search for: ssh_err_system_error

...-sshkey_load_private(const char *filename, const char *passphrase, - struct sshkey **keyp, char **commentp) -{ - struct sshbuf *buffer = NULL; - int r, fd; - - if (keyp != NULL) - *keyp = NULL; - if (commentp != NULL) - *commentp = NULL; - - if ((fd = open(filename, O_RDONLY)) == -1) - return SSH_ERR_SYSTEM_ERROR; - if (sshkey_perm_ok(fd, filename) != 0) { - r = SSH_ERR_KEY_BAD_PERMISSIONS; - goto out; - } - - if ((buffer = sshbuf_new()) == NULL) { - r = SSH_ERR_ALLOC_FAIL; - goto out; - } - if ((r = sshkey_load_file(fd, buffer)) != 0 || - (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp,...

...uot; > ASSERT_INT_EQ(sshkey_load_public( test_data_file(expected[i].key_file), > &expected[i].l.key, NULL), 0) failed: > sshkey_load_public( test_data_file(expected[i].key_file), &expected[i].l.key, > NULL) = -24 I need to make these error messages more user-friendly :( -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the key for some reason. I'll make a patch to improve the error message, but in the meantime you could probably figure out the exact failure using ktrace/ktruss/strace and/or digging errno out of the core file. -d

On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote: > > I need to make these error messages more user-friendly :( > > > > -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the > > key for some reason. I'll make a patch to improve the error message, > > but in the meantime you could probably figure out the exact failure > > using ktrace/ktruss/strace and/or digging errno out of the core file. > > Do...

...ng_write(0x4, 0xa87070ae0, 0x50, 0xffff80dc43363680, 0x8, 0x101010101010101) write(4, "1F {\004DB e iAC9399FA 8".., 80) Err#32 EPIPE Received signal #13, SIGPIPE [ignored] <- roaming_write() = -1 <- ssh_packet_write_poll() = 0xffffffe8 (SSH_ERR_SYSTEM_ERROR) -> sshbuf_len(0xa86ffc5d0, 0xa87070ae0, 0x20, 0x0, 0x8, 0x101010101010101) <- sshbuf_len() = 80 -> __addvdi3(0x4, 0x1, 0x50, 0xf00, 0x8, 0x101010101010101) <- __addvdi3() = 5 -> __addvdi3(0x4, 0x1, 0x10, 0x4, 0x8, 0x101010101010101) &...

On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote: > And in another "oh duh" moment, I think this dumped core on two different > machines and I sent you the bt from the wrong machine. Here's the one > from NetBSD-7. > > #0 0x00007f7ff630e55a in _lwp_kill () from /usr/lib/libc.so.12 > (gdb) bt > #0 0x00007f7ff630e55a in _lwp_kill () from /usr/lib/libc.so.12 >

https://bugzilla.mindrot.org/show_bug.cgi?id=3068 Bug ID: 3068 Summary: Duplicate code in sshkey_load_private() function Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Windows 10 Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

...124,6 +124,8 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, ??? ??? ?*keyp = NULL; ??? ?if (commentp != NULL) ??? ??? ?*commentp = NULL; +?? ?if (vault_infop != NULL) +?? ??? ?*vault_infop = NULL; ? ??? ?if ((fd = open(filename, O_RDONLY)) == -1) ??? ??? ?return SSH_ERR_SYSTEM_ERROR; @@ -132,7 +134,7 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, ??? ?if (r != 0) ??? ??? ?goto out; ? -?? ?r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); +?? ?r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp, vault_in...

...] ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_DEBUG1; if (options.host_key_files[i] == NULL) continue; if ((r = sshkey_load_private(options.host_key_files[i], "", &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) do_log2(ll, "Unable to load host key \"%s\": %s", options.host_key_files[i], ssh_err(r)); ... By default, an empty string is used as the password for reading the hostkey. When the hostkey is stolen, the third party can disguis...

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

...+180,49 @@ delete_all(int agent_fd) } static int +add_certificate_only(int agent_fd, const char *filename) +{ + struct sshkey *cert = NULL; + char *comment = NULL; + int r, ret = -1; + + /* Load certificate */ + if ((r = sshkey_load_public(filename, &cert, &comment)) != 0) { + if (r != SSH_ERR_SYSTEM_ERROR || errno != ENOENT) + error("Failed to load certificate \"%s\": %s", + filename, ssh_err(r)); + goto out; + } + if (!sshkey_is_cert(cert)) { + error("Not a certificate: %s", filename); + goto out; + } + + /* Add empty private key fields for serializat...

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a