similar to: Solaris 2.6 getting a number of packet_read fatal errors

Hello, When I run ssh between two computers I have a 3 second delay before I can login. I ran ssh with the verbose option and found out that the delay is in between the following lines: ... debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. (*** 3 second delay here ****) debug1: Doing challenge response authentication. debug1: No challenge. I read

I change my network configuration and now I don't have this problem any more. Jose Guilberto /***************************************************/ Hello, When I run ssh between two computers I have a 3 second delay before I can login. I ran ssh with the verbose option and found out that the delay is in between the following lines: ... debug1: Installing crc compensation attack

I needed to manually add a '#define HAVE_BOGUS_SYS_QUEUE_H 1' to the config.h file to get OpenSSH 3.1p1 to properly build under Solaris 2.6. Without it, the system <sys/queue.h> is included rather than using the openbsd-compat/fake-queue.h and the various TAILQ_* macros are not defined. I suspect that the configure.ac file needs to be updated to add the lines: if test

Also, a lot of measurement/research on deployment of OpenSSH rely on version advertising for their statistics. It's going to be harder to know impact of deprecation of certain legacy features without statistics. I also agree with Mark here. On Wed, Feb 20, 2019 at 10:57 AM Mark D. Baushke <mdb at juniper.net> wrote: > Nagesh writes: > > > Cyber security team has

Here is my third attempt at the idletimeout patch. I tried to address the points which Marcus Friedl brought up. It is actually bigger than the previous patches, but not as intrusive. It is big because it moves some stuff from serverloop.c to packet.c. - I moved all the logic to packet.c. This means that I also had to move the actual select() call, which used to be in serverloop.c to packet.c.

On Fri 2015-06-12 01:52:54 -0400, Mark D. Baushke wrote: > I have communicated with Allen Roginsky on this topic and I have been given permission to post his response. > > In this message below, the 'vendor' was Darren Tucker's generated prime > that used a generator value of 5. > > -- Mark > > From: "Roginsky, Allen" <allen.roginsky at

Darren Tucker <dtucker at zip.com.au> writes: > On Thu, Oct 29, 2015 at 12:32 PM, Mark D. Baushke <mdb at juniper.net> wrote: > > Diff updated with suggested changes (also, making the timestamp format > > ISO8601 compliant). > > > > Hmmm... full IOS8601 compliance would include the timzeone so the format > > I don't have a copy of the ISO8601

Can we disable diffie-hellman-group14-sha1 too? On Thu, Feb 14, 2019 at 10:23 PM Mark D. Baushke <mdb at juniper.net> wrote: > > Hi John, > > The short answer is YES. > > Jon DeVree <nuxi at vault24.org> writes: > > > I ask because the removal of diffie-hellman-group-exchange-sha1 happened > > accidently in 7.8 due to a mistake in a change to

> > > We here at HGSI have a consultant doing some statistical work for us. > > HGSI bought and installed SAS, but our consultant insists that R and > > Rweb is a better solution. I do not know either package so I do not > > know, hence we are ditching SAS for R and Rweb. Any comments on this > > are welcom. > ooops, he is not a consultant, he is a full time

Hi, I notice here: https://www.openssh.com/releasenotes.html That the versions always have a <number> and a <number>p1. Does the p1 indicate a patch? So does it mean that <number> and <number>p1 are two different versions? It doesn?t describe the differences between the two in case they are different versions. I would appreciate some clarification. Thanks, Roee.

Hi Damien, Damien Miller <djm at mindrot.org> writes: > Thanks, but I don't think we're going to merge this one because I'm > somewhat worried that some systems we currently build on do not support > the -n syntax. Conversely, AFAIK everything* supports -number. Michael Forney said that he was trying to run on a system that did NOT support head -number and tail

On 25 September 2017 at 02:32, Mark D. Baushke <mdb at juniper.net> wrote: > [+CC Loganaden Velvindron <logan at hackers.mu>] primary author of > the RFC 4419 refresh draft. https://datatracker.ietf.org/doc/draft-lvelvindron-curdle-dh-group-exchange/ ? Tangent: has any consideration been given to increasing the maximum allowed beyond 8192 bits (which is below the current NIST

https://bugzilla.mindrot.org/show_bug.cgi?id=2971 Bug ID: 2971 Summary: Prevent OpenSSH from advertising its version number Product: Portable OpenSSH Version: 7.6p1 Hardware: All OS: Linux Status: NEW Severity: security Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2971 Bug ID: 2971 Summary: Prevent OpenSSH from advertising its version number Product: Portable OpenSSH Version: 7.6p1 Hardware: All OS: Linux Status: NEW Severity: security Priority: P5 Component: sshd Assignee: unassigned-bugs at

Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark

mdb-bsd is a FreeBSD 4.2-STABLE box morpheus is a Red Hat Linux 6.2 box with openssl 0.9.6 on it. Attempts to use SSHv2 fail. Using SSHv1 succeeds. sshd from OpenSSH2.5.1p1 is getting a fatal: xfree: NULL pointer given as argument Full client and server interaction given below. -- Mark Script started on Mon Feb 19 10:47:01 2001 1:mdb at mdb-bsd$ ssh -v -v -v -2 -x morpheus date SSH Version

On 3/22/20 5:07 PM, sdaau wrote: > Hi all, > > Copy of: > > generator under Cygwin fails with: Fatal error: exception Unix.Unix_error(Unix.EAGAIN, "fork", "") · Issue #45 · libguestfs/libguestfs > https://github.com/libguestfs/libguestfs/issues/45 > > ... since I realised late I shouldn't post on GitHub issues. That could be a bug in the Cygwin

http://bugzilla.mindrot.org/show_bug.cgi?id=565 Summary: gcc 3.2.3 compiler warnings for openssh-3.6.1p2 on Solaris 7 Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: trivial Priority: P2 Component: Miscellaneous AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2464 --- Comment #3 from Darren Tucker <dtucker at zip.com.au> --- Created attachment 2741 --> https://bugzilla.mindrot.org/attachment.cgi?id=2741&action=edit Changes as suggested. Diff updated with suggested changes (also, making the timestamp format ISO8601 compliant). That said, what's the use case for this? The timestamps are

On 09/24/2017 12:21 AM, Mark D. Baushke wrote: > I suggest you upgrade to a more recent edition of the OpenSSH software. > The most recent release is OpenSSH 7.5 and OpenSSH 7.6 will be released > very soon. This problem is in v7.5 and v7.6. See dh.c:436. > OpenSSH 6.6 was first released on October 6, 2014. I brought up v6.6 to give an example that older clients wouldn't be