Displaying 20 results from an estimated 2000 matches similar to: "[Bug 304] New: ssh-keysign memory freeing bug"
2003 Oct 08
4
OS/390 openssh
Hello Steve, Hello OpenSSH-portable developers,
I am building OpenSSH for our (EBCDIC-based) BS2000 mainframe
operating system, and I noticed you do the same for OS/390.
Because my initial ssh port was based on IBM's OSS port (ssh-1.2.2
or some such), I thought it was fair enough to help with a little
co-operation; we might come up with a unified EBCDIC patch which could
be contributed to
2013 Jun 25
1
RFC: encrypted hostkeys patch
Hi,
About a year and a half ago I brought up the topic of encrypted hostkeys
and posted a patch
(http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the
general reaction seemed receptive to the idea, a few problems were pointed
out with the implementation (UI issues, ssh-keysign breakage).
I've finally had some spare time in which to get back to this, and I've
2003 Mar 31
1
[Bug 526] potential ssh-keysign segfault if pktype == KEY_UNSPEC
http://bugzilla.mindrot.org/show_bug.cgi?id=526
Summary: potential ssh-keysign segfault if pktype == KEY_UNSPEC
Product: Portable OpenSSH
Version: 3.6p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
2002 Jul 31
2
privsep+kerb5+ssh1
please test Olaf Kirch's patch. it looks fine to me, but i don't to K5.
i'd like to see this in the next release. thx
-m
-------------- next part --------------
--- openssh-3.4p1/auth-krb5.c.krb Sun Jun 9 21:41:48 2002
+++ openssh-3.4p1/auth-krb5.c Tue Jul 23 15:15:43 2002
@@ -73,18 +73,17 @@
* from the ticket
*/
int
-auth_krb5(Authctxt *authctxt, krb5_data *auth, char
2003 Apr 02
1
broken ssh-keysign for openssh 3.6.1p1 on Solaris 8
The latter versions of openssh (3.4,3.5 and 3.6.1) all seem to suffer
from a broken ssh-keysign binary. This causes HostbasedAuthentication to
fail.
We have installed 3.6.1p1 on a Solaris 8 machine using
openssl-0.9.6i. This fails thusly
ssh server
<......some \digits removed - a key perhaps?>
ssh_keysign: no reply
key_sign failed
a at server's password
For version 3.4p1 we patched
2010 Jan 14
1
ssh(1) multiplexing rewrite
Hi,
At the n2k10 OpenBSD network hackathon, I finally got some time to clean
up and rewrite the ssh(1) client multiplexing code. The attached diffs
(one for portable OpenSSH, one for OpenBSD) are the result, and they
need some testing.
The revised multiplexing code uses a better protocol between the master
and slave processes and I even bothered to write it up :) It tracks the
control sockets
2002 Jan 03
3
[PATCH] Improving sftp client performance
The included patch for openssh 3.0.2p1 implements overlapping read
requests for the sftp client. It should be able to handle weird cases
such as shriking files and reordered responses. This is only the first
shot, and I'd be happy for any comments. I plan to implement something
similar for the write path if this works out well.
The maximum number of outstanding requests is quite high at
2006 May 15
0
[PATCH 9/12] bug fix: openssh 4.3p2 possible NULL dereference
key is freed outside of the if that checks if key is NULL therefore,
NULL could be sent to the key_free function which will not handle it
correctly. The fix is to move key_free to a place where you know key is
not NULL. This patch moves the key_free call. This entire set of
patches passed the regression tests on my system. Bug found by Coverity.
Signed-off-by: Kylene Hall <kjhall at
2006 Aug 28
0
patch for ssh-agent force confirm keys
Hi all
Patch adds flag -C to ssh-agent which will force
confirmation for any key added in agent (similar
to ssh-add -c)
Helps when forwarded agent authentication is used and
each key should be confirmed before use
catam
--- ssh-agent.c 2006-08-28 14:02:12.000000000 +0300
+++ ssh-agent.c.orig 2006-08-28 13:36:05.000000000 +0300
@@ -111,9 +111,6 @@
/* Default lifetime (0 == forever) */
2014 Mar 21
2
Bug? between OpenSSH 6.4p1 and 6.5p1(also 6.6p1)
The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and
still exists in 6.6p1). With HostbasedAuthentication/EnableSSHKeysign
turned on, I am seeing one of two sets of messages:
no matching hostkey found
ssh_keysign: no reply
key_sign failed
and
not a valid request
ssh_keysign: no reply
key_sign failed
Then in either case two password prompts:
bowman at HOST.math.utah.edu's
2005 Jul 26
1
Linux in-kernel keys support
Hi all,
I recently made a patch to openssh 4.1p1 to allow it to use the
in-kernel key management provided by 2.6.12 or later Linux kernels.
I've attached the patch (which is still only a proof-of-concept, for
instance its very verbose right now) to this mail.
Now, my question is, is this a completely insane idea and would (a later
version of) the patch have a chance of making it into the
2008 Jul 12
2
[Bug 1486] New: Improperly used buffer during KEX
https://bugzilla.mindrot.org/show_bug.cgi?id=1486
Summary: Improperly used buffer during KEX
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: unassigned-bugs at
2002 Jun 26
0
[Bug 304] ssh-keysign memory freeing bug
http://bugzilla.mindrot.org/show_bug.cgi?id=304
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From markus at openbsd.org 2002-06-27
2011 May 03
0
Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
OpenSSH Security Advisory: portable-keysign-rand-helper.adv
This document may be found at:
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
1. Vulnerability
Portable OpenSSH's ssh-keysign utility may allow unauthorised
local access to host keys on platforms if ssh-rand-helper is
used.
2. Affected configurations
Portable OpenSSH prior to version
2015 Jan 09
4
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
On Fri, Jan 09, 2015 at 12:22:00 -0800, grantksupport at operamail.com wrote:
> @client
>
> as root (as before)
>
> ssh server.DOMAIN.COM
> Permission denied (hostbased).
>
> instead, as my user, fails differently for some reason,
>
> ssh server.DOMAIN.COM
> ...
> no matching hostkey found for key ED25519
2009 Dec 18
0
[agc@NetBSD.org: CVS commit: src/crypto/external/bsd/openssh/dist]
Hi,
I applied the following minor diff to preserve the value of the extern
variable across calls to process_sign_request2() in ssh-agent.c.
I've no idea if the attachment of the attachment will come out
correctly so a cvs diff is also attached.
Regards,
Alistair
-------------- next part --------------
An embedded message was scrubbed...
From: "Alistair G. Crooks" <agc at
2011 May 03
1
Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
OpenSSH Security Advisory: portable-keysign-rand-helper.adv
This document may be found at:
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
1. Vulnerability
Portable OpenSSH's ssh-keysign utility may allow unauthorised
local access to host keys on platforms if ssh-rand-helper is
used.
2. Affected configurations
Portable OpenSSH prior to version
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2004 Dec 17
0
ssh-keysign bug?
I use ssh in a batch environment (www.pbspro.com) and am using host based
authentication to allow sshes between some resources. When I converted from
openssh 3.1 to newer versions (up to an including 3.8 where ssh-keysign was
moved to a standalone binary) I had issues with ssh-keysign failing with the
error "bad fd". A little exploring showed that this was happening because
in the
2002 May 09
0
functions : server_input_channel_req userauth_pubkey
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
I am not sure if this is the correct place to ask these question,
if I am at the wrong place please advise.
I am currently working on some modifications to openssh
which record the users rsa/dsa identity comment file to
a log file when the user logs in (password authentication
is disabled).
The ssh1 portion of the modification works