similar to: [Bug 1782] New: Match support for HostbasedUsesNameFromPacketOnly

If HostbasedUsesNameFromPacketOnly is set to yes, sshd does not remove the trailing dot from the client supplied hostname, causing sshd to attempt to look up "foo.example.com." (note trailing period) in known_hosts and .shosts instead of "foo.example.com" Trivial patch attached. -- Carson -------------- next part -------------- An embedded and charset-unspecified text was

https://bugzilla.mindrot.org/show_bug.cgi?id=1764 Summary: Allow AuthorizedKeysFile in Match Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: djm at

https://bugzilla.mindrot.org/show_bug.cgi?id=2211 Bug ID: 2211 Summary: Too many hostbased authentication attempts Product: Portable OpenSSH Version: 6.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hi, I am trying to configure OpenSSH to allow root logins, without success so far. So I could really use some advice. This is my server configuration: AllowUsers = thomas root AuthenticationMethods hostbased,publickey ExposeAuthInfo = no ForceCommand none GSSAPIAuthentication no HostbasedAcceptedAlgorithms ssh-ed25519 HostbasedAuthentication yes HostbasedUsesNameFromPacketOnly yes HostKey

Hello all! I have a problem to group my data (years) in 10 years classes. For example for year year decade 1598 1590-1600 1599 1590-1600 1600 1590-1600 1601 1600-1610 --- my is like this> [1] 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 [16] 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 [31] 1628 1629 1630 1631 1632 1633

https://bugzilla.mindrot.org/show_bug.cgi?id=1569 Summary: Hostbased auth fails when using a proxy command Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

I'm attaching a simple doc patch against current CVS - feel free to re-word it as you see fit. I also noticed that if UseDNS is no, HostbasedUsesNameFromPacketOnly _must_ be yes if you want HostbasedAuthentication to work. -- Carson -------------- next part -------------- --- sshd_config.5.DIST 2003-09-13 02:25:18.365707000 -0400+++ sshd_config.5 2003-09-13 02:46:29.430974000 -0400@@

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hi, On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote: > My ssh_config has > Host * > HostbasedAuthentication yes > EnableSSHKeysign yes > NoHostAuthenticationForLocalhost yes > > NoHostAuthenticationForLocalhost is not necessary. > The one you are missing is EnableSSHKeysign. > > Additionally, you made no mention of your ssh_known_hosts files. Make > sure

The following simple patch (against openssh-3.1) moves the test for a trailing dot in the client-supplied hostname so that it is also stripped when using the server option HostbasedUsesNameFromPacketOnly. Please CC me on any replies, as I'm not subscribed to the list. Cheers, Bill Rugolsky --- ssh/auth2.c~ Sun Feb 24 14:14:59 2002 +++ ssh/auth2.c Wed May 8 16:26:26 2002 @@ -709,15

On Mon, 23 Oct 2023 at 00:43, Thomas K?ller <thomas at koeller.dyndns.org> wrote: > There is a nasty problem when using hostbased authentication: Suggestions: - "host" does DNS lookups, but is your system's nsswitch.conf or equivalent actually configured to use DNS? - have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config? - you could try

https://bugzilla.mindrot.org/show_bug.cgi?id=2505 Bug ID: 2505 Summary: key_load_private_type: unknown or unsupported key type Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2504 Bug ID: 2504 Summary: key_load_private_type: unknown or unsupported key type Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: RESOLVED Severity: minor Priority: P5 Component: ssh Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2057 Bug ID: 2057 Summary: ssh should treat "Received disconnect" messages as errors Classification: Unclassified Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority:

http://bugzilla.mindrot.org/show_bug.cgi?id=376 Summary: HostbasedAuthentication, followed snailbook but not working! :-( Product: Portable OpenSSH Version: -current Platform: UltraSparc URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-

Hi, I'm likely going to release 5.5p1 in the next couple of days, mainly for the AuthorizedKeys bug. If you would like to test on your platform or submit any patches (portability only) then this is your last chance :) -d

https://bugzilla.mindrot.org/show_bug.cgi?id=1745 Summary: Matching @cert-authority entries when using unqualified hostnames Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

Finally all the pieces are in place to allow strong user and host authentication with SSH2 and the latest OpenSSH code (plus my partial auth patch). Herein I describe one problem case, and a possible solution thereof. Target: Allow user logins from host charles to host steve using passwords Previously, you would have had to trust the IP headers to authenticate charles. If charles had a

Dear All, I am trying to use the hostcertificate to do the hostbaed authentication with the steps in the regress/cert-hostkey.sh But it seems that it can not login with the hostcertificate.: Here is debug message from the ssh client : ssh -2 -oUserKnownHostsFile=/opt/ssh/etc/known_hosts-cert \ > -oGlobalKnownHostsFile=/opt/ssh/etc/known_hosts-cert sshia3 -p 1111 -vvv debug1: checking

https://bugzilla.mindrot.org/show_bug.cgi?id=1798 Summary: Add fsync() support to sftp/sftp-server Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org