Displaying 20 results from an estimated 6000 matches similar to: "openSSH: configure ciphers."
2016 Oct 18
7
SSH Weak Ciphers
Hi,
In a recent security review some systems I manage were flagged due to
supporting "weak" ciphers, specifically the ones listed below. So first
question is are people generally modifying the list of ciphers supported by
the ssh client and sshd?
On CentOS 6 currently it looks like if I remove all the ciphers they are
concerned about then I am left with Ciphers
2001 Feb 19
1
FreeBSD 4.2 OpenSSH2.3.0 client vs Red Hat 6.2 OpenSSH2.5.1p1 sshd
mdb-bsd is a FreeBSD 4.2-STABLE box morpheus is a Red Hat Linux 6.2
box with openssl 0.9.6 on it.
Attempts to use SSHv2 fail. Using SSHv1 succeeds.
sshd from OpenSSH2.5.1p1 is getting a
fatal: xfree: NULL pointer given as argument
Full client and server interaction given below.
-- Mark
Script started on Mon Feb 19 10:47:01 2001
1:mdb at mdb-bsd$ ssh -v -v -v -2 -x morpheus date
SSH Version
2015 Jan 30
3
SSH over websockets
I must be missing the point here somehow. From my simple mind I think that
two things would be needed - first a mod, e.g., mod_sshd, or better an
addition to mod_auth and mod_proxy so that a URL could be used to initiate
contact to an sshd server elsewhere.
The mod_auth part could/should be used to verity the credentials to used -
basically setting up the VPN between ssh and httpd as ssh; the
2014 Mar 06
1
Is cipher "3des-ctr" supported by openssh?
Hi,
Is cipher "3des-ctr" supported by openssh?
It is not mentioned in the list of supported ciphers in the man page of
ssh_config:
Thanks, Sunil
Ciphers
Specifies the ciphers allowed for protocol version 2 in order of
preference. Multiple ciphers must be comma-separated. The supported ciphers
are ''3des-cbc'', ''aes128-cbc'',
2000 Dec 30
1
[Re: openSSH/openSSL question.]
Damien Miller <djm at mindrot.org> wrote:
On 29 Dec 2000, sunil vallamkonda wrote:
> Hello,
>
> Looking at:
> http://www.openssh.com/features.html
>
> Under 'Free Licensing' section:
>
> "any licensed or patented components are chosen from
> external libraries (e.g. OpenSSL)"
>
> Can someone please enlighten me which
> components
2002 Jun 30
2
Password auth problem with openssh 3.4 and Linux 2.2.20
After upgrading to openssh-3.4p1, password authentication is no longer
working on my system. I'm running Linux RedHat 6.2 with:
kernel 2.2.20
openssh-3.4p1
openssl-0.9.6
pam-0.72-6
pwdb-0.61-0
I've tried it with and without compression, with and without priv sep, and I
always get errors like this:
Jun 30 19:07:48 sugarfreejazz sshd[1344]: Failed password for randy from
10.10.10.2 port
2000 Oct 14
1
Key exchange/selection badly broken in SNAP1014?
Hello all,
It seems the overhaul on key exchange/selection broke it badly. I haven't
managed to use any other encryption method than 3des and blowfish when
connecting to SNAP -> SNAP. SNAP -> 2.2.0p1 will use arcfour
etc. quite cleanly.
How SNAP -> SNAP looks like:
---
debug: Local version string SSH-2.0-OpenSSH_2.2.0p2
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug:
2000 Apr 06
1
status of openssh-2
Hi,
My name is Stefan Mangard and I plan to implement an extension to ssh as a
final project in a cryptography class.
Since I want to use an open source of ssh, I decided to use
the openssh implementation.
I am currently working with openssh-1.2.3, but I'd also like to implement
my extension for protocol 2, I wanted to ask you how far the development
of the implementation of openssh-2 is.
2001 Feb 18
1
OpenSSH 2.3.0p1 protocol 2 problem with AIX
Hi,
Connecting from RHL7 with OpenSSH 2.3.0p1 or 2.5.0p1 to OpenSSH 2.3.0p1 on
AIX 4.3.1. Protocol 2 doesn't work if you specify 'Ciphers
rijndael128-cbc' or Ciphers 'aes128-cbc'.
sshd -d -d -d on the server shows _nothing_ about these connections.
