similar to: [PATCH] document inability to change v2 keys' comments with ssh-keygen

On Solaris 10 (SPARC & x86), I'm seeing the following error: error: Failed to allocate internet-domain X11 display socket. I tracked this down to this code change between openssh 4.7p1 and 5.0p1: *** openssh-4.7p1/channels.c Mon Jun 25 03:04:47 2007 --- openssh-5.0p1/channels.c Wed Apr 2 15:43:57 2008 *************** *** 1,4 **** ! /* $OpenBSD: channels.c,v 1.270 2007/06/25 08:20:03

Hi, I have recently taken over as Debian maintainer for ssh. This means you're going to be getting lots of mail from me in the near future :-) I'm aiming to be a little more active than the last maintainer, but the Debian packages were really out of date, so I've quite a lot of work (and probably some old bugs) to deal with. Anyhow, onto the first question. ssh these days uses

Scenario: Use the ssh-keygen utility in openssh-1.2pre17 to generate a host key Kill and restart sshd Remove the old host key from ~/.ssh/known_hosts Connect to the host using ssh. I get this: homer.ka9q.ampr.org$ ssh 199.106.106.3 who The authenticity of host '199.106.106.3' can't be established. Key fingerprint is 1024 a0:8d:17:f0:fa:a9:9f:6f:b5:d0:1c:d6:02:92:bd:5e. Are you sure

Here is a patch to scp made against openssh-2.1.1p2 that adds the -L option to scp. The -L option tells scp to use nonprivilaged ports (by passing ssh the -P option). The non-free ssh's scp has this option, and it is required under some firewall setups (like mine) for scp to function. Please let me know if there are any problems with this patch, or if there is anything I can do to help get

Hi, Some systems (sysvinit-using ones, at least, such as linux) do not have /etc/rc, so the references to it in ssh-keygen.1 are not very helpful. Here's a quick patch to remove those references. Cheers, Matthew --- ssh-keygen.1.orig Thu Sep 27 20:31:48 2001 +++ ssh-keygen.1 Thu Sep 27 20:34:34 2001 @@ -99,8 +99,7 @@ or .Pa $HOME/.ssh/id_rsa . Additionally, the system

On Thu, Jul 7, 2016 at 10:00 AM, Bruce F Bading <badingb at us.ibm.com> wrote: > > Hi Gentlemen, > > Thank you both for your valued opinion. I do however agree that public key > authentication cannot be fully considered MFA as have 2 PCI QSAs I have > spoken with. This is because it is not enforceable server side. Many > things can affect client side security. >

Right - I know you've had a discussion about the argv[0] stuff already, but I've written this simple script to simulate the (now missing) support for Debian, and was asked to send it to you... --- ssh-argv0 --- #! /bin/sh -e if [ "${0##*/}" == "ssh-argv0" ] then echo 'ssh-argv0: This script should not be run like this, see ssh-argv0(1) for details'

I received the following e-mail in response to an e-mail I had sent to SSH communications questioning the wisdom of their requesting OpenSSH to change it's name. Contained in the message is that statement that SSH Communications did not exert their trademark rights earlier becuase it's only recently that OpenSSH has become more visible. In the United States, this would invalidate the

I would also like to mention that when I released TTSSH in May 1998, I had no concerns about violating any trademarks because I observed that the name "SSH" was already being used by several different parties for different purposes --- as the name of Ylonen's original SSH package and its derivatives, as the name of the protocol, and as a component of names of other implementations

Hi, I tripped over the effects of commit 660854 [0] when moving some infrastructure from Debian 7 to 8 (openssh 6.0 to 6.7); our ansible module used "return 0, but no output" for 'host not found in known_hosts file', and now complains that ssh-keygen is returning an error status. I don't think this change in API was announced in the release notes? i.e. ssh-keygen -F

Hi, So I screwed up when writing the support for the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha256 at libssh.org properly about 0.2% of the time (one in every 512ish

I'd like to address several issues raised by people in relation to my notice of the ssh(R) trademark to the OpenSSH group. Also, I would like to make a proposal to the community for resolving this issue (included at the end). First, I'll answer a number of questions and arguments presented in the discussion. > "the SSH Corp trademark registration in the US is for a logo

Using ssh-keygen from OpenSSH-2.9p1, I can perform the following key conversions: - convert a commercial public key into an OpenSSH public key: % ssh-keygen -i -f commercial-key.pub > openssh-key.pub - convert a commercial private key into an OpenSSH private key, provided that the commercial key has no password % ssh-keygen -i -f commercial-key > openssh-key -

http://bugzilla.mindrot.org/show_bug.cgi?id=566 Summary: ssh-keygen -l does not print key comment for rsa/dsa keys Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1545 Summary: ssh-keygen -R removes all comments from known_hosts file Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1544 Summary: ssh-keygen -l on known_hosts file does not display hostnames for lines with comments Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh-keygen

https://bugzilla.mindrot.org/show_bug.cgi?id=1544 Bug 1544 depends on bug 1319, which changed state. Bug 1319 Summary: ssh-keygen does not properly handle multiple keys https://bugzilla.mindrot.org/show_bug.cgi?id=1319 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW

https://bugzilla.mindrot.org/show_bug.cgi?id=1544 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #26 from Damien Miller <djm at

A few people have commented that the synopsis in 'man 1 scp' is a bit difficult for humans to parse. I attach a diff between the distributed version and mine: (I suppose this should really go to the OpenBSD maintainers, but I wanted a little feedback about whether this was better or not.) Thanks, Andrew Stribblehill Systems Programmer, IT Service, University of Durham --------------

Hi, I applied the following minor diff to preserve the value of the extern variable across calls to process_sign_request2() in ssh-agent.c. I've no idea if the attachment of the attachment will come out correctly so a cvs diff is also attached. Regards, Alistair -------------- next part -------------- An embedded message was scrubbed... From: "Alistair G. Crooks" <agc at