similar to: [patch] known hosts with ports

I see that you have s/key support in ssh, any plans to add opie support as well ? just asking ..

There is one spot where the password_authentication option was ignored, patch follows. Wichert. diff -wur org/openssh-2.5.2p2/auth2.c openssh-2.5.2p2/auth2.c --- org/openssh-2.5.2p2/auth2.c Sun Mar 11 21:01:56 2001 +++ openssh-2.5.2p2/auth2.c Mon Jun 4 23:31:54 2001 @@ -397,7 +397,7 @@ authenticated = auth2_challenge(authctxt, devs); #ifdef USE_PAM - if

http://bugzilla.mindrot.org/show_bug.cgi?id=1194 Summary: .host is known, .00host isn't ... or is it? Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy:

Hello all, i just discovered that the known hosts file seems to only store the server finger prints for distinct *hostnames/IPs*, not hostnames/IPs and ports, meaning i can't ssh to a multiple boxes on the same host even if they have different ports. Every client other than the one shipped with openSSH seems to work fine, presumably because they store fingerprints by host:port combinations

Hi, it becomes more and more common to have machines with dynamically assigned IP addresses online (e.g. DSL), which can be found through dynamic DNS entries. Unfortunately, the "Known Hosts" mechanism doesn't work for these machines: Since the entry is made for the IP address, there's a new entry every time the address changes. Therefore, an option should be invented

http://bugzilla.mindrot.org/show_bug.cgi?id=1039 Summary: Incomplete application of HostKeyAlias in ssh Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: cdmclain

I just cobbled up a little patch to add support for OPIE to OpenSSH. Currently untested, but feedback is welcome. Wichert. -- _________________________________________________________________ / Nothing is fool-proof to a sufficiently talented fool \ | wichert at cistron.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

The analysis given in section 3.2 of the portable OpenSSH FAQ regarding "Empty passwords not allowed with PAM authentication" appears to be specific to Linux's pam_unix.so. No mention is made that this is in fact a Linux-specific remedy. Some text should probably be added to this extent. If anyone has worked on this on Solaris 8 I'd be interested to hear what solution was

To Whoever can help me, I need to port OpenSSH that is available as part of Linux-7.0 to Lynx OS. Has it ever been tried to port to Lynx? If yes, kindly send me details regarding porting to Lynx. Expecting your help, A.Gnana Hari Sekar. ____________________________________________________________ Do You Yahoo!? For regular News updates go to http://in.news.yahoo.com

http://bugzilla.mindrot.org/show_bug.cgi?id=910 mindrot at askneil.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mindrot at askneil.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

Hello Bob and thank you for your reply, first of all I hope that I'm answering in the right way since I had enabled the daily digest and I'm not sure if it's the right way to use Thunderbirds "Reply List" feature on this digest. If it's wrong this way I apologize. I turned of the daily digest so my next messages should be correct. > Are you aware of HostKeyAlias?

The .ssh/known_hosts table cannot handle reaching different sshd servers behind a NAT router. The machines are selected by having the SSHDs respond to differnt ports. A second request would be to allow known_hosts checking solely on the dns name, wildcarding the IP address. This would be useful to avoid continuously warning the user every time you connect to a machine with a changing IP address

http://bugzilla.mindrot.org/show_bug.cgi?id=393 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From markus at openbsd.org 2002-09-11

I have had a brief discussion with Damien Miller (below) about storing host port values in the known_hosts file so as to track multiple ssh sessions (with independant keys) that run on a single host but accept connections on different ports. If it were possible to state that a given key for a remote host belonged to that host's ssh session on port 23 and that another key belonged to that

I would like ssh to have the command line option of supplying the passphrase. This would make it possible to do attendant free scp transfers from PHP, for example. As it is, it is impossible to use a web script to initiate an scp xfer if an encrypted private key is used. I realize that stupid people could make shell scripts or web scripts then with the pass phrase in them, but those same stupid

Hi all, I just want to upgrade from protocol 1.5 to 1.99 and 2.0, respectively and run into the following problems: The situation is the following: I have a client ("c") inside the firewall and two servers outside ("a" and "b"). The firewall accepts connections on two ports (22136 and 22137) and directs the connections directly to port 22 of the two servers

Hi, I have a problem with the host verification of ssh in several networks of the same structure: In all cases there is a router or a firewall with an official IP address, making the ssh-ports of several hosts with RFC1918-addresses available through NAT or TCP forwarding. Thus, different hosts appear on the same IP address, just with different ports. Since SSH uses the IP address but not

Outside the pre-auth patch by Markus to fix Cygwin and a few other platforms. SEND ME (privately) ANY required patch against the lastest snapshot. I'm doing the final commits this evening. Patches that have been temporary rejected for this release. - Owl's full patch for SysV Shm if mmap fails - mmap() on /dev/zero - mmap() on sparse file .. Not looked at the BSD/OS 5.0 patch

Here is a patch to add the missing scp -1 and -2 options to eliminate confusion for users familiar with the commercial version of SSH. This patch and others are maintained on the secure nfs (SNFS) web page: http://www.math.ualberta.ca/imaging/snfs/ -- John Bowman University of Alberta diff -ur openssh-3.0.2p1/scp.c openssh-3.0.2p1J2/scp.c --- openssh-3.0.2p1/scp.c Sun Oct 21 18:53:59 2001 +++