similar to: Why do I *still* need RSA?

Using OpenSSH 2.3.1 client and OpenSSL 0.9.6a When trying to ssh to OpenSSH server of higher versions SSH-1.99-OpenSSH_2.5.2p2 or such, I see error in RSA key exchange: RSA_verify(..)routine. I see: error at:int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; unsigned char *p,*s;

I remember a discussion to the effect that using DSA keys in sshd increases the requirement for random bits available on the system... and that this requirement (was it a 128 bit random number per connection?) presents security problems on systems that don't have a decent source of entropy? Am I misinterpreting those discussions? We are having a problem deploying sshd (no prngd) where sshd

summary: I have a situation in which a private RSA key has been corrupted, but it's still possible to log into a SSH server using that file. This is with OpenSSH 3.6.1p2 Debian. I have a SSH public/private key pair generated with "ssh-keygen -t rsa". I can use the private key to successfully log into a SSH server which has the public key in it's the authorized_keys file. I

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

http://bass.directhit.com/openssh_snap/ Starting tonight I plan on tracking changes very closely with the OpenBSD tree. I need people to test the latest snapshot (9/14 at of right now) and report success or failure on compiling. I am starting this now because we are looking at a code freeze soon and I really want to ensure it compiles and runs on all existing platforms. So we (the portable

Hello, >From the response to my original post regarding openssh, obviously the only way to resolve the problem of getting openssh to work properly under Solaris 8 with openssl 0.9.6b was to compile with debugging an analyze to core file. Let me state that I am not a developer, but maybe the following will help. I have compiled both openssh2.96p2 and openssl 0.9.6b with debugging using the Sun

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced: