Displaying 20 results from an estimated 1000 matches similar to: "protocol 2 performance gain?"
2002 Jan 24
1
v3.0.2
I have upgraded my openssh version from 2.2.0.p1 to 3.0.2p1. 3.0.2 was
compile on a
sunblade 100 running Solaris 8. Is it possible for my to use my existing DSA
key?
Thanks,
David Higdon
UNIX System Administrator
(503) 450-4800 (Office)
(503) 701-5558 (Cell Phone)
higdon.david at cnf.com
2000 Jul 20
10
SUNWski
Has anyone had success with getting /dev/random to work
after installing SUNWski? After I install the pkg and start /etc/
init.d/cryptorand, the /dev/random file remains 0 bytes.
I am running Solaris 2.8
- David
2000 Jul 20
3
First time install
This is my first time installing ssh and I am getting the following error:
$ ssh <hostname>
The authenticity of host <hostname> can't be established.
RSA key fingerprint is <xxxxxxxxxxxxxxxxxxxxxxxxx>.
Are you sure you want to continue connecting (yes/no)?
David
2005 Oct 26
2
openssh 4.2p1 zlib compression broken for old clients
Hello OpenSSH developers,
openssh 4.2p1 breaks old openssh clients up to 3.4p1 when they try to use compression:
# ssh-3.4p1 -C remote-host-with-4.2p1 pwd
no matching comp found: client zlib server none,zlib at openssh.com
option "-vv" shows
...
debug2: kex_parse_kexinit: zlib
...
debug2: kex_parse_kexinit: none,zlib at openssh.com
...
debug2: mac_init: found hmac-md5
no
2020 Feb 06
3
Call for testing: OpenSSH 8.2
On 2020-02-05 at 20:39 -0500, Phil Pennock wrote:
> On 2020-02-06 at 10:29 +1100, Damien Miller wrote:
> > OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
> > on as many platforms and systems as possible. This is a feature release.
>
> > * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
> This actually affects me:
2001 Nov 02
3
su/sudo using ssh auth
To the openssh and sudo developer mailing lists:
Ssh has a key agent allowing authentication to remote hosts without
entering your password/passphrase again and again, which is very
convenient. I think the 'su', 'sudo', and similiar commands could benefit
from this idea and mechanism. I don't have the necessary expertise in
cryptology to do this myself so I just want to throw
2015 Apr 22
2
non-openssl build fixes
The attached patches fixes and cleans up the build when configured
with --without-openssl.
Summary:
* Fix KEX_SERVER_ENCRYPT macro in myproposal.h
* Fix unresolved symbols in ssh-keygen.c
* Isolate openssl code and extend WITH_OPENSSL wrappers around it
* Make ed25519 default key type in ssh-keygen when configured --without-openssl
-------------- next part --------------
A non-text attachment was
2015 Sep 14
15
[Bug 2466] New: Cipher defines from opensslconf.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2466
Bug ID: 2466
Summary: Cipher defines from opensslconf.h
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs at mindrot.org
2015 Nov 06
2
hmac-ripemd160 not in PROTOCOL
Hi there,
I noticed that hmac-ripemd160 and hmac-ripemd160 at openssh.com are not listed in the OpenSSH protocols file, yet they are listed in myproposal.h. I was wondering whether this is intentional, if yes, what the rationale behind this is?
Thanks,
Max
2023 Feb 24
1
[PATCH 0/1] ZSTD compression support for OpenSSH
I added ZSTD support to OpenSSH roughly three years ago and I've been
playing with it ever since.
The nice part is that ZSTD achieves reasonable compression (like zlib)
but consumes little CPU so it is unlikely that compression becomes the
bottle neck of a transfer. The compression overhead (CPU) is negligible
even when uncompressed data is tunneled over the SSH connection (SOCKS
proxy, port
2023 Feb 24
1
[PATCH 1/1] Add support for ZSTD compression
From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
The "zstd at breakpoint.cc" compression algorithm enables ZSTD based
compression as defined in RFC8478. The compression is delayed until the
server sends the SSH_MSG_USERAUTH_SUCCESS which is the same time as with
the "zlib at openssh.com" method.
Signed-off-by: Sebastian Andrzej Siewior <sebastian at
2012 Jul 29
3
[LLVMdev] rotate
> *NOTE* IIRC compiling this with -O0 on x86-64 can yield the wrong result
> since clang will emit shifts and on intel shifts are mod the register
> size [...snip...]
I remember finding the same thing (although I haven't tried it on a recent
clang version) and what I wondered was whether there was mileage in having
an explicit intrinsic for rotation (like there is for bit counting,
2020 Mar 24
4
ZSTD compression support for OpenSSH
I hacked zstd support into OpenSSH a while ago and just started to clean
it up in the recent days. The cleanup includes configuration support
among other things that I did not have.
During testing I noticed the following differences compared to zlib:
- highly interactive shell output (as in refreshed at a _very_ high
rate) may result in higher bandwidth compared to zlib. Since zstd is
quicker
2015 Apr 23
16
[Bug 2388] New: build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Bug ID: 2388
Summary: build fixups for --without-openssl
Product: Portable OpenSSH
Version: 6.8p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Build system
Assignee: unassigned-bugs at
2013 Nov 25
2
Last http://hg.mindrot.org/openssh commit is from 2013-06-11
Hello,
well it''s
| Rev: || 11096:745a39c852ab tip 11094:e34042dabbd8
| Auth: dtucker
| Date: Tue, 11 Jun 2013 02:10:02 +0000
- (dtucker) [myproposal.h] Make the conditional algorithm support consistent
and add some comments so it''s clear what goes where.
Note it was still advertised in the 6.3 release notes.
Has it been replaced by a git(1) repository? :-))
2008 Jun 28
1
KEX graceful failure
Dear all,
I am currently implementing an experimental key exchange (KEX) algorithm.
Unlike current algorithms like DH, mine needs to be able to fail gracefully,
and in case of failure, continue with whatever algorithm would have been
negotiated if mine was not selected.
My strategy for graceful failure is to remove my KEX algorithm from
myproposal[KEX_DEFAULT_KEX] and to initiate a new key
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2009 Apr 01
3
[Bug 1582] New: memory leak in do_ssh2_kex() routine (sshd.c)
https://bugzilla.mindrot.org/show_bug.cgi?id=1582
Summary: memory leak in do_ssh2_kex() routine (sshd.c)
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2020 Sep 05
8
[PATCH 0/5] ZSTD compression support for OpenSSH
I added ZSTD support to OpenSSH roughly over a year and I've been
playing with it ever since.
The nice part is that ZSTD achieves reasonable compression (like zlib)
but consumes little CPU so it is unlikely that compression becomes the
bottle neck of a transfer. The compression overhead (CPU) is negligible
even when uncompressed data is tunneled over the SSH connection (SOCKS
proxy, port
2018 Dec 10
2
[PATCH] cleanup of global variables server/client_version_string in sshconnect.c
In sshconnect.c there are two global variables for server_version_string
client_version_string.
These are used just in a few functions and can easily be passed as
parameters.
Also, there is a strange construct, where their memory is allocated to
the global pointers, then copies of these pointers are assigned to the
kex structure. The kex_free finally frees them via cleanup of the kex