search for: twofish

...ndering what the general consensus is within the community regarding the issue. I have come across a couple different plug ins/gems (Stringbox, EzCrypto), but am wondering what other people are using. I like the idea of using Symmetric-key cryptography (and in particular, I would like to be using Twofish), and then probably encrypting the random password and IV for each encryption using a public key scheme. I guess I am wondering what other people''s response to such an approach is, and whether or not there are suggestions for other approaches. My main concern with the approach noted abov...

...ing compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.3.0p1 debug: Seeding random number generator debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug...

I see that: SSH uses the following ciphers for encryption: Cipher SSH1 SSH2 DES yes no 3DES yes yes IDEA yes no Blowfish yes yes Twofish no yes Arcfour no yes Cast128-cbc no yes Two ques re: sshd: 1) Using openssh, how do I configure which set of ciphers to use from above set for SSH1 and SSH2 ? Does "yes" above mean must or an option (configurable)? 2) Does S...

Is the host_aliases parameter to sshkey new in 0.25? Jun 1 15:28:48 s_sys@ext3.fr.xxx.com puppetd[20358]: Could not retrieve catalog: Invalid parameter ''host_aliases'' for type ''Sshkey'' at /etc/puppet/manifests/nodes/fr.twofish.com/ext3.pp:19 on node ext3.fr.xxx.com Jun 1 15:28:48 s_sys@ext3.fr.xxx.com puppetd[20358]: Not using cache on failed catalog The docs at http://docs.puppetlabs.com/references/latest/type.html doesn''t say this. In fact there''s no mention whatsoever (except for ''latest...

...00-1000KB/s still below what it should be but substantially better. Performing similar transfers in the other direction, using the VShell sftp server and sftp clients on the other boxes, the transfer rate is in the order of 3000-4000KB/s. These are all modern boxes that should beable to do AES-256/Twofish at more than adequate rates to sustain the transfer, so the only thing I can think of that would be causing the problem would be some bug in the OpenSSH sftp server. Any thoughts? Thanks -John

...g compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH-2.1 debug: Sending KEX init. debug: Seeding random number generator debug: done debug: got kexinit string: diffie-hellman-group1-sha1 debug: got kexinit string: ssh-dss debug: got kexinit string: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit string: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit string: hmac-md5,md5-8,none debug: got kexinit string: hmac-md5,md5-8,none debug: got kexinit string: none,zlib debug: got kexinit string: none,zlib debug: got kexinit string: debug: got k...

From RHEL docs: "The default implementation of LUKS in Red Hat Enterprise Linux is AES 128 with a SHA256 hashing. Ciphers that are available are: AES - Advanced Encryption Standard - FIPS PUB 197 Twofish (A 128-bit Block Cipher) Serpent cast5 - RFC 2144 cast6 - RFC 2612" My question is: What will be the performance impact on my Celeron 1.73 GHz CPU and/or hdd speed? -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the...

...are version 2.2.0 SSH Secure Shell Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.1.1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: d...

...2030. For protection beyond 2030, or for the paranoid, larger keysizes are recommended. Other recommendations (e.g., those of ECRYPT) vary in how long 112/2048-bit encryption should last. With that in mind ... how can i encrypt my 4096-bit SSH RSA keypair with something like AES-128, AES-256, or Twofish instead of 3DES and still use it with OpenSSH? Can ssh-add read (unencrypted) key data from stdin? ____________________ [1] http://csrc.nist.gov/groups/ST/toolkit/key_management.html [2] http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-57Part1_3-8-07.pdf -- jim knoble | jmknoble at pobo...

...2.2.0 SSH Secure Shell for Windows Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-1.99-OpenSSH_2.1.1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug: got kexinit: hmac-md5,hmac-sha1 debug: got kexinit: hmac-md5,hmac-sha1 debug: got kexinit: zlib debug: got kexinit: zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 1 debug: reserved: 0 debug:...

...g2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-dss,ssh-rsa debug2: kex_parse_kexinit: aes128-cbc,aes192-cbc,aes256-cbc,twofish-cbc,blowfish-cbc,3des-cbc,arcfour debug2: kex_parse_kexinit: aes128-cbc,aes192-cbc,aes256-cbc,twofish-cbc,blowfish-cbc,3des-cbc,arcfour debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kex...

...cal version string SSH-2.0-OpenSSH_2.5.2p2 > > debug1: send KEXINIT > > debug1: done > > debug1: wait KEXINIT > > debug1: got kexinit: diffie-hellman-group1-sha1 > > debug1: got kexinit: ssh-dss > > debug1: got kexinit: > > 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none > > debug1: got kexinit: > > 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none > > debug1: got kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none > > debug1: got kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none > > debug1: got...

...rse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-dss debug2: kex_parse_kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug2: kex_parse_kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug2: kex_parse_kexinit: hmac-md5,hmac-sha1 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:...

So, I noticed that when adding a service to puppet, puppet is running a chkconfig <service>. However, as far as I can tell, puppet should be running a chkconfig --add <service>, otherwise the symlinks don''t get created from the service in /etc/rc.d/rc6.d back to the service in /etc/init.d. As as a result, the service is not stopped on shut down. I must be missing something

...afellows: 2.0.13 (non-commercial) Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.2.0p1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug...

...kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-dss debug2: kex_parse_kexinit: aes256-cbc,twofish-cbc,blowfish-cbc,3des- cbc,arcfour,cast128-cbc debug2: kex_parse_kexinit: aes256-cbc,twofish-cbc,blowfish-cbc,3des- cbc,arcfour,cast128-cbc debug2: kex_parse_kexinit: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96 debug2: kex_parse...

...: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: 3des-cbc,blowfish-cbc,aes128-cbc,rijndael128-cbc,aes192-cbc,rijndael192-cb c,aes256-cbc,rijndael256-cbc,cast128-cbc,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-cbc,ser pent128-cbc,serpent192-cbc,serpent256-cbc,arcfour debug2: kex_parse_kexinit: 3des-cbc,blowfish-cbc,aes128-cbc,rijndael128-cbc,aes192-cbc,rijndael192-cb c,aes256-cbc,rijndael256-cbc,cast128-cbc,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-...

...ing compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.2.0p1 debug: Seeding random number generator debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: hmac-md5,md5-8,none debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug...

I must be missing the point here somehow. From my simple mind I think that two things would be needed - first a mod, e.g., mod_sshd, or better an addition to mod_auth and mod_proxy so that a URL could be used to initiate contact to an sshd server elsewhere. The mod_auth part could/should be used to verity the credentials to used - basically setting up the VPN between ssh and httpd as ssh; the

...https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/wink/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 I went to http://releases.llvm.org/download.html and downloaded llvm-8.0.0: http://releases.llvm.org/8.0.0/llvm-8.0.0.src.tar.xz http://releases.llvm.or...