similar to: [Bug 34] Incorrect claim about Commercial SSH's key length

http://bugzilla.mindrot.org/show_bug.cgi?id=34 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From mouring at eviladmin.org

------- Forwarded Message Subject: Re: Dubious use of BN_num_bits in sshconnect1.c From: Niels Provos <provos at citi.umich.edu> In-Reply-To: alex at foogod.com, Sun, 18 Feb 2001 19:38:56 PST To: alex at foogod.com Cc: openssh-unix-dev at mindrot.org Date: Mon, 19 Feb 2001 10:07:24 -0500 Sender: provos at citi.umich.edu Hi Alex, there is no problem in OpenSSH. In message

OpenSSH 3.3 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes since OpenSSH 3.2.3: ============================

OpenSSH 3.2.3 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes since OpenSSH 3.2.2: ============================

fyi for those running snapshots. the latest portable cvs has the fix and the version is 2.3.2p1. Kevin ---------- Forwarded message ---------- Date: Thu, 08 Feb 2001 18:15:00 -0500 From: Niels Provos <provos at citi.umich.edu> To: security-announce at openbsd.org Subject: Authentication By-Pass Vulnerability in OpenSSH 2.3.1 (devel snapshot)

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Security Changes: ================= - fixed buffer overflow

Does someone understand this? I do not. Niels. ----- Forwarded message from laurent Protois <protois at ensea.fr> ----- Subject: NVIDIA and Privilege Separation From: laurent Protois <protois at ensea.fr> To: provos at citi.umich.edu X-Mailer: Ximian Evolution 1.0.7-1mdk Date: 10 Jul 2002 09:29:45 +0200 Hi Niels, i have a little problem with openssh 3.4 and Nvidia kernel driver:

Is this a known problem? Niels. ----- Forwarded message from Judah Levine <jlevine at utcnist.colorado.edu> ----- Date: Fri, 5 Jul 2002 08:58:46 -0600 (MDT) From: Judah Levine <jlevine at utcnist.colorado.edu> To: provos at citi.umich.edu Subject: Privilege separation Hello, I have just installed openssh-3.4p1 on a COMPAQ/DEC/HP Alpha running True64 UNIX v4.0F. The privilege

> Date: Thu, 19 Mar 2015 11:59:47 +0100 > From: Volker.Lendecke at SerNet.DE > To: groucho.64738 at hotmail.com > CC: samba at lists.samba.org > Subject: Re: [Samba] NFS4 ACLs with samba 3 (or 4) > > On Wed, Mar 18, 2015 at 01:17:34PM -0400, Kevin Taylor wrote: > > I know this was discussed a lot a few years ago, but my google searches aren't quite getting me where

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the

Below is a patch against the current OpenBSD OpenSSH CVS to workaround a behavior I have observed when converting from SSH 1.2.27 to OpenSSH while using the same old RSA1 host key for protocol 1. In several cases I saw that old SSH sshd reported a host key size of 1024 bits when OpenSSH saw it as 1023 bits. Without the patch, when OpenSSH's ssh client connects to an old SSH sshd it warns

Hello, Sometime ago min rsa key length was increased to 1024 bit and i have a little understanding problem with this. I hope somebody with some crypto-experience can enlighten me. To make that clear, that is not about allowing lower keys in general. Personally i would tend to use even longer keys(2048bit+). However Due nature of RSA-algorithm in case of 1024bit this might result in a key

Hi, This is included in the release now; any feedback? Privilege separation, or privsep, is method in OpenSSH by which operations that require root privilege are performed by a separate privileged monitor process. Its purpose is to prevent privilege escalation by containing corruption to an unprivileged process. More information is available at:

On Thu, Mar 19, 2015 at 10:17:36AM -0400, Kevin Taylor wrote: > Name : nfs4-acl-tools Relocations: (not relocatable) > Version : 0.3.3 Vendor: CentOS > Release : 6.el6 Build Date: Fri 22 Jun 2012 02:10:47 AM EDT > Install Date: Mon 31 Mar 2014 10:41:48 AM EDT Build Host: c6b10.bsys.dev.centos.org >

Hello, there are emerging container services that restrict regular users to launch containers under some random uid for security reasons. If such user needs sshd in their container, they need to turn off `UsePrivilegeSeparation` so that sshd is executed as the current uid and not `root`. I understand that privilege separation [1] is more than changing the process uid. On the other hand, it is

https://bugzilla.mindrot.org/show_bug.cgi?id=1477 Summary: ssh-keygen not reading stdin as expected Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: ix86 OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1477 Will <will at aether.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |normal CC| |will at aether.com Version|-current

Hmmm... You guys aware of this project to incorporate Smart Cards into ssh-agent? I remember hearing about some stuff for OpenSSL, but I don't recall hearing about this on the OpenSSH list or on the Muscle list. This would be a really nice thing... :-) Mike -- Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com (The Mad Wizard) | (678) 463-0932 |

----- Original Message ----- > From: "Jeremy Allison" <jra at samba.org> > To: "Nick E Couchman" <nick.couchman at seakr.com> > Cc: samba at lists.samba.org > Sent: Thursday, December 3, 2015 6:13:51 PM > Subject: Re: [Samba] Linux & NFSv4 ACLs > On Thu, Dec 03, 2015 at 06:03:39PM -0700, Nick Couchman wrote: >> >> > On Dec 3,

On Fri, Dec 04, 2015 at 01:37:33PM -0700, Nick Couchman wrote: > ----- Original Message ----- > > From: "Jeremy Allison" <jra at samba.org> > > To: "Nick E Couchman" <nick.couchman at seakr.com> > > Cc: samba at lists.samba.org > > Sent: Friday, December 4, 2015 1:22:06 PM > > Subject: Re: [Samba] Linux & NFSv4 ACLs > >