similar to: Is OpenSSH vulnerable to the ZLIB problem or isn't it?

Since there never was an answer on the secureshell at securityfocus.com list to this question, I thought I'd ask you guys on your own list and maybe I'll even get an answer. If the answer involves PAM in any way, then the most obvious question becomes "what about IRIX, Tru64, or any other platforms whose login procedure does not have PAM?". ----- Forwarded message from Atro

Hello everybody, I have a problem specifying identities with the -i option. For easier ssh invocations, I have setup my ssh_config files with entries like the following: Host *.domain.name Port 23457 StrictHostKeyChecking yes UserKnownHostsFile /dev/null GlobalKnownHostsFile /etc/ssh/known-hosts/domain.name IdentityFile ~/.ssh/%h-dsa IdentityFile ~/.ssh/%h-rsa IdentityFile

Hi, According to IETF draft draft-ietf-secsh-transport-14.txt, different ciphers(encryption), MAC and compression can be used for one direction say server-to-client and a completely different cipher, MAC and compression for the other direction client-to-server of the same connection. Is this supported today in OpenSSH, and if not, are there plans to support it in any future releases of the code?

Since i/we didn't receive any answer on secureshell at securityfocus.com I like to ask this question to you. What's your opinion on this topic? Thanks! Miro +-------------------------------+ +-------------------------------+ | Miro Dietiker | | MD Systems Miro Dietiker | +-------------------------------+ +-------------------------------+ -----Urspr?ngliche

I'm not a ssh expert and I don't know if the log is good or bad, but I too am running OpenSHH under OpenServer. I find that after I connect, the return key has no effect unless I first type: stty sane <Ctrl>j If you've hit <ENTER> before that you must first press <Ctrl>j a couple of times to clean out the buffer. After I type the above command, everything

No answers on secureshell at securityfocus.com I must be doing something wrong or the server seems to ignore my bind request. Port forwarding is working it just bind to all ips and ignores my bind request. I've also tried this with an rfc1918 address opposed to a loopback and had the same results. Google and the archive haven't helped. Thanks in advance for your time and consideration.

Le Jeudi 11 Avril 2002 21:09, m.ibarra at cdcixis-na.com a ?crit : > I was curious to know if you had any luck in getting openssh's sftp > server properly configured to allow chrooted sftp logins? I have had > no success and need something quickly. Dear Mike, Unfortunately, I did not succeed to have it work. I got in contact with James Dennis <jdennis at law.harvard.edu>, who

Robert, [OpenSSH with AFS not compiling on HP-UX 10.20] I'm using OpenSSH 2.9p2, OpenSSL 0.9.6a, KTH KerberosIV 1.0.8, and AFS 3.4 5.81. > cc: "auth-passwd.c", line 188: error 1530: Undefined struct or union. > cc: "auth-passwd.c", line 188: error 1529: Cannot select field of non-structure. I had exactly the same problem compiling SSH Inc. ssh-1.2.27 with AFS for

I am trying to generate a ssh_known_hosts2 file, 2.9.9p2, using: ssh-keyscan -f list_of_hosts -t rsa > ssh_known_hosts.rsa and ssh-keyscan -f list_of_hosts -t dsa > ssh_known_hosts.dsa but both commands fail almost immidiately with: Couldn't obtain random bytes (error 604389476) What could that mean? Servers that I am aware of that I query is: OpenSSH_2.5.1p2 OpenSSH_2.5.2p2

I've seen others working on a vxWorks port for OpenSSH. I'll CC: this to the OpenSSH dev list. Maybe they can provide you with the help you need. - Ben On Mon, 29 Oct 2001, Manoj Jaitly wrote: > I need a vxWorks port for openSSH. Can you send me some info on this topic. > If it is not available, then which is the best version to start porting and > what all I need to port

Hi- I built openssh-3.0p1 on a Tru64 4.0G without any problem. The system uses enhanced security, so the sia_* routines are used by sshd. Unfortunately, password authentication fails because sia_ses_authent() returns 0 in auth-sia.c. The thing is, the password is CORRECT; I verified this by inserting debugging statements before the call to sia_ses_authent(). The call to sia_ses_init()

Hi, this is merely FYI, but i would appreciate if someone had any comments or further information on the topic. We were using the following setup : cryptocard easyradius with RB-1 hardware tokens (hex or decimal display, synchronous (quicklog) mode) f-secure ssh with pam radius authentication This worked fine until we updated to openssh 2.9p2. Then all authentications where the response

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=57859 There's a method to see if an account exists or not: if it does exist, and the password fails, there's a small delay before getting the prompt again. But if it doesn't, the password prompt returns immediately. Looks like a bug... :o) -- Florin Andrei Linux Is Not "gnU linuX"

Why doesn't openssh bother to clean out the entries it places in .Xauthority? The file just keeps growing and growing... -- Karl Amrhein, <ksa at SLAC.Stanford.EDU> | www.slac.stanford.edu/~ksa SLAC Computing Services, Systems Group | 650.926.5083 Bldg 50, 364 --------------------------------------------------------------------- To unsubscribe, e-mail: secureshell-unsubscribe at

I joined the secureshell at securityfocus.com mailing list yesterday, and posted a message, but it doesn't seem like it ever made it to the list. Anyone know if it's down? Tnx, DR

Hello, anybody knows what happened to the ssh user mailing list on secureshell at securityfocus.com? it seems to be dead for more than two months now. I tried to post, but my postings never appeared on the list. Unfortunately, there's no administrative contact given on the subscription page, so I post to the dev list in the hope that somebody knows what's going on. Sorry for being OT.

I have been experiencing problems with remote data collection systems reporting not enough entropy in RNG. It mostly seems to be self correcting since a retry of the data transport succeeds. One system however shows the following everytime an ssh connection is attempted. Interactive commands do not seem to be affected. I have perused the code but the entropy gatherer seems to be fairly simple and

Recent proftpd security vulnerability release FYI. Ports has latest patched proftpd distribution. -- Jez http://www.munk.nu/ -------------- next part -------------- An embedded message was scrubbed... From: Dave Ahmad <da@securityfocus.com> Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd) Date: Tue, 23 Sep 2003 10:25:54 -0600 (MDT) Size: 4588 Url:

Hi, Do you any good SIEVE resources for a poor beginnner ? I'd to translate some of my current procmail rules into SIEVE. I have, for example, a "generic" rule that is able to sort almost any message from/to a mailing-list into a dedicated folder -i.e one rule for almost all my lists. Any recomendation ? Thank you

Hi There, re. the recently reported buffer overflow in icecast, is there any "official" security patch against 1.3.11 ? I am reluctant to take any un-official patch like this one ;-) There is nothing on www.icecast.org/releases, maybe it's somewhere else ? Thanks. Alfredo <p><p>>Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >List-Id: