search for: sshsig

...ons that can't support sha512 from signing messages. An example of this is TPMs which mostly only really supports sha256 widely. This change enables `ssh-keygen -Y sign` to honor the `hashalg` option for the signing algorithm. Signed-off-by: Morten Linderud <morten at linderud.pw> --- sshsig.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/sshsig.c b/sshsig.c index 470b286a3..033b43353 100644 --- a/sshsig.c +++ b/sshsig.c @@ -190,8 +190,14 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg, } /* If using RSA keys then default to a good sig...

...sages. > > An example of this is TPMs which mostly only really supports sha256 > widely. > > This change enables `ssh-keygen -Y sign` to honor the `hashalg` option > for the signing algorithm. > > Signed-off-by: Morten Linderud <morten at linderud.pw> > --- > sshsig.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > > diff --git a/sshsig.c b/sshsig.c > index 470b286a3..033b43353 100644 > --- a/sshsig.c > +++ b/sshsig.c > @@ -190,8 +190,14 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg, > } > >...

...TPMs which mostly only really supports sha256 > > widely. > > > > This change enables `ssh-keygen -Y sign` to honor the `hashalg` option > > for the signing algorithm. > > > > Signed-off-by: Morten Linderud <morten at linderud.pw> > > --- > > sshsig.c | 10 ++++++++-- > > 1 file changed, 8 insertions(+), 2 deletions(-) > > > > diff --git a/sshsig.c b/sshsig.c > > index 470b286a3..033b43353 100644 > > --- a/sshsig.c > > +++ b/sshsig.c > > @@ -190,8 +190,14 @@ sshsig_wrap_sign(struct sshkey *key, const...

...ha256 > > > widely. > > > > > > This change enables `ssh-keygen -Y sign` to honor the `hashalg` option > > > for the signing algorithm. > > > > > > Signed-off-by: Morten Linderud <morten at linderud.pw> > > > --- > > > sshsig.c | 10 ++++++++-- > > > 1 file changed, 8 insertions(+), 2 deletions(-) > > > > > > diff --git a/sshsig.c b/sshsig.c > > > index 470b286a3..033b43353 100644 > > > --- a/sshsig.c > > > +++ b/sshsig.c > > > @@ -190,8 +190,14 @@ sshsig_w...

...this is TPMs which mostly only really supports sha256 >> widely. >> >> This change enables `ssh-keygen -Y sign` to honor the `hashalg` option >> for the signing algorithm. >> >> Signed-off-by: Morten Linderud <morten at linderud.pw> >> --- >> sshsig.c | 10 ++++++++-- >> 1 file changed, 8 insertions(+), 2 deletions(-) >> >> diff --git a/sshsig.c b/sshsig.c >> index 470b286a3..033b43353 100644 >> --- a/sshsig.c >> +++ b/sshsig.c >> @@ -190,8 +190,14 @@ sshsig_wrap_sign(struct sshkey *key, const char *ha...

...rm -f regress/sk-ssh-ed25519 at openssh.com* + rm -f regress/ssh-ed25519* + rm -f regress/ssh_output + rm -f regress/ssh_proxy.bak + rm -f regress/sshd-log-wrapper.sh + rm -f regress/sshd_config_minimal + rm -f regress/sshd_proxy_host_* + rm -f regress/sshsig-agent-sk-ssh-ed25519 at openssh.com* + rm -f regress/sshsig-agent-ssh-ed25519* + rm -f regress/sshsig-sk-ssh-ed25519 at openssh.com* + rm -f regress/sshsig-ssh-ed25519* + rm -f regress/user_* + rm -f regress/wrong-key* + rm -f regress/*agent*.pub + rm -f re...

...table OpenSSH Version: 10.0p2 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5 Component: Documentation Assignee: unassigned-bugs at mindrot.org Reporter: ngraves at ngraves.fr The SSHSIG protocol states that "The base64 encoded blob SHOULD be broken up by newlines every 76 characters." [1] However, it seems that it's in practise broken up each 70 characters in a signature generated with ssh-keygen. It's also quite clear in the code that it's 70 characters a...

