similar to: 2.5.2p2 ssh-keyscan installed group writable?

I went to go use it today since I'll be putting together some packages for a national project and I found them in pretty *BAD* shape. By tonight, I should have some partial patches to resolve a lot of the issues, but I really feel we need to either need to fix it, remove it, or replace it with a better version. It's old enought to lakc RSA v2 key generation, lack of slogin, sftp,

When doing a simple configure of OpenSSh 2.5.2p2 on a Sparc running RedHat 6.0 I get: ... updating cache ./config.cache creating ./config.status creating Makefile sed: file conftest.s1 line 1: Unknown command: ``^'' creating openbsd-compat/Makefile sed: file conftest.s1 line 1: Unknown command: ``^'' creating ssh_prng_cmds sed: file conftest.s1 line 1: Unknown command:

Hi, my Name is Claudia Linares and in this moment, I try to install the SSH in a machine Sun with Solaris 2.7. When I want to compile the software openssh-2.5.1p1 ( with Compiler CC or with gcc), I execute the comand: ./configure but in this instant I view the following messages: config : error:*** zlib missing - please install first or check config .log The file config.log is this:

Well, I've finally gotten around to compiling and testing OpenSSH 2.5.2p1, in order to update the contrib/solaris packaging scripts. Somehow on my test system, I'm getting errors that indicate that I've still got some old copy of OpenSSL being found somewhere...but I can't for the life of me tell where. The compile went fine (it found the OpenSSL 0.9.5a libraries that I had

-----Original Message----- From: Loomis, Rip Sent: Tuesday, 19 June, 2001 09:10 To: 'geoff at raye.com' Subject: RE: poor permissions on ssh binary Geoff-- You stated that you consider it "a poor choice of permissions" to install the ssh binary as mode 0711. Since it will run perfectly with even more restrictive permissions (we typically install it mode 0511 here), what is

This is my first time installing ssh and I am getting the following error: $ ssh <hostname> The authenticity of host <hostname> can't be established. RSA key fingerprint is <xxxxxxxxxxxxxxxxxxxxxxxxx>. Are you sure you want to continue connecting (yes/no)? David

Folks; I couldn't find anything on my archive of the mailing list on this, and it may just be my mis-understanding, but: When I "ssh machine1 -l user1" as user2 on machine2, if user2 has the same uid on machine1, then user2's name ends up in lastlog, instead of user1's. This is a bit disconcerting when user2 is root, and root isn't allowed to remotely log in on

Greetings, In order to use solaris's BSM (Basic security module) also called c2 audit, which logs specific kernel calls depending on your audit_control, I would need to use login(1) to log users exec calls and whatnot because Portable OpenSSH does not have <bsm/audit.h> support, now that would mean I would have to enable Uselogin in sshd_config in order for that to work. I am running

Good day! A little time ago I have ported the "original" ssh 1.2.30 to OS/2. Unfortunately, I was mislead by the gnu-COPYING-GPL file that is present in the ssh root dir, thus was under impression that ssh is GPL as well. I was shaken when I have discovered my mistake :-) This basically made it unusable for many users which want to use ssh in commercial environments. Thus I decided

hi all, I got "xmalloc: out of memory" when i used ssh-keyscan to a remote host that is using SSH protocol 2 and only protocol 2 (no fallback to SSH protocol 1). Looks to me more like ssh-keyscan doesn't talk SSH protocol 2 to the server. Please help. Here is the exact error: # /usr/local/bin/ssh-keyscan -v miad_1 # miad_1 SSH-2.0-OpenSSH_3.0.2p1 xmalloc: out of memory

Hi, At the office, there is an old ss5 box running sunos 4.1.4. I have configured openssh using gcc on this machine. In doing so, I found a few compilation and configuration problems. 1. Compilation Problem. SunOS 4.1.4 doesn't have regex.h header nor the entry points regex.c is supposed to offer. Solution. Copy regex.c and regex.h from, say, GNU awk distribution to the openssh directory

https://bugzilla.mindrot.org/show_bug.cgi?id=1213 --- Comment #3 from aab at purdue.edu 2010-11-23 12:00:50 EST --- Created attachment 1961 --> https://bugzilla.mindrot.org/attachment.cgi?id=1961 One attempt at getting the rsa key from a remote server that was having a number of problems. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving

Hello All, Im using OpenSSH 4.3p2 and tyring to scan a list of 40 machines in my network with ssh-keyscan utility. I used the following command, ssh-keyscan -t rsa -f hosts.txt The man page says that this utility displays the host keys irrespective of ssh or host is up/down and its working great. But in case if the scan stops at 30th host due to some protocol problems, the utility exits and

Hi, I am using ssh-keyscan with a list of hosts, such as: ssh-keyscan -t rsa -f hosts_for_keyscan Some of the hosts in the list have dsa, but no rsa keys. For such hosts, the command displays: no hostkey alg When this is the case for 2 hosts, this message appears twice AND SSH-KEYSCAN STOPS QUERYING, which means that no keys at all are returned for the following hosts. Here is the part of the

Hi ML members, is there a reason, why ssh-keyscan does not use Host definitions from .ssh/config but does only relys on DNS host names? I have a quite long list of host names and a not that well maintained name server.

===== Ladies/Gents, "ssh-keyscan.c" can't be linked statically against "libssh.a". You end up with `fatal()' being doubly defined. The patch below deletes the new "ssh-keyscan.c:fatal()" function and and restores the "ssh-keyscan.c:fatal_callback()" function with modifi- cations. The problem that both attempt to alleviate is the setting of the

I have a network without a network connection to other networks. But a socks server is dual homed between it and other networks. I can use socks to ssh to other networks. I use ProxyCommand with the socks aware connect.c program to connect out. All works great. I discovered while trying to use the ssh-keyscan program that it does not use the ProxyCommand configuration. At least in my testing

Hello everyone! I work for a company that uses OpenSSH to remotely support systems we've sold. Since some of our clients are US Dept. of Defense hospitals, our access to these servers needs to comply with a whole range of requirements and standards. At this point it's looking like the SSH daemon needs to be FIPS 140-2 compliant, and the only package that is certified is F-Secure.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Summary: ssh-keyscan doesn't like comment-lines Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Keywords: low-hanging-fruit Severity: minor Priority: P2 Component: Miscellaneous AssignedTo:

ssh-keyscan may, under very specific circumstances, be vulnerable to something akin to a buffer overflow. It's probably impossible to exploit, though, if only because ssh-keyscan is not usually run on very large untrusted input files. ssh-keyscan uses an fgets() wrapper that uses an unsigned int to keep track of the length of a buffer holding the current line. On machines with sufficient