similar to: Yet Another Compatibility Fix (SSH_MSG_CHANNEL_OPEN_FAILURE)

Hi, After reading the source code of openssh and man page of sftp. In sftp.h it define 27 /* 28 * draft-ietf-secsh-filexfer-01.txt 29 */ 30 31 /* version */ 32 #define SSH2_FILEXFER_VERSION 3 and In the end of the man page, T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material. In wikipedia of "SSH File

https://bugzilla.mindrot.org/show_bug.cgi?id=2227 Bug ID: 2227 Summary: Support version 6 Product: Portable OpenSSH Version: 6.6p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement Priority: P5 Component: sftp-server Assignee: unassigned-bugs at mindrot.org

Hello, I had some difficulties in order to convert private keys between different implementations of SSH. So, I wrote the following patch to allow export of SSH2 RSA and DSA private keys into IETF SECSH format. Note that I also slightly revised the IETF SECSH key import code. Usage: use of the "-e" option on a private key file generates an unencrypted private key file in IETF SECSH

An updated version of my patch for Kerberos v5 support is now available from http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch This patch includes updated Kerberos v5 support for protocol version 1, and also adds GSSAPI support for protocol version 2. Unlike the Kerberos v5 code (which will still not interoperate with ssh.com clients and servers), the GSSAPI support is based on

http://bugzilla.mindrot.org/show_bug.cgi?id=187 Summary: ssh-keygen not converting from and to SECSH standard correctly Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

Hi Joel, Joel GUITTET wrote: > Hi, > We currently work on a project that require SSH server with FIPS and using OpenSSL v3. There is no way to work with OpenSSL v3 due to many reasons. If you like to get FIPS capable secsh implementation compatible with OpenSSL FIPS validated modules 1.2 and 2.0 , RedHat ES, or Oracle Solaris you could use PKIX-SSH. Regards, Roumen Petrov -- Advanced

I received the following e-mail in response to an e-mail I had sent to SSH communications questioning the wisdom of their requesting OpenSSH to change it's name. Contained in the message is that statement that SSH Communications did not exert their trademark rights earlier becuase it's only recently that OpenSSH has become more visible. In the United States, this would invalidate the

Hello, It seems to me the algorithm negotiation of the transport layer has a bug, it does not follow the specification of draft-ietf-secsh-transport-24, page 19, where the behaviour of first_kex_packet_follows is specified. I've got an ssh client that sends an SSH_MSG_KEXINIT message and specifies only 'diffie-hellman-group1-sha1' as key exchange algorithm. It sets

Old news, but ... http://lwn.net/Articles/298833/ I first posted about this back in 2001 and it's still not resolved: http://osdir.com/ml/ietf.secsh/2001-09/msg00000.html 1) high latency networks are a reality that will never go away. In fact they will only become more prevalent since distributed networks continue to grow broader but (surprise) the speed of light remains a constant. 2)

http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-05.txt So what do people think of this?

On Thu, Mar 14, 2002 at 12:12:20PM -0800, Bob Smith wrote: > i find it amusing that the OpenBSD web site states on the main index page > "Our efforts emphasize portability, standardization,...." but by not > following standards like secsh's key format you're failing according to > your own goals. This is not exactly the truth. You have to consider your user base

Hello, I've gathered from searching Bugzilla[1][2] that a patch to update OpenSSH's SFTP implementation to support version 4 or above of the protocol is unlikely to be accepted. However, I find myself wishing for the name-based owner and group handling specified in version 4 of the spec[3]. As a possible compromise, if I submitted a patch to add an OpenSSH-specific extension to return

https://bugzilla.mindrot.org/show_bug.cgi?id=1953 --- Comment #3 from Christoph Anton Mitterer <calestyo at scientia.net> --- Does anyone know whether anything is going on with SFTP (especially also with repsect to ACLs and XATTRs)? More than a year ago we saw this http://tools.ietf.org/html/draft-moonesamy-secsh-filexfer-00 which apparently tried to restart the draft-ietf-secsh-filexfer

The patch below implements a couple of features which are useful in an environment where users do not have a regular shell login. It allows you to selectively disable certain features on a system-wide level for users with a certain shell; it also allows you to control and audit TCP forwarding in more detail. Our system is an email server with a menu for the login shell; we selectively allow port

Could someone provide a description of the config setting KbdInteractiveDevices And how it would be used. There is no mention of this here: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5&arch=&apropos=0&manpath=OpenBSD+Current And a quick glance of the source doesn't seem to reveal much. Thanks in advance, scott

Dear list, Attached is a patch that adds support for the SSH_FXP_LINK request, as described in draft-ietf-secsh-filexfer-07 onwards, to the sftp server and client. It is for and has been tested on the current portable snapshot but also applies to openbsd CVS. Thanks, -- Peter -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-sftp-hardlink-pcvs-v2.patch

This is an old idea I had, resurrected by the mention of changing the agent protocol in "ssh-agent allowing access to other users?" thread. Currently, when you forward the ssh-agent, the forwarded host has the same rights as the local user. And when the key requires confirmation, the is quite terse: "Allow use of key foobar? Key fingerprint abcdf." It would be desirable to

https://bugzilla.mindrot.org/show_bug.cgi?id=2948 Bug ID: 2948 Summary: implement "copy-data" sftp extension Product: Portable OpenSSH Version: -current Hardware: All URL: https://tools.ietf.org/html/draft-ietf-secsh-filexfer- extensions-00#section-7 OS: All Status: NEW

Has any thought toward a v3 protocol spec been discussed elsewhere, and if so what enhancements are being looked at. Is it too early to consider such things, or should we open the door to the new features a protocol update would bring? More specifically I have been investigating working toward a more enterprise-friendly hierichical authentication scheme, but I have quickly realized the

>Is there a simple way to achieve this behavior? Is there a document on >the sftp protocol somewhere? http://search.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt -- Darren J Moffat