...details *sig_details = NULL; uint64_t verify_time = 0; + size_t i; if (sig_process_opts(opts, nopts, NULL, &verify_time, &print_pubkey) != 0) @@ -2850,9 +2855,23 @@ sig_verify(const char *signature, const char *sig_namespace, } } - if (allowed_keys != NULL && (r = sshsig_check_allowed_keys(allowed_keys, - sign_key, principal, sig_namespace, verify_time)) != 0) { - debug3_fr(r, "sshsig_check_allowed_keys"); + for (i = 0; i < nallowed_keys; i++) { + if ((r = sshsig_check_allowed_keys(allowed_keys[i], sign_key, + principal, sig_namespace, verif...

Hello, I'm currently evaluating using `ssh-keygen -Y verify` to check OS artifacts (e.g. packages) and I noticed that the `-f allowed_signers_file` option can be passed only once. A side remark: technically it can be passed multiple times without a warning but the last invocation overrides all previous ones. Tested using: $ ssh-keygen -Y verify -f allowed_signers -f /dev/null -n file -s

...s/certs. However, based on my understanding it should be possible to use "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" for "sk-ecdsa-sha2-nistp256 at openssh.com" keys (there is an example of this here: https://github.com/openssh/openssh-portable/blob/master/regress/unittests/sshsig/webauthn.html). Perhaps I'm missing something here, it would be great if someone could clarify the current state of webauthn support in general. Many thanks! -- You are receiving this mail because: You are watching the assignee of the bug.

...e | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 213041656..c9d4166a7 100644 --- a/.gitignore +++ b/.gitignore @@ -29,6 +29,8 @@ ssh-keysign ssh-pkcs11-helper ssh-sk-helper sshd +sshd-session +sshd-auth !regress/misc/fuzz-harness/Makefile !regress/unittests/sshsig/Makefile tags -- 2.45.2

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

...challenges for FIDO/U2F keys. When signing messages in ssh-agent using a FIDO key that has an application string that does not start with "ssh:", ensure that the message being signed is one of the forms expected for the SSH protocol (currently public key authentication and sshsig signatures). This prevents ssh-agent forwarding on a host that has FIDO keys attached granting the ability for the remote side to sign challenges for web authentication using those keys too. Note that the converse case of web browsers signing SSH challenges is already precluded bec...

...challenges for FIDO/U2F keys. When signing messages in ssh-agent using a FIDO key that has an application string that does not start with "ssh:", ensure that the message being signed is one of the forms expected for the SSH protocol (currently public key authentication and sshsig signatures). This prevents ssh-agent forwarding on a host that has FIDO keys attached granting the ability for the remote side to sign challenges for web authentication using those keys too. Note that the converse case of web browsers signing SSH challenges is already precluded bec...

On Mon, 21 Sep 2020 at 09:53, Hisashi T Fujinaka <htodd at twofifty.com> wrote: > OK, NetBSD-current amd64, NetBSD-9-amd64, and NetBSD-9-i386 all pass all > tests. MacOS, well, I always try it but it has problems. What's the problem on OS X? We test on it regularly (El Capitan and High Sierra) and the only problem I'm aware of is that the native libcrypto on High Sierra is

...e9612 100644 --- a/Makefile.in +++ b/Makefile.in @@ -136,7 +136,7 @@ SCP_OBJS= scp.o progressmeter.o SSHADD_OBJS= ssh-add.o $(SKOBJS) -SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o $(SKOBJS) +SSHAGENT_OBJS= ssh-agent.o ssh-pkcs11-client.o ssh-engine.o $(SKOBJS) SSHKEYGEN_OBJS= ssh-keygen.o sshsig.o $(SKOBJS) diff --git a/authfd.c b/authfd.c index 05fd45401..7cd22044e 100644 --- a/authfd.c +++ b/authfd.c @@ -569,6 +569,52 @@ ssh_remove_identity(int sock, struct sshkey *key) return r; } +/* + * Add an engine based identity + */ +int +ssh_add_engine_key(int sock, const char *file, const...

...y_check_revoked(struct sshkey *key, const char *revoked_keys_file); diff --git a/regress/Makefile b/regress/Makefile index 62794d25fc42..ae6f4dd09edc 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -92,7 +92,8 @@ LTESTS= ?? ?connect \ ??? ??? ?allow-deny-users \ ??? ??? ?authinfo \ ??? ??? ?sshsig \ -?? ??? ?keygen-comment +?? ??? ?keygen-comment \ +??????? keygen-private-information ? ? ?INTEROP_TESTS=?? ?putty-transfer putty-ciphers putty-kex conch-ciphers diff --git a/regress/keygen-private-information.sh b/regress/keygen-private-information.sh new file mode 100644 index 000000000000..a99...

Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.