similar to: OpenSSH -> SSH; ssh-agent: reasking for passphrase

Howdy, The string of notices on BugTraq about RSAref being vulnerable to overflows has me concerned. After trying to sort through all the messages, I can't figure out whether I need to update OpenSSL (a check of their website indicates no new patches), OpenSSH, both, or neither. I am aware there is no known exploit for it yet. I could be a bad boy and just run all

I've attached two patches. The first just changes the output of "ssh -V" to print that it was built against rsaref if libRSAglue (which is built as part of openssl only when it is built against rsaref) is present at build-time. The second adds appropriate calls to pam_setcred() in sshd. Without them, our systems can't access AFS because the PAM modules only get tokens at a

Hello. I have been having trouble configuring the source code for the abovementioned. I have to use RSARef as I'm a resident of the USA, so I can avoid patent violation. The configure script fails to see the OpenSSL+RSAref mix on three different platforms, including the following: FreeBSD 4.0-STABLE (Which has its own port, but I wanted to try it there to see if I could reliably reproduce

On Solaris2.6, I have just run into some problems where using the 1.2pre17 scp to another box with either 1.2pre16 or 1.2pre17 on it. The scp dies with an "Alarm Clock" problem on larger files (the failure case file is a 1297920 byte solaris package.). It does not always die in the same place. openssh-1.2pre17-spa 51% |************** | qd 00:00 ETAAlarm Clock Write

Is it true that configure tests for the existence of librsaref.a, and if it finds it, it assumes that that rsaref is supposed to be used---*even if openssl was not built with rsaref support* ? Mate

I have openssl linked against rsaref and rsaref libraries are in my path but for some reason openssh now fails on SSLeay / OpenSSL tests. checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install and config.log shows: configure:2795: gcc -o conftest -g -O2 -Wall -I/opt/openssl/include -L/opt/openssl/lib -L/opt/openssl conftest.c -ldl

The following code snippet will not compile support for RSAref on NetBSD even if it exists on the system (which breaks OpenSSL): for WANTS_RSAREF in "" 1 ; do if test -z "$WANTS_RSAREF" ; then LIBS="$saved_LIBS -lcrypto" else LIBS="$saved_LIBS -lcrypto -lRSAglue

I've installed openssl-0.9.5 using rsaref.a. When I build ssh-1.2.2 with ./configure rsaref is still get the following error when running ssh: ssh: no RSA support in libssl and libcrypto. See ssl(8). What am I doing wrong ?

First, when I tried to start sshd, I got the message Starting sshd: ssh-keygen: no RSA support in libssl and libcrypto. See ssl(8). sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8) no RSA support in libssl and libcrypto -- exiting. See ssl(8) So I thought I have to recompile openssl with rsaref flag to config. When I did that, I got compilation error (this is version 0.9.5

Sunil-- Actually, you do not "see that openssl has some patent issues." You do see that OpenSSL implements many algorithms, some of which have been (at various times) been patented or encumbered in some countries. Without knowing what country you're in, none of us here can really give useful advice as to which software/algorithm patents could potentially apply. To the best of my

I had to apply this patch to configure.in to get configure to run on Tru64 Unix on Alpha. The RSA test forgot to reset $LIBS. (The compile stopped with missing "zlib.h". I'll send more patches if required. :-) diff -ur src-2.9p1/configure.in src-2.9p1-local/configure.in --- src-2.9p1/configure.in Wed Jun 6 17:15:09 2001 +++ src-2.9p1-local/configure.in Wed Jun 6

Helo all I'm having performance problems with samba v2.0.3/freeBSD3.2 when there's more than one client using the same share. Every thing works, but very slowly - about 30 seconds to open an Access table. When there is only 1 client, it takes about a second. The server is almost 100% idle. I tried samba v2.0.5a on a Linux and the problem also exists. On a MSWindows NT workstation

I have openssl-0.9.5a and openssh-2.1.0. I configured ssl with rsaref and it passes the tests. When I configure ssh I get: ---- checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install ---- it is failing RSA_private_decrypt function call. The RSA_generate_key seems to work (does not return null) but then goes on to fail at

Please tell me where I can ask questions on ssh's use. I installed openssh on two Linux boxes, one is RedHat 6.0 the other is RedHat 6.1. I used the rpms at ftp://thermo.stat.ncsu.edu/pub/openssh-usa/ I used the us versions, and I touched no config files whatsoever. >From one machine, I have no problems connecting to the other machine, but does not work the other way around. Here are

This to announce a test release of 2.1.0p1 before making it widely available. This release includes many fixes to problems reported over the last week. In particular: - spurious error and coredumps caused by the inbuilt entropy gathering - RSAref detection - Compilation fixes for Solaris and others It also contains (completely untested) support for compiling without RSA support. This may be

I hate following up to myself, but I thought a clarification of one point (specifically WRT RC5 which was mentioned in the original question) might be worthwhile...because what I should have said originally was that "To the best of my non-legally- admissible knowledge, however, none of the algorithms in the current *OpenSSH* implementation are currently encumbered by patents that would

Looks like the fixes to use OpenSSL with RSAnull break it for rsaref. I've attached a patch that fixes it for me. Cheers, Nalin -------------- next part -------------- --- openssh-2.1.0p3/configure.in Wed May 31 08:56:52 2000 +++ openssh-2.1.0p3/configure.in Wed May 31 09:03:49 2000 @@ -231,7 +231,27 @@ [ found_crypto=1 break; - ], [] + ], + [ + LIBS="$saved_LIBS

My system: HP-UX 10.20, pretty vanilla, most non-HP software from the HP Porting Archive at hpux.cae.wisc.edu. GNU make is /usr/local/bin/gmake, zlib is in /opt/zlib, OpenSSl in /opt/openssl, HP ANSI C compiler. OpenSSH 2.2.1p4. 'configure' on this system warns that rsa is not available. I found source at www.spinnaker.com which builds an rsaref.a library but not an RSAglue one. So

On Mon, Mar 13, 2000 at 07:43:09AM -0800, jeet M wrote: > Mate, > I seem to be doing the same install you are for open > ssh on a solaris 7 box. I am getting the same error > you did when starting sshd (no RSA support in libssl > and libcrypto ...). I've installed zlib, > openssl-0.9.5 and egd-0.6, did the LDFLAGS and CFLAGS > declarations and configured --with-egd

Hello, I have sshd version:SSH_VERSION "OpenSSH_2.3.1p1" When I run (using inted.conf), at client-side I get error: Bad remote protocol version identification: 'sshd: no hostkeys available -- exiting. I have client: SSH Version 1.2.27 [i386--netbsd], protocol version 1.5. Compiled with RSAREF. What is the solution to above problem ? Thank you.