similar to: [Bug 910] known_hosts port numbers

Hi everyone, I am trying to get Debian bug #668239 [1] resolved, which is concerned with the way paramiko (a SSH implementation in Python) deals with OpenSSH's known_hosts file when non-standard ports are used. Hence, I want to make sure that I correctly understand OpenSSH's behaviour. If this is not a topic for this list, please point me to a more appropriate list. As far as I can

http://bugzilla.mindrot.org/show_bug.cgi?id=549 Summary: Login Delay / Remove unwanted reverse map check Product: Portable OpenSSH Version: 3.5p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=910 Summary: known_hosts port numbers Product: Portable OpenSSH Version: 3.7.1p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: devin.nate at

http://bugzilla.mindrot.org/show_bug.cgi?id=910 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #954 is|0 |1 obsolete| | Attachment #1052 is|0 |1 obsolete|

The Kerberos V support may still fail on hosts with two or more interfaces. Regards Markus -------------- next part -------------- *** auth-krb5.c.orig Mon May 20 11:51:57 2002 --- auth-krb5.c Mon May 20 11:53:34 2002 *************** *** 38,43 **** --- 38,44 ---- #include "servconf.h" #include "uidswap.h" #include "auth.h" + #include "canohost.h"

http://bugzilla.mindrot.org/show_bug.cgi?id=689 Summary: Improper reverse IP lookup Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: berkvist at

Hi, I'm working on some project which is sort of log filter. Last few days I noticed that there are some wacky people scanning sshd port all the time from anywhere. Although sshd reports it with syslog error message which is very helpful, I'd like to know the source ip address with following message: canohost.c: around line #100 if (getaddrinfo(name, NULL, &hints, &aitop) !=

http://bugzilla.mindrot.org/show_bug.cgi?id=910 mindrot at askneil.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mindrot at askneil.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

https://bugzilla.mindrot.org/show_bug.cgi?id=3643 Bug ID: 3643 Summary: order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port Product: Portable OpenSSH Version: 9.5p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

Hi, here's a patch so that ssh also supports hurd-i386. Thanks for incorporating. The patch comes from Robert Bihlmeyer <robbe at orcus.priv.at>. > openssh 2.2.0p1-1.1 does not build on the Hurd. The appended patch > fixes that. Changes in detail: > * PAM is not (yet?) supported, so the PAM dependencies are only put into > the control file on architectures != hurd-i386.

Hi SSH developers, I am wondering if someone could help explain a behavior of sshd. From canohost.c, get_remote_hostname(), it seems sshd will always try to reverse lookup the ip address of any client that attaches to it. The verify_reverse_mapping flag just turns off the forward lookup through DNS of the clients hostname, once the hostname has been determined. I am using Solaris 8 with ssh

Here is a quick patch against openssh-2.5.1p1 to add a new config option (pkalg) for the ssh client allowing the selection of which public keys are obtained/verified. --cut-here- diff -c3 -r orig/openssh-2.5.1p1/key.c openssh-2.5.1p1/key.c *** orig/openssh-2.5.1p1/key.c Mon Feb 5 18:16:28 2001 --- openssh-2.5.1p1/key.c Sun Mar 11 23:10:10 2001 *************** *** 534,539 **** --- 534,567 ----

http://bugzilla.mindrot.org/show_bug.cgi?id=910 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ildefonso_camargo at yahoo.com ------- Comment #42 from dtucker at zip.com.au 2006-06-20 09:32 ------- *** Bug 1198 has been marked

When connecting to a host for which there's no known hostkey, check if the relevant key has been accepted for other hostnames. This is useful when connecting to a host with a dymamic IP address or multiple names. --- auth.c | 4 ++-- hostfile.c | 42 ++++++++++++++++++++++++++++-------------- hostfile.h | 8 ++++++-- sshconnect.c | 39 +++++++++++++++++++++++++++++++++------

Enclosed is a patch against 2.2.0p1 that teaches ssh (and therefore slogin and scp) how to invoke ssh-askpass to request a password, RSA/DSA key passphrase, or an skey challenge response. I've tested this on Linux (i386), for passwords and RSA/DSA key passphrases. I cannot easily test whether the Right Thing will happen for skey challenge responses; I would appreciate it if someone who uses

A short while ago, I looked at using the AllowUsers configuration option in openssh (v3.8p1 , but I believe this to be unchanged in 3.9p1) to restrict access such that only specific remote machines could access specific local accounts. I swiftly discovered that a) specifying wildcarded IP numbers to try to allow a useful IP range was pointless: if I specified AllowUsers joe at

Thanks for your suggestion! It seems to have gone a little further this time, but isn't accepting the key and is failing back on password-based auth. We're double-checking that the public key was correctly configured with the account, and also trying a DSA key to see if it behaves differently. Is there anything you'd suggest we look at or try at this point, and thank you very much

Suppose an SSH server has both RSA and DSA host keys for protocol 2, but I only have the DSA key, and I want to use that. I'm stuck; the OpenSSH client is hard-wired to offer both algorithms in the key exchange, and will select ssh-rsa if it's available (see myproposal.h, KEX_DEFAULT_PK_ALG). Below is a patch adding the client configuration option "PKAlgorithms" for this

I installed ntop on a centos5.2 system (which got all yum updates a few days ago)... # rpm -q ntop rrdtool ntop-3.3.8-1.el5.rf rrdtool-1.2.28-1.el5.rf went through the password configuration when I start it, its erroring. # service ntop start Starting ntop: Processing file /etc/ntop.conf for parameters... Mon Nov 24 23:56:36 2008 NOTE: Interface merge enabled by default Mon

hello, i did some debugging today, here is the weird portion form sshd -d -d -d debug1: userauth-request for user jholland service ssh-connection method hostbased debug1: attempt 1 failures 1 debug2: input_userauth_request: try method hostbased debug1: userauth_hostbased: cuser jholland chost i2-0. pkalg ssh-dss slen 55 debug3: mm_key_allowed entering debug3: mm_request_send entering: type 20