similar to: 2.9p2 behaves different from 2.5.2p2 on tunneling issue

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

Hi, Here's a problem in openssh, some logs, and a very minor patch that cures this: Issue: (open)ssh client WILL NOT talk to F secure SSH-2.0-2.1.0pl2 client S/W version: openssh-2.3.0p1 client O/S version: SunOS 5.7 Generic_106541-11 sun4u sparc server S/W version: SSH-2.0-2.1.0pl2 server O/S version: SunOS 5.7 Generic_106541-11 sun4u sparc Log/Details: : % telnet <mymachine> 22

Below is a patch against the current OpenBSD OpenSSH CVS to workaround a behavior I have observed when converting from SSH 1.2.27 to OpenSSH while using the same old RSA1 host key for protocol 1. In several cases I saw that old SSH sshd reported a host key size of 1024 bits when OpenSSH saw it as 1023 bits. Without the patch, when OpenSSH's ssh client connects to an old SSH sshd it warns

Yo All! I have been playing with SSH 2.2.0 from www.ssh.com. I can not connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0. Ver 1 works fine. See below for the debug output from both ends If I force hmac-md5 (-m hmac-md5) from the sender it works! The other 3 choices fail: hmac-sha1; hmac-md5-96; and none. I have no problem connecting to this openssh host (hobbes) from

On Sun, Apr 15, 2018 at 06:38:37PM +1000, Damien Miller wrote: > On Sat, 14 Apr 2018, Colin Watson wrote: > > This isn't an OpenSSH bug, but just in case anyone else is ambitious > > enough to automatically run interoperability tests against other SSH > > implementations, here's a heads-up: > > > > https://twistedmatrix.com/trac/ticket/9422 > >

This isn't an OpenSSH bug, but just in case anyone else is ambitious enough to automatically run interoperability tests against other SSH implementations, here's a heads-up: https://twistedmatrix.com/trac/ticket/9422 TL;DR: commit 7c856857607112a3dfe6414696bf4c7ab7fb0cb3 caused there to be an SSH_MSG_DEBUG message sent where there wasn't one before, which tripped over an

I have found that this server, <snip> debug1: Remote protocol version 1.99, remote software version 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS debug1: no match: 3.1.0 F-SECURE SSH - Process Software SSH for OpenVMS </snip> does not follow the IETF secsh draft [1] related to the SSH_MSG_USERAUTH_PASSWD_CHANGEREQ message. <snip> ... Normally, the server responds

I've been testing tunneling on Linux with openssh-SNAP-20060116.tar.gz and found a problem. When I use LocalCommand for doing ifconfig stuff, the command line was executed before a tunneling interface is opened. This causes errors on Linux and the interface is not automatically set up. This is not a problem on *BSD because you can do ifconfig for unopened tun/tap interfaces. But in Linux,

Ok.. While helping someone else out with a Solaris 6 issue.. I'm noticing something is broken on Solaris 7.. I've not verified it on Linux.. That is my next step. But this is what I'm seeing. I installed the latest CVS snapshot (actually from the Developer's tree but no changes have been made since 21th), compiled, and installed.. and now: ssh localhost "ps -ef" does

Hello, I just ran upon this problem and couldn't find it in bugzilla. SSH crashes (abort trap) if all of the following conditions are met: (a) option -f is used (crash happens when going to background), (b) reverse port forwarding is set up (option -R), (c) option ExitOnForwardFailure is enabled, (d) there are no actual port-forwarding failures. The problem can be reproduced by

Greetings. (Third try at sending this, the first two seemed to disappear without a trace. Perhaps use of MS Outlook was the problem, even though in plain text...? Or attachment too big (22Kb)? Would like to know...) The final source code and documentation package for a FIPS 140 validated mode of OpenSSL was recently submitted. Once the final certification is awarded by NIST, in a month or

https://bugzilla.mindrot.org/show_bug.cgi?id=2577 Bug ID: 2577 Summary: Port Forwarding on Proxy with ProxyCommand ssh -W does not work / bad file descriptor Product: Portable OpenSSH Version: 7.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5

Hello all, All SSH/Datafellows versions don't match properly in compat.c. This should be fixed in OpenBSD version, naturally. An example of this is: debug: match: 2.1.0.pl2 SSH Secure Shell (non-commercial) pat ^2\. The match should definitely be 2.1.0. This is caused by the fact that a requisite space was added to the check when converting to regexp matching on Oct 10; CVS Id 1.24:

Hello ! Like Edmund EVANS reported openssh-2.1.1p4 won't fork to background when using protocol 2. I managed to hack a little patch that might work ... What is the -N command line option supposed to do ? I gather it should work only with protocol2 and without any command to run on the server (and with some port forwardings ??) Anyway in the patch I put some code to check that -N is used

I'm not on the mailing list, so I'd appreciate it if you could cc: me, though I will keep an eye on the archives. I am running openssh 2.2.0p1 on Debian GNU/Linux. I was pleased to see that 2.2.0p1 had support for DSA keys in the agent, and I have successfully used the v2 protocol to another openssh server with the agent providing authentication. I am also able to successfully connect

Hello, I noticed a problem recently when running some test code against the OpenSSH 7.6p1 ssh-agent. These tests ran fine against OpenSSH 7.5p1 and earlier, but with OpenSSH 7.6p1, they were suddenly causing ssh-agent to exit. The request being made was a ?sign? request, and the point of the test was to have the sign operation fail. To trigger this, I was passing in an invalid key blob

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

There is a race in the setup of the ControlMaster socket in auto mode, as illustrated by the following command line: ssh -oControlMaster=auto -oControlPath=sock localhost 'sleep 1; echo 1' & ssh -oControlMaster=auto -oControlPath=sock localhost 'sleep 2; echo 2' & Both of the commands will try to start up as a control client, find that sock does not exist, and switch into

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

Here are the details of my connection attempt: my computer: [jgrady at blarg jgrady]$ ssh -V SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). university server: bash$ ssh -V ssh: SSH Secure Shell 2.3.0 (non-commercial version) on mips-sgi-irix6.5 and the verbose output of my connection attempt: [jgrady at blarg jgrady]$ ssh -v xxxxxx.xxx.xxx.xxx SSH