similar to: OpenSSH and HP-UX

The following code snippet will not compile support for RSAref on NetBSD even if it exists on the system (which breaks OpenSSL): for WANTS_RSAREF in "" 1 ; do if test -z "$WANTS_RSAREF" ; then LIBS="$saved_LIBS -lcrypto" else LIBS="$saved_LIBS -lcrypto -lRSAglue

Is it true that configure tests for the existence of librsaref.a, and if it finds it, it assumes that that rsaref is supposed to be used---*even if openssl was not built with rsaref support* ? Mate

The openssl list does not seem to respond to this, so let me ask you here: my librsaref.a is in /space/local/lib. How do I tell about this to openssl's config/make? Also, how do I tell config/make to use /usr/ccs/bin/ld instead of the default (gnu linker has problems on Solaris). Thx, Mate

This to announce a test release of 2.1.0p1 before making it widely available. This release includes many fixes to problems reported over the last week. In particular: - spurious error and coredumps caused by the inbuilt entropy gathering - RSAref detection - Compilation fixes for Solaris and others It also contains (completely untested) support for compiling without RSA support. This may be

Howdy, The string of notices on BugTraq about RSAref being vulnerable to overflows has me concerned. After trying to sort through all the messages, I can't figure out whether I need to update OpenSSL (a check of their website indicates no new patches), OpenSSH, both, or neither. I am aware there is no known exploit for it yet. I could be a bad boy and just run all

>From: "ulairi" <ulairi@jps.net> >HP, in their own inimitable way, will release the product as "CIFS/9000". >More then likely, it will be a replacement (or a more advanced version) of >their ASU/9000 LanMan product (Advanced Server for Unix). >Having had to play with ASU/9000 and HP's all-time favorite game of "oh, you >need a patch, but for

hi. please cc comments 2 me, i'm not subscribed. what i did is simply this (you might have guessed :) i had to install the improved version of openssl after recent, urgent improvements. with this came came the urgent desire for openssh-CURRENT, which had to be reinstalled, because an old(?) version comes with the distribution. here's the diff. spare me and yourselfs a desciption of

On Wed, Sep 13, 2000 at 09:13:26AM +0000, Graham Murray wrote: > On upgrading to openssl 0.9.6-beta1, I find that openssh 2.2.0p1 fails > to connect. I did some more experiments and also saw the problems. They occur when using a 0.9.6-beta client to connect to 0.9.5a and 0.9.6-beta servers. They also occur when using a 0.9.5a client connecting to a 0.9.6-beta server. Connections fail with

I have openssl-0.9.5a and openssh-2.1.0. I configured ssl with rsaref and it passes the tests. When I configure ssh I get: ---- checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install ---- it is failing RSA_private_decrypt function call. The RSA_generate_key seems to work (does not return null) but then goes on to fail at

Found the solution to my 2.0.6 dying on me on SGI - SYSV_IPC needed to be #undef'ed in source/include/includes.h in favor of MMAP, seems to have fixed it. If I run the daemon in server mode, no prob. If I switch to domain mode (and use smbpasswd to join into the domain, per the instructions), I get the error indicating that the username/password pair was incorrect, as if I typed in a wrong

I have openssl linked against rsaref and rsaref libraries are in my path but for some reason openssh now fails on SSLeay / OpenSSL tests. checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install and config.log shows: configure:2795: gcc -o conftest -g -O2 -Wall -I/opt/openssl/include -L/opt/openssl/lib -L/opt/openssl conftest.c -ldl

Hi! I am resending the following message about problems with utmp handling. * In the meantime I had some request in private mail from people asking whether I have new information. * The problem is still persistant in 2.9p2. * My own new investigations show, that the problem only appears with protocol 2, not with protocol 1, I therefore only started to note it when protocol 2 became the

Howdy, After upgrading to 2.9 (OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f) I'm unable to ssh between two systems any more (the two that I've upgraded). I've recompiled from the original source several times, each time with no errors, regenerated host keys, regenerated client keys (using rsa), etc., to no avail. Below are some relevant snippets of debugging output

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Trying to run ./configure and after a while of chugging along, I get this: checking for four-argument statfs (AIX-3.2.5, SVR3)... no checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)... no checking for two-argument statfs with struct fs_data (Ultrix)... no checking if large file support can be enabled no checking

I've installed openssl-0.9.5 using rsaref.a. When I build ssh-1.2.2 with ./configure rsaref is still get the following error when running ssh: ssh: no RSA support in libssl and libcrypto. See ssl(8). What am I doing wrong ?

No response yet, so resending. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords ---------- Forwarded message ---------- Date: Fri, 12 Oct 2001 09:44:54 +0300 (EEST) From: Pekka Savola <pekkas at netcore.fi> To: Damien Miller

Hi! I am distributing 2.5.1p1 for production use on my system by now and prepare switching to protocol 2 as default protocol. I just noted, that ssh-agent can be used for protocol 1 and 2, but the keys kept in ssh-agent are not compared against keys in .ssh. Example: I have a DSA key in id_dsa which I load into ssh-agent on login. When connecting to an account accepting the key everything is

Hi, I'm running openssh 2.1.1p4 on Solaris 7 (sparc). Occationally, when I boot up the server, the startup script I wrote to start sshd fails to start sshd with the following error: fatal: Not enough entropy in RNG What am I doing wrong?? Is there anything I can do to prevent this from happening? Is just restarting sshd a valid thing to do?? Thanks for any thoughts, David

There are a couple of issues regarding egd support in OpenSSH. 1) SIGPIPE is not ignored for the master listener daemon. I put the signal() call early on since it needs to be before get_random_bytes() is called but it could also be placed in the EGD version of get_random_bytes(). For some reason, with prngd I am getting SIGPIPE even though the prngd processes is not dying.

Hi! as I just noted, after scp the connection does not shut down properly. When I do a "scp file targethost:path", on targethost a "sshd" process is left running. I do use --with-default-path="/usr/local/openssh/bin:/usr/bin:/usr/local/bin" to assure, that the corrensponding openssh-scp is used. It also seems, that normal sessions are not always closed properly.