search for: sshkeygen

...0000..152278b --- /dev/null +++ b/regress/ssh-cert.sh @@ -0,0 +1,136 @@ +# $OpenBSD: multicert.sh,v 1.1 2014/12/22 08:06:03 djm Exp $ +# Placed in the Public Domain. + +tid="ssh with certificates" + +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* + +# Create a CA key +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\ + fatal "ssh-keygen failed" + +# Make some keys and certificates. +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 ||...

...sh-9.6p1.drv-0/openssh-9.6p1/regress/ssh-rsa already exists. > Overwrite (y/n)? ssh-keygen for ssh-rsa failed The regression tests do this to regenerate the keys if either the keygen binary has changed: for t in ${SSH_KEYTYPES}; do # generate user key if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then trace "generating key type $t" rm -f $OBJ/$t ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ fail "ssh-keygen for $t failed" Given that the first couple of key types succeeded,...

...her things you just reported) > after the release is done. Release is out with this regression. Is there any progress on this? The simplest thing how to reproduce is by extending the agent-pkcs11 regress testsuite with the following line, which previously worked fine, but now asks for a pin: ${SSHKEYGEN} -D ${TEST_SSH_PKCS11} Is this on a radar or should I create a new bug? I am using keys from PKCS#11 all the time and this prevents me from updating to the newer version. Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc.

...retrieving revision 1.1 diff -u -r1.1 runtests.sh --- regress/runtests.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/runtests.sh 22 Jul 2002 12:33:42 -0000 @@ -1,13 +1,45 @@ #!/bin/sh -TEST_SSH_SSH=../ssh -TEST_SSH_SSHD=../sshd -TEST_SSH_SSHAGENT=../ssh-agent -TEST_SSH_SSHADD=../ssh-add -TEST_SSH_SSHKEYGEN=../ssh-keygen -TEST_SSH_SSHKEYSCAN=../ssh-keyscan -TEST_SSH_SFTP=../sftp -TEST_SSH_SFTPSERVER=../sftp-server +pwd=`pwd` +bindir=`dirname $pwd` +PATH="$bindir:$PATH" +export PATH -pmake +TEST_SSH_TRACE=no # Enable for more detail in test +TEST_SSH_QUIET=no # Suppress status output +expor...

Hi Le 17/04/2020 ? 05:52, Damien Miller a ?crit?: > On Wed, 15 Apr 2020, Lo?c wrote: > >> Hello, >> >> In one recent change >> (https://anongit.mindrot.org/openssh.git/commit/?id=2b13d3934d5803703c04803ca3a93078ecb5b715), >> I noticed a regression. >> >> If ssh-keygen is given a private file without passphrase and without the >> corresponding

...ot; = "PEM" ]; then +?? ??? ?# For PEM format, passphrase is not detected yet, should be fixed in ssh-keygen +?? ??? ?echo "no passphrase" >> $exp +?? ?else +?? ??? ?cat >> $exp << EOF +cipher: aes256-ctr +kdf: bcrypt +rounds: $rounds +EOF +?? ?fi + +?? ?if ! ${SSHKEYGEN} -yv -P "${secret}" -f $file > $OBJ/$t-pub ; then +?? ??? ?fail "ssh-keygen -y failed for $t-key" +?? ?fi +?? ?if ! sed '1 s/[^ ]* [^ ]* \?//' $OBJ/$t-pub > $OBJ/$t-tmp ; then +?? ??? ?fail "sed failed for $t-key" +?? ?fi +?? ?if ! cmp $OBJ/$t-tmp $exp &g...

...d. As a result, when this command is run on a solaris box that has arp entries in its cache that it cannot resolve -- either via a local nameserver or a remote one -- then this command hangs, for a very, very long time. Some results of this hang are: - sshd will take 10+ minutes to start on boot - sshkeygen commands progres very, very slowly This situation arose when I had a Solaris box installed in a private 10.x network, running named locally with itself as the only DNS server in /etc/resolv.conf. However, the box was sitting on a LAN with other boxes in a subnet outside of the range that the Sola...

On Fri, 2019-03-29 at 12:29 +0100, Jakub Jelen wrote: > On Wed, 2019-03-27 at 22:00 +1100, Damien Miller wrote: > > Hi, > > > > OpenSSH 8.0p1 is almost ready for release, so we would appreciate > > testing > > on as many platforms and systems as possible. > > > > Snapshot releases for portable OpenSSH are available from > >

Hi, Today I fiddled around a bit with my OpenSSH public key files, and I noticed that ssh-keygen prints most non-printable characters in the comment as-is when showing the fingerprint of a key. This can lead to confusing output on the terminal when the comment contains ANSI escape characters which are interpreted by the terminal. The attached public key file serves as an example, which, when

Hi OpenSSH, I'm working on updating Guix's openssh package definition to the latest release. So far, I have only changed the version (and checksum) and left the build/test/install recipe the same. However, the test suite now fails. I could use some pointers to find out what exactly is going wrong with the failing test or how to fix it. I'm happy to provide more information about

...ESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + +tests: $(TARGETS) + BUILDDIR=`pwd`; \ + TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ + TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ + TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ + TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \ + TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \ + TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ + TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ + TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ + cd $(srcdir)/regress || exit $$?; \ + $(MAKE) \ + .OBJDIR="$${BUILDDIR}" \...

...BJ=/opt/SSH/openssh-3.9p1/regress + [ x/opt/SSH/openssh-3.9p1/regress = x ] + [ ! -d /opt/SSH/openssh-3.9p1/regress ] SCRIPT=multiplex.sh + [ xmultiplex.sh = x ] + [ ! -f multiplex.sh ] + /bin/sh -n multiplex.sh + true + unset SSH_AUTH_SOCK SSH=ssh SSHD=sshd SSHAGENT=ssh-agent SSHADD=ssh-add SSHKEYGEN=ssh-keygen SSHKEYSCAN=ssh-keyscan SFTP=sftp SFTPSERVER=/usr/libexec/openssh/sftp-server SCP=scp + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + which sshd SSHD=/opt/SSH/openssh-3.9p1/regress/../sshd + export SSH SSHD S...

...e + unset SSH_AUTH_SOCK + dirname /tmp/autopkgtest-virt-lxc.shared.hhquaatj/downtmp/autopkgtest_tmp/user/tree/regress/forwarding.sh + SRC=/tmp/autopkgtest-virt-lxc.shared.hhquaatj/downtmp/autopkgtest_tmp/user/tree/regress + SSH=ssh + SSHD=sshd + SSHAGENT=ssh-agent + SSHADD=ssh-add + SSHKEYGEN=ssh-keygen + SSHKEYSCAN=ssh-keyscan + SFTP=sftp + SFTPSERVER=/usr/libexec/openssh/sftp-server + SCP=scp + PLINK=plink + PUTTYGEN=puttygen + CONCH=conch + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x != x ] + [ x/usr/lib/openssh/sftp...

Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.