Displaying 14 results from an estimated 14 matches for "ssh_sk_provid".
Did you mean:
ssh_sk_provider
2024 Jul 04
1
Apple's SSH x OpenSSH (brew) x CTK x Security Key types
...heory.
???
2) ssh-keychain.dylib now exposes EC keys in CTK as Security Keys (w00t?)
quoting from man:
"By default, all valid (RSA for PKCS#11 and ecdsa256 for Secure Key module) identities from all SmartCards and persistent tokens currently available in the system are provided."
export SSH_SK_PROVIDER=/usr/lib/ssh-keychain.dylib
ssh-keygen -K
ssh -i ecdsa_sk_rk user at example.com <mailto:user at example.com>
and you get logged in with an ECDSA key in the PIV applet (but see point 4 below)
What Apple has implemented here is pretty... weird.
They implemented SK emulation (that doesn?t su...
2024 Apr 22
0
OpenSSH 9.6 client is stuck
...0.0.0.2 "/usr/sbin/dmidecode -s
system-product-name"
On the client side (working):
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 10.0.0.6 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.0.0.6 [10.0.0.6] port 1022.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection establis...
2019 Nov 01
10
U2F support in OpenSSH HEAD
...erefore likely
to get confused if you happen to have more than one token attached to
your machine.
libfido2 includes support for OpenBSD, Linux, OS X and Windows (though
I expect more work will be needed on the OpenSSH side for to get Windows
going).
3. Generate a key.
The OpenSSH tools use the $SSH_SK_PROVIDER environment variable to
point to the middleware, though all tools that support security keys
accept dedicated command-line or configuration options (e.g. ssh_config
SecurityKeyProvider). This provider needs to be available for key
generation and signing (e.g. pubkey authentication) operations.
$...
2020 Jan 10
4
u2f / libfido2 version
Hi,
So I finally have time to test the u2f support
but so far I haven't been very successful,
Specifically, current HEAD has
SSH_SK_VERSION_MAJOR 0x00040000
and I can't seem to find a matching libfido2 version,
current HEAD of Yubico/libfido2 is 0x00020000
Is there a more up to date libfido2
or a particular commit of openssh-portable
I should be using?
thanks
Sean
2024 Jan 10
1
[Bug 3653] New: ConnectTimeout causes issue when connecting to an host via tsocks
...ebug1: /home/ago/.ssh/config line 1: Applying options for *
debug3: kex names ok:
[curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256]
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 10.10.0.2 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve;
disabling
debug1: auto-mux: Trying existing master at
'/home/ago/.ssh/socket-root at 10.10.0.2:22'
debug1: Control socket "/home/ago/.ssh/socket-root at 10.10.0.2:22" does
not exist
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
de...
2020 May 21
9
[Bug 3168] New: libssh.a(utf8.o): undefined reference to symbol 'strcasestr@@GLIBC_2.17'
https://bugzilla.mindrot.org/show_bug.cgi?id=3168
Bug ID: 3168
Summary: libssh.a(utf8.o): undefined reference to symbol
'strcasestr@@GLIBC_2.17'
Product: Portable OpenSSH
Version: 8.2p1
Hardware: ARM64
OS: Linux
Status: NEW
Severity: critical
Priority: P5
2020 Feb 05
19
Call for testing: OpenSSH 8.2
Hi,
OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a feature release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2024 May 16
2
[Bug 3691] New: Connection to localhost succeeds with disabled MAC
...work.
This is what I am observing with debug output enabled:
----
bsradmin at bsr-6e96de3484:~$ ssh -vv -oPubKeyAuthentication=no -m
hmac-sha1 bsradmin at localhost echo
OpenSSH_9.7p1, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve;
disabling
debug2: resolving "localhost" port 22
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /home/bsradmin/.ssh/id_rsa type -1
debug1: identity file /home/bsradmin/.ssh/id_rsa-cert type -1
debug1: identity file /h...
2020 Feb 14
2
Announce: OpenSSH 8.2 released
...be attached when the key is used.
FIDO tokens are most commonly connected via USB but may be attached
via other means such as Bluetooth or NFC. In OpenSSH, communication
with the token is managed via a middleware library, specified by the
SecurityKeyProvider directive in ssh/sshd_config(5) or the
$SSH_SK_PROVIDER environment variable for ssh-keygen(1) and
ssh-add(1). The API for this middleware is documented in the sk-api.h
and PROTOCOL.u2f files in the source distribution.
OpenSSH includes a middleware ("SecurityKeyProvider=internal") with
support for USB tokens. It is automatically enabled in...
2020 Feb 14
2
Announce: OpenSSH 8.2 released
...be attached when the key is used.
FIDO tokens are most commonly connected via USB but may be attached
via other means such as Bluetooth or NFC. In OpenSSH, communication
with the token is managed via a middleware library, specified by the
SecurityKeyProvider directive in ssh/sshd_config(5) or the
$SSH_SK_PROVIDER environment variable for ssh-keygen(1) and
ssh-add(1). The API for this middleware is documented in the sk-api.h
and PROTOCOL.u2f files in the source distribution.
OpenSSH includes a middleware ("SecurityKeyProvider=internal") with
support for USB tokens. It is automatically enabled in...
2020 Feb 14
2
Announce: OpenSSH 8.2 released
...be attached when the key is used.
FIDO tokens are most commonly connected via USB but may be attached
via other means such as Bluetooth or NFC. In OpenSSH, communication
with the token is managed via a middleware library, specified by the
SecurityKeyProvider directive in ssh/sshd_config(5) or the
$SSH_SK_PROVIDER environment variable for ssh-keygen(1) and
ssh-add(1). The API for this middleware is documented in the sk-api.h
and PROTOCOL.u2f files in the source distribution.
OpenSSH includes a middleware ("SecurityKeyProvider=internal") with
support for USB tokens. It is automatically enabled in...
2024 Jun 18
7
Call for testing: openssh-9.8
Hi,
OpenSSH 9.8p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...vider = NULL, *opensslengine = NULL;
int r, i, ch, deleting = 0, ret = 0, key_only = 0, do_download = 0;
int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
@@ -653,7 +679,7 @@ main(int argc, char **argv)
skprovider = getenv("SSH_SK_PROVIDER");
- while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:M:m:qs:S:t:")) != -1) {
+ while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:M:m:qs:S:t:o:")) != -1) {
switch (ch) {
case 'v':
if (log_level == SYSLOG_LEVEL_INFO)
@@ -732,6 +758,9 @@ main(int argc, char...
2023 Oct 10
17
[Bug 3627] New: openssh 9.4p1 does not see RSA keys in know_hosts file.
...; user_lamborghini ~/.ssh: > ssh -v user at 10.106.101.142
OpenSSH_9.4p1, OpenSSL 3.1.2 1 Aug 2023
debug1: Reading configuration data /export/home/user/.ssh/config
debug1: Reading configuration data
/usr/local/tools/openssh/openssh_9.4.3.1.2/openssh/etc/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve;
disabling
debug1: Connecting to 10.106.101.142 [10.106.101.142] port 22.
debug1: Connection established.
debug1: identity file /export/home/user/.ssh/id_rsa type -1
debug1: identity file /export/home/user/.ssh/id_rsa-cert type -1
debug1: identity file /export/home/user/.ssh/id_ec...