similar to: Openssh-2.5.1p1 and Solaris 2.6 problem with ssh_rsa_verify

This is debugs seen on server, whose keys are not accepted by the client: debug1: Seeding random number generator debug1: sshd version OpenSSH_2.5.2p2 debug1: load_private_key_autodetect: type 0 RSA1 debug1: read SSH2 private key done: name rsa w/o comment success 1 debug1: load_private_key_autodetect: type 1 RSA debug1: read SSH2 private key done: name dsa w/o comment success 1 debug1:

Host based authentication does not seem to be working for us after upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at 0.96d). Any time we try to connect from another unix box also running openssh-3.4p1, we get the following error (on the server side) and host based auth fails (it falls back to password prompt). sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:

I hope I don't get flamed the first time I post to a new list. I have spent a couple of hours poking around without seeing anything like this. The problem is, as soon as I load the Zaptel drivers (with a TDM-31B card), ssh into or out of the server is broken. Trying to ssh in, I get: RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01

Hi, I have a returning problem with one of my sparc Solaris machines. I have a Ultra2 with two 296MHz processors. All recent combinations of openssh/openssl have a not permanent problem. If i try to connect to the machine, i get sometimes these errors: # ssh root at simba RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed

Hi, is there any chance to make SSH_RSA_MINIMUM_MODULUS_SIZE configurable? I keep receiving these messages: ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits key_verify failed for server_host_key And it's quite a hassle to recompile each time I need to use it (there are still devices where you can't fix it easily). Thanks Michal

Oops, I meant to CC the list on this. -- Iain ----- Forwarded message from Iain Morgan <Iain.Morgan at nasa.gov> ----- Date: Thu, 17 Jan 2013 14:51:01 -0800 From: Iain Morgan <Iain.Morgan at nasa.gov> To: Damien Miller <djm at mindrot.org> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Wed, Jan 16, 2013 at 21:26:39 -0600, Damien Miller wrote: > On Mon, 14 Jan

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi guys, been trying the x509 patch for ssh from Roumen, it works great. However, I can't figure out couple of things, and been trying to solve it for couple of days already. I'am using OpenSSH_4.7p1-hpn12v19, OpenSSL 0.9.8g with 6.1 version of your patch. The serverside hostkey is configured correctly, to present x509v3-sign-rsa dynowork

Using OpenSSH 2.3.1 client and OpenSSL 0.9.6a When trying to ssh to OpenSSH server of higher versions SSH-1.99-OpenSSH_2.5.2p2 or such, I see error in RSA key exchange: RSA_verify(..)routine. I see: error at:int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; unsigned char *p,*s;

Hi, I am using OpenSSH 2.5.2p2 on Solaris 2.7 (Ultra 10) with 64bit support and have the following problem when connecting with the ssh2 protocol to non-solaris OS: On the client side, I do: /local/work/lysis/bin/slogin -v -2 -p 2222 rs30 On the server side (AIX 4.3), the sshd runs as follows: aix/sbin/sshd -p 2222 -d Full output follows at the end of this mail. The server is compiled with

I am building version 2.3.0p1 of openssh on a UnixWare 2.03 system and am unable to connect with SSH 2. The error I get is: debug: len 55 datafellows 0 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key The build environment is as follows: gcc 2.95.1 openssl-0.9.6-beta2 I've looked through the archives and found similar problems related to version

Hi, Tavis Ormandy found some bugs in OpenSSL's ASN.1 and buffer code that can be exploited to cause a heap overflow: http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html Fortunately OpenSSH's sshd is not vulnerable - it has avoided the use of ASN.1 parsing since 2002 when Markus wrote a custom RSA verification function (openssh_RSA_verify):

Darren Tucker <dtucker at zip.com.au> writes: > On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote: > [...] >> gv harry> ssh -vv 2x >> >> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016 > > this is a third-party modified version of OpenSSH. Can you reproduce > the problem with a stock OpenSSH from the source from

Dear Gentlemen: a couple of months ago we ported OpenSSH 2.3 to an IBM OS/390 Mainframe machine: It ran very well until we tried to connect to an SSH server using SSH2 protocol. On the OS/390 (which is the client) it comes up with the following error messages: >ssh -v -2 somehost . . . debug: bits set: 504/1024 debug: len 55 datafellows 0 debug:

Hello, I have a problem with ssh client. I have: SSH-2.0-OpenSSH_2.3.1p1 When I try to connect to a sshd server (USING V2): Remote protocol version 1.99, remote software version OpenSSH_2.5.2p2 or Remote protocol version 2.0, remote software version OpenSSH_3.0.1p1 I get error (looking at codebase): In sshconnect2.c: ssh_dhgex_client(kex, host, hostaddr, client_kexinit,

(I'm sorry - the securityfocus mailing list is dead and there are no other SSH resources on the net) Hello, Client is (some netware installation) running: Local version string SSH-2.0-OpenSSH_3.7.1p2 Server is plain old FreeBSD 6.2-RELEASE running: OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 When I attempt to connect from client (netware) to server (freebsd) I see: ssh

Package: logcheck-database Version: 1.2.63 > Apr 28 17:02:39 naam dkim-filter[15536]: 570BA180CE: bad signature data > Apr 28 17:03:20 naam dkim-filter[15536]: A08D2180CE: bad signature data > Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE SSL error:04077068:rsa routines:RSA_verify:bad signature > Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE: bad signature data > Apr 28

Does anyone knows if there is a patch for OpenSSH in order to make it work with 0.9.8r OpenSSL in FIPS Mode ? I'm having problem with the RSA_public_decrypt() function that is failing in FIPS Mode, I changed it to use RSA_verify instead and setting the flag "RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if this is allowed in FIPS Mode, does anyone

> Sistemas Comau do Brasil wrote: > I installed the version SAMBA_2.0.7 in a workstation SUN > SOLARIS_2.6. > Seemingly, everything works well, but it frequently happens > travamentos in the communication between Windows and Unix. > Somebody can help myself. It is very urgent!!! Mar 7 03:13:48 cad1 inetd[179]: netbios-ns/udp server failing (looping), service terminated Mar 7

Hello all, Earlier this week we disabled protocol 1 upon our machines while installing commercial ssh 3.2.0. Suddenly I discovered that the AIX systems running Openssh were not able to connect. I upgraded to the newly minted 3.4p1 and discovered the same problem. My limited poking around has shown the following: <16:59:38>atb at ursus:>ssh -vv atb at host <snip> debug1: bits

Package: logcheck-database Version: 1.3.8 11 hex digits, and "no" diff -ur logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter --- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400 +++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04