similar to: upcoming s/key changes

hints? -------------- next part -------------- An embedded message was scrubbed... From: Markus Friedl <msfriedl at cip.informatik.uni-erlangen.de> Subject: Why we can't login ? Date: Thu, 19 Apr 2001 09:18:02 +0200 (MET DST) Size: 4357 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010419/b433827e/attachment.mht

fyi http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/TODO

For those following the portable CVS tree.. I'd suggest holding off for a day or so unless you really want to get dirty. I just commited 32 patches from the OpenBSD tree, but have not worked out all the issues (due to Linux brain damage <sigh..Faster OpenBSD gets SMP..the happer I'll be>). The two things that need to be finished integrated in the configure.in is KRB5 and

SSH server specs: ----------------------- Redhat Linux 6.2 Custom built 2.2.17 kernel OpenSSL 0.9.5a (update from RedHat). OpenSSH 2.5.1p1 I am using my Linux box as an Internet gateway. I wanted to keep the box as secure as possible while still having the functionality I needed. The only way to connect to my server is through SSH. A fair majority of the time I am attempting to

OpenSSH still has this feature, SSH-1.2.27 no longer has it. Admittedly it can be useful sometimes, even though I'd prefer this to be done using a trivial shell wrapper, which would be the UNIX way of doing things. Not being able to call OpenSSH's ssh by another name (say ``ssh1'') can get in the way when having to maintain two versions of ssh in parallel because the ``ssh ->

I have some Solaris 7 boxes (Ultra 3 and Ultra Enterprise 250 hardware) that I have compiled both 3.7p1 and 3.7.1p1 on and am having some problems. I am using the same "configure" options that I have in the past (without problems). I have tried both new and existing (previously working) ssh_config and sshd_config files. The new versions seem to have broken SSH 1 support (and

Hi, this is merely FYI, but i would appreciate if someone had any comments or further information on the topic. We were using the following setup : cryptocard easyradius with RB-1 hardware tokens (hex or decimal display, synchronous (quicklog) mode) f-secure ssh with pam radius authentication This worked fine until we updated to openssh 2.9p2. Then all authentications where the response

Hello , I have bought a cryptocard and i want to make it work openssh, now I need to initialize my token, install the cryptocard patch ( http://projects.jdimedia.nl/files/openssh-cryptocard.patch). The patch reads it's data from a file I've heard that some users made a conversion script from the CryptoADMIN server export to a crypto users file that the patch want. Is there anybody who can

comments? -------------- next part -------------- An embedded message was scrubbed... From: Charles Clancy <mgrtcc at cs.rose-hulman.edu> Subject: Problems on Sparcs Date: Wed, 6 Dec 2000 09:55:41 -0500 (EST) Size: 2913 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20001206/c7cb5d2a/attachment.mht

Hello, I have to find a solution logon through OpenSSH to OpenBSD machines from anywhere in the world (unsave computers). So I think I must use a challenge-response system with an hardware token that isn't connected to the computer. I do not want to use a RSA ACE/SERVER, so i can't use SecurID ? I can't use challenge response mode with cryptocard, because I want to protect it against

Hello, I was searching the internet for an challenge-response system to authenticate an Openssh session with an hardware token. Now i found this, its very old, so i want to now how's the situation today. I couldn't find much documentation. Re: SSH with SecureID > Is there any documentation I'm missing on how to integrate the two? > We'd love to go with 2-factor

Hi, I had a contractor write a patch to allow CryptoCard support in OpenSSH. It works with portable openssh-2.1.1p4, and it was posted to the SSH mailing lists, but I see that it hasn't been included in the openssh-2.2.0p1 release. Would it be possible to include this patch in the official release? The reason why I ask is because it will not be difficult to do that, it will support the

O.K. I know it was too late to make changes for the next release, but thankfully there werent any changes needed. Kerberos over ssh protocol 1 worked out of the box from CVS today (2002/10/04-14:30) The krb5 patches we were using (I think from Olaf K) was all in the code. The only thing I had to patch to get things working was removing the scard-install from the Makefile.in The compiled code

Hi, I just finished integrating CryptoCard support in OpenSSH. - Native X9.9 support. Should work with CryptoCard en Secure Computing tokens. This basically gives support for Challenge / Response - Licensed under BSD license I'll put the patch on http://www.jdimedia.nl/igmar/pam, but that wil shorty change to projects.jdimedia.nl. If desired I could also put in on the mail. Let me

Remote vulnerability in SSH daemon crc32 compensation attack detector ----------------------------------------------------------------------- Issue date: 8 February 2001 Author: Michal Zalewski <lcamtuf at razor.bindview.com> Contact: Scott Blake <blake at razor.bindview.com> CVE: CAN-2001-0144 Topic: Remotely exploitable vulnerability condition exists in most ssh daemon

(Mr. Markus Friedl asked me to mail to this address) Hello there. My problem is as follows: I am using OpenSSH 2.5.1 (Can't upgrade for now, explain will be given later...) on AIX 4.1.5 (Can't upgrade as well...) I have written a distribution script that distributes tgz files along with their installation script, the distribution script simply scp the file and then reconnects and

Greetings all, I'm working on attempting to get SAMBA to work with a product line called CryptoCard. I *should* be able to get it to work one of two ways, either through the use of CryptoCard's provided PAM module, or through RADIUS authentication. Currently, I cannot seem to get PAM authentication to work at all. This is what is in the 'samba' file for PAM: auth

installing openssh on irix is hard? -------------- next part -------------- An embedded message was scrubbed... From: Miguel Jardine <mcj2 at georgetown.edu> Subject: Re: Hanging SSH1 client Date: Mon, 11 Jun 2001 11:09:38 -0700 Size: 4832 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010611/c665c85d/attachment.mht

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a patch release which contains fixes to all the problems which have been reported over the last month. Most importantly: OpenSSL-0.9.5 has exposed a bug in RSA key generation on systems which lack a /dev/random (Solaris, HPUX, SCO). On such systems this port was not properly initialising OpenSSL's entropy pool. This results in lower

This is to announce the release of portable openssh-2.3.0p1. This release includes many new features and bug fixes. This is a recommended upgrade if you are using 2.2.0p1 or an older release. Portable OpenSSH is available from one of the many mirrors listed at http://www.openssh.com/portable.html Some of the more notable features include: - Rijndael support for SSH2. Use the "Ciphers"