I'm not sure if rijndael has been left out from sshd somehow, but
shouldn't the error message be a little more
2010 Jul 22
3
[Bug 1801] New: cipher_spec section of ssh man page needs update
https://bugzilla.mindrot.org/show_bug.cgi?id=1801
Summary: cipher_spec section of ssh man page needs update
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Documentation
AssignedTo: unassigned-bugs at mindrot.org
2001 Sep 27
3
sftp error on LynxOs
I am trying to initiate an sftp session from a Linux (Redhat) to a LynxOs
machine (where i have ported opnessh-2.9p1) and configured without PAM
support (as I was not able to find PAM version for LynxOS operating system)
I get the following error:
$ sftp -P /home/telica -l telica -v ben
select: Bad file descriptor
read: Input/output error
sftp>
Can somebody help me asap on this?
2004 Jun 29
1
OpenVMS SSH password expiry woes continue
I sent in a patch a week or so ago for a problem a customer of mine was
seeing when trying to connect to their OpenVMS system with an 3.8.1p2
OpenSSH client (running on a linux box or in cygwin) and trying to login to
an account who had an expired password.
The problem continues although now it has nothing to do with what my patch
handled as they have since upgraded their SSH software on the VMS
2004 May 06
2
ID mismatch
Hi,
When do the sftp to remote server with file system full, sftp connection
get "ID mismatch"
and connection closed. Is it supposed to get the "sftp>" prompt back? I try
with V3.7.1p2 and V3.8.1p1 and have the same result.
Please help.
rdsosl.sef_cdf-831# sftp -v edosuser at rdsosl
Connecting to rdsosl...
OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading
2004 Apr 20
2
Compiling 3.8p1 on AIX with IBM OpenSSL RPMs
Folks,
I've just updated a machine to the latest IBM supplied OpenSSL RPMS:
openssl-0.9.6m-1
openssl-devel-0.9.6m-1
(this is a power4 running AIX 5.1)
and Tried to upgrade to the latest OpenSSH (3.8p1 - both the release and a
snapshot from about a week ago)
I'm using:
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/opt/freeware
and the compilation seems OK:
OpenSSH
2003 Oct 05
2
OpenSSH Authentication on Solaris w/ NIS+ Problem
Hello,
I am having a very aggrivating problem, and I will try and provide all of the necessary information. I have openssh-3.7.1p2 with openssl-0.9.6k installed on Solaris 8. Here is what I've been able to determine so far:
1. Local account authentication works fine (non-NIS+).
1a. NIS+ is running at security level 2
2. Telnet authentication works fine.
2a. When I use the SSH client,
2002 Jul 17
13
Testing Call
Ok.. I'm starting official testing calls early this release. I'd like to
have more feedback and more time for handling fixes.
If people could test snapshots (http://www.openssh.org/portable.html, pick
your favorate mirror and select snapshots directory) and report failures
it would be useful.
For those with pmake install there is regress/ which you can try out. It
may help any platform
2004 Jun 05
50
[Bug 877] ssh 3.8.1p1 client cannot disable encryption with "-c none"
http://bugzilla.mindrot.org/show_bug.cgi?id=877
Summary: ssh 3.8.1p1 client cannot disable encryption with "-c
none"
Product: Portable OpenSSH
Version: 3.8.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo:
2001 Apr 24
1
HELP! sftp hangs on exit / Bug?
Hi,
The following discussion was posted to comp.security.ssh
however, it seems that my problems may be a bug in
SSH. Could someone please indicate whether there
is a bug fix, or perhaps whether I should go back a
version or so.
In summary:
- Win98 machine (client)
- OpenSSH as packaged with Cygwin tools 1.1.8
(openssh-2.5.2p2-3)
- Connecting to a Sun running Solaris.
ssh: SSH Secure Shell
2016 Nov 08
4
one host only: ssh_dispatch_run_fatal
Darren Tucker <dtucker at zip.com.au> writes:
> On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote:
> [...]
>> gv harry> ssh -vv 2x
>>
>> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016
>
> this is a third-party modified version of OpenSSH. Can you reproduce
> the problem with a stock OpenSSH from the source from
2000 Oct 13
2
Cipher 'none'
By making a one-line change it is possible to enable the cipher 'none'
in openssh. But you still have to ask for it explicitly, either by
adding it to /etc/ssh/ssh_config or by giving the '-c none' option to
ssh.
I think that this 'feature' should be turned back on, because for slow
machines or large file transfers, using encryption slows things down a
lot. This means