similar to: [Re: openSSH/openSSL question.]

Hello, Looking at: http://www.openssh.com/features.html Under 'Free Licensing' section: "any licensed or patented components are chosen from external libraries (e.g. OpenSSL)" Can someone please enlighten me which components specifically have patent/ licensing restrictions from openSSL that are being used by openSSH ? Are any of these restricted by US export laws ? Thank

I hate following up to myself, but I thought a clarification of one point (specifically WRT RC5 which was mentioned in the original question) might be worthwhile...because what I should have said originally was that "To the best of my non-legally- admissible knowledge, however, none of the algorithms in the current *OpenSSH* implementation are currently encumbered by patents that would

I see that: SSH uses the following ciphers for encryption: Cipher SSH1 SSH2 DES yes no 3DES yes yes IDEA yes no Blowfish yes yes Twofish no yes Arcfour no yes Cast128-cbc no yes Two ques re: sshd: 1) Using openssh, how do I configure which

Looking at openSSH INSTALL: To generate a host key, run "make host-key". Alternately you can do so manually using the following commands: ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N "" ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" But when I try latter, I get: (gdb) n 1 0x35a6 in save_private_key_ssh2 ( filename=0xb2d2c

I have just checked in a change which makes PAM support optional and disabled by default. Previously PAM support was detected and enabled automatically if found. The change was made because there is no workable way to make PAM work 'out of the box'. Each vendor implements PAM a little differently and there appears to be no standard on the naming of modules or the augments they take. To

This is to announce the release of portable openssh-2.3.0p1. This release includes many new features and bug fixes. This is a recommended upgrade if you are using 2.2.0p1 or an older release. Portable OpenSSH is available from one of the many mirrors listed at http://www.openssh.com/portable.html Some of the more notable features include: - Rijndael support for SSH2. Use the "Ciphers"

This is to announce the release of portable openssh-2.3.0p1. This release includes many new features and bug fixes. This is a recommended upgrade if you are using 2.2.0p1 or an older release. Portable OpenSSH is available from one of the many mirrors listed at http://www.openssh.com/portable.html Some of the more notable features include: - Rijndael support for SSH2. Use the "Ciphers"

Thanks to the generosity of Rob Hagopian <rob at hagopian.net>, portable OpenSSH now has a public anonymous CVS tree and a mirror of the snapshots on a fast (colocated) machine. The nightly snapshots are now available from: http://bass.directhit.com/openssh_snap/ Please use these instead of the mindrot.org ones (which will be going away soon). To checkout the CVS tree, issue the

Thanks to the generosity of Rob Hagopian <rob at hagopian.net>, portable OpenSSH now has a public anonymous CVS tree and a mirror of the snapshots on a fast (colocated) machine. The nightly snapshots are now available from: http://bass.directhit.com/openssh_snap/ Please use these instead of the mindrot.org ones (which will be going away soon). To checkout the CVS tree, issue the

-- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message ---------- Date: Thu, 17 Aug 2000 14:27:31 +1000 From: Damien

It was one year ago today that I released a patch to get OpenSSH compiling on Linux. I had no idea just how much trouble releasing that patch would get me into :) Within days I was inundated with patches, improvements and portability enhancements - contributions which have made portable OpenSSH the success it is today. So allow me to thank the current developers and all of you who have

-- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message ---------- Date: Tue, 14 Nov 2000 22:00:41 +1000 From: Robert

-- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message ---------- Date: Tue, 26 Dec 2000 09:12:48 -0800 From: Takumi

While browsing through bash's hugh manpage, I noticed that it has a 'huponexit' option which will send SIGHUP to all interactive processes when the shell exits. I have tested this and it does resolve the hanging at logout without causing race conditions. I now have a "shopt -s huponexit" in my /etc/bashrc and it works beautifully. -d -- | ``We've all heard that a

Can anyone verify this and provide a URL for the docs? -- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message

-- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org ---------- Forwarded message ---------- Date: Tue, 14 Nov 2000 16:33:18 +0100 From: System

I have just uploaded a new snapshot to http://www.mindrot.org/misc/openssh/ Snapshot production is now automated - new snapshots will be made at about 4:30 am (Australian Eastern time) and will be available from the URL above. This snapshot consists of mainly minor fixes over the previous. The race when sshd exits which was causing data loss (as evidenced by "ssh localhost dd

Folks, I've just updated a machine to the latest IBM supplied OpenSSL RPMS: openssl-0.9.6m-1 openssl-devel-0.9.6m-1 (this is a power4 running AIX 5.1) and Tried to upgrade to the latest OpenSSH (3.8p1 - both the release and a snapshot from about a week ago) I'm using: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/opt/freeware and the compilation seems OK: OpenSSH

I am trying to initiate an sftp session from a Linux (Redhat) to a LynxOs machine (where i have ported opnessh-2.9p1) and configured without PAM support (as I was not able to find PAM version for LynxOS operating system) I get the following error: $ sftp -P /home/telica -l telica -v ben select: Bad file descriptor read: Input/output error sftp> Can somebody help me asap on this?

Hi, In a recent security review some systems I manage were flagged due to supporting "weak" ciphers, specifically the ones listed below. So first question is are people generally modifying the list of ciphers supported by the ssh client and sshd? On CentOS 6 currently it looks like if I remove all the ciphers they are concerned about then I am left with Ciphers