +295,6 @@ const char *name; ServerOpCodes opcode; } keywords[] = { - /* Portable-specific options */ - { "...
2000 Aug 04
0
Combining RSA host authentication with another method
...tions->rsa_authentication = 1; + if (options->rsa_host_other_authentication == -1) + options->rsa_host_other_authentication = 0; if (options->dsa_authentication == -1) options->dsa_authentication = 1; #ifdef KRB4 *************** *** 170,175 **** --- 173,179 ---- sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, + sRSAHostOtherAuthentication, #ifdef KRB4 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,...
2001 Nov 20
3
problem with AFS token forwarding
Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the
2006 Nov 15
11
OpenSSH Certkey (PKI)
...stbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, @@ -282,6 +288,7 @@ u_int flags; } keywords[] = { { "port", sPort, SSHCFG_GLOBAL }, + { "cakeyfile", sCAKeyFile, SSHCFG_GLOBAL }, { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ { "pidfile", sPidFile, SSHCFG_GLOBAL }, @@ -296,6 +303,7 @@ { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_GLOBAL }, { "hostbasedusesnamefrompacketonly", sHo...