search for: sshkey_write

Displaying 7 results from an estimated 7 matches for "sshkey_write".

2024 Oct 14
2
[RFC] Preferentially TOFU certificate authorities rather than host keys
...+ fprintf(f, "%s ", CA_MARKER); + if (store_hash) { if ((hashed_host = host_hash(lhost, NULL, 0)) == NULL) { error_f("host_hash failed"); @@ -457,7 +460,9 @@ write_host_entry(FILE *f, const char *host, const char *ip, } free(hashed_host); free(lhost); - if ((r = sshkey_write(key, f)) == 0) + if ((cert && (r = sshca_write(key, f)) == 0)) + success = 1; + else if ((r = sshkey_write(key, f) == 0)) success = 1; else error_fr(r, "sshkey_write"); diff --git a/sshconnect.c b/sshconnect.c index 7cf6b6386..72bdc7d1f 100644 --- a/sshconnect.c +++ b/ssh...
2016 Dec 28
2
certificates keys on pkcs11 devices
Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote: > On Sun, 4 Oct 2020, Damien Miller wrote: > > > No - I think you've stumbled on a corner case I hadn't anticipated. > > Does your configuration override CheckHostIP at all? No. > > > > What are the known_hosts entries for the hostname and IP? > > Also, do you use HashKnownHosts? or do
2015 Jan 29
2
[Bug 2345] New: NESTING_INDENT_MISMATCH: missing parenthesis around if body in ssh-keygen.c:724
...id=2538&action=edit patch Our coverity scan on openssh found one defect - body of function in above mentioned line is not in parenthesis so it doesn't do what it is supposed to do or if it does, it is pretty confusing by the indentation. It probably does what it is supposed to do, because sshkey_write probably fails with private key, but I wouldn't rely on it. This problem is there quite long, since 44b25040110a224a79ff371ee548be9a10ba8bfa, Fri Jul 2 13:35:01 2010 For patch (demonstration) see attachment. -- You are receiving this mail because: You are watching the assignee of the bug.
2020 Oct 04
3
UpdateHostkeys now enabled by default
...es for > the IP address as well as the hostname. > > diff --git a/hostfile.c b/hostfile.c > index 3dc9809..9ec9afa 100644 > --- a/hostfile.c > +++ b/hostfile.c > @@ -449,6 +449,9 @@ write_host_entry(FILE *f, const char *host, const char *ip, > else > error("%s: sshkey_write failed: %s", __func__, ssh_err(r)); > fputc('\n', f); > + /* If hashing is enabled, the IP address needs to go on its own line */ > + if (success && store_hash && ip != NULL) > + success = write_host_entry(f, ip, NULL, key, 1); > return success; >...
2013 Mar 22
52
[Bug 2081] New: extend the parameters to the AuthorizedKeysCommand
https://bugzilla.mindrot.org/show_bug.cgi?id=2081 Bug ID: 2081 Summary: extend the parameters to the AuthorizedKeysCommand Classification: Unclassified Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
..."Enter file in which the key is"); ??? ?if (stat(identity_file, &st) == -1) ??? ??? ?fatal("%s: %s", identity_file, strerror(errno)); -?? ?prv = load_identity(identity_file, &comment); +?? ?prv = load_identity(identity_file, &comment, &vault_info); ??? ?if ((r = sshkey_write(prv, stdout)) != 0) ??? ??? ?error("sshkey_write failed: %s", ssh_err(r)); ??? ?sshkey_free(prv); ??? ?if (comment != NULL && *comment != '\0') -?? ??? ?fprintf(stdout, " %s", comment); -?? ?fprintf(stdout, "\n"); +?? ??? ?printf(" %s", commen...