search for: soref

On 13 April 2018 at 08:29, Josh Soref <jsoref at gmail.com> wrote: > Randall S. Becker <rsbecker at nexbridge.com> wrote: >> >> >> -REGRESSTMP = "$(PWD)/regress" >> +REGRESSTMP = `pwd` >> >> tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) > >...

On Thu, Apr 12, 2018 at 6:29 PM, Josh Soref <jsoref at gmail.com> wrote: > Randall S. Becker <rsbecker at nexbridge.com> wrote: > >> >> -REGRESSTMP = "$(PWD)/regress" >> +REGRESSTMP = `pwd` >> >> tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) >> >...

After getting OpenSSH 7.7 to build :), the initial test fails as follows: test_kex: ............................................................................ ............................................................................ ............................................................................ ............................................................................

> ssh -v test OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5 debug1: Reading configuration data C:\\Users\\jsore/.ssh/config debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W '[%h]:%p' apple debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple CreateProcessW failed error:2 posix_spawn:

As far as I can tell, there currently isn't a straightforward way to use password authentication for connecting to hosts where the host key changes frequently. I realize this is a fairly niche use case, but when developing software for devices that often get reimaged (resulting in a host key change), it can get pretty tedious to attempt to connect, get a warning, remove the old host key via

On 13/04/18 07:59, Josh Soref wrote: > Randall S. Becker <rsbecker at nexbridge.com> wrote: > >> -REGRESSTMP = "$(PWD)/regress" >> +REGRESSTMP = `pwd` >> >> ? tests interop-tests t-exec unit: regress-prep regress-binaries >> $(TARGETS) >> > It looks like the problem...

Has anyone checked to make sure that this won't upset sshguard? [1] Offhand, it looks like it will [2][3]. [1] https://www.sshguard.net/ [2] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9 [3]

>>> TL;DR: please try the patch out and report if it causes "Did not receive >>> identification string" log messages. I believe it does not. Aw crap. My homegrown anti-dos tool for ssh looks for either DNRIS or if logging is verbose enough a connection that didn't result in a login. I give the attacker a few tries and whitelist any successful candidate so I

On Jan 24 03:47, Malcolm wrote: > Quoting Chris High <highc at us.ibm.com>: > > > caught my eye. Do you see any 'advantage' to using sftp with an untrusted > > server? If so, any thoughts about making an easy way to disable scp both > > client and server side when doing an installation? > > SFTP allows file resume, while scp does not. If this