similar to: DH keys exchanged - encoding?

Hey all. Apologies if this is the wrong place to post this question. I'm developing an open source Java SSH (v2) client API, and need a bit of help. 1) After receiving the KEXDH_RESPONSE packet, reading SSH Transport Layer Protocol (March 2002), Section 5.2, Output from Key Exchange: do I assume that, in HASH (K || H || "A" || session_id), H is a mpint? The spec states that

Hello, all. Firstly, sorry for the cross-posting... Has anyone out there tried to use JCE (1.2.1, with JDK1.3.1) to create a Diffie Hellman key using the group1 prime modulus and base generator, and then pass on the public key to an OpenSSH (v3.1) server as a part of the diffie-hellman-group1-sha1 key exchange? For some reason, the ssh server rejects the key saying it is invalid ... I have

Am 02.11.2013 um 11:38 schrieb Aris Adamantiadis <aris at 0xbadc0de.be>: > RFC4251 describes mpint to be multi-size and with positive values having > MSB clear, so it's clearly incompatible with raw string. > > Since you both agreed on the curve25519 implementation to use, I'll work > today on Markus' patch to make the changes Damien wanted. What do you want to

hi, I have a draggable element (cart-item) in a shopping cart <%= draggable_element "item_#{product}_#{i}", :revert => true %> When this element is dragged outside the cart into the "main_div", I want to show a puff effect and remove the element. When it is dragged within the cart, it should revert. So i wrote this code for drop_receiving _element <%=

https://bugzilla.mindrot.org/show_bug.cgi?id=2390 Bug ID: 2390 Summary: PROTOCOL.key mis-describes private section Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Documentation Assignee: unassigned-bugs at

I am working on a port of Openssh 3.8p1 after already having done a port of Openssh 3.5p1. There are a couple of new lines in buffer_get_bignum2() that are causing me problems: if (len > 0 && (bin[0] & 0x80)) fatal("buffer_get_bignum2: negative numbers not supported"); The "& 0x80" check is not relevant in ebcdic. Does anyone

e.g. can we make it throw warnings etc. rsa-sha2-256 and rsa-sha2-512 are fine, they use PSS. On Sun, Jan 20, 2019 at 1:55 AM Yegor Ievlev <koops1997 at gmail.com> wrote: > > Also can we do anything with ssh-rsa? It uses both SHA-1 and > deprecated PKCS#1 padding. If it's used to sign certificates, there's > no additional protection of SHA-2 hashing before SHA-1

It should be compatible with the original patch. However I think that the shared secret should be encoded as a string, too. What does libssh do? > Am 02.11.2013 um 05:46 schrieb Damien Miller <djm at mindrot.org>: > >> On Fri, 1 Nov 2013, Markus Friedl wrote: >> >> Here are three versions (patch against openbsd cvs) >> >> 1) repace nacl w/libsodium,

HI ALL, it''s so frustuating to me from so many days--hosting ror app in apache on win os. i installed xampp and running ror apps using webrick server . but when comes to hosting that app into apache i can''t make it.i gone through the so many sites can anyone give me an assistance to solve this problem. thanks in advance regards, Manik. -- You received this message because you

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 --- Comment #13 from Darren Tucker <dtucker at zip.com.au> --- (In reply to Christoph Anton Mitterer from comment #10) [...] > Even though an attacker cannot (AFAIU??) for a connection to > downgrade to the weaker groups, The server's DH-GEX exchange hash includes the DH group sizes it received from the client. If these are

https://bugzilla.mindrot.org/show_bug.cgi?id=2303 Bug ID: 2303 Summary: ssh (and perhaps even sshd) should allow to specify the minimum DH group sizes for DH GEX Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Comment on attachment 2630 --> https://bugzilla.mindrot.org/attachment.cgi?id=2630 Make the DH-GEX fallback group 4k bit. Where did this group come from? IMO it would be best to use one of the standard groups if we're picking another fixed one - logjam attacks aren't

Clang patch for X32 support. Applies against current trunk. --- ./tools/clang/include/clang/Driver/Options.td.orig 2013-05-16 21:51:51.286129820 +0000 +++ ./tools/clang/include/clang/Driver/Options.td 2013-05-16 21:53:24.875004239 +0000 @@ -841,6 +841,7 @@ HelpText<"Enable hexagon-qdsp6 backward compatibility">; def m3dnowa : Flag<["-"], "m3dnowa">,

Hi, I'm working on bringing up complete coverage for a Gentoo x32 "desktop" system. I've been cooking up quite a few patches for various packages to push upstream, but right now, the biggest blocker is the lack of support for building with/codegen targeting x32 in llvm/clang. Since the x32 patches were sent last year, I see support code has landed in LLVM, and basic handling of

This patch is still not creating elf32_x86_64 objects. No idea why. :( It does however, fix elf_x86_64 (-m64) code generation on x32 hosts which is nice. :) --- ./tools/clang/include/clang/Driver/Options.td.orig 2013-05-16 21:51:51.286129820 +0000 +++ ./tools/clang/include/clang/Driver/Options.td 2013-05-16 21:53:24.875004239 +0000 @@ -841,6 +841,7 @@ HelpText<"Enable hexagon-qdsp6

On Fri 2015-06-12 01:52:54 -0400, Mark D. Baushke wrote: > I have communicated with Allen Roginsky on this topic and I have been given permission to post his response. > > In this message below, the 'vendor' was Darren Tucker's generated prime > that used a generator value of 5. > > -- Mark > > From: "Roginsky, Allen" <allen.roginsky at

On Wed, May 27, 2015 at 05:08:25PM -0400, Daniel Kahn Gillmor wrote: > On Tue 2015-05-26 15:39:49 -0400, Mark D. Baushke wrote: > > Hi Folks, > > > > The generator value of 5 does not lead to a q-ordered subgroup which > > is needed to pass tests in > > > > http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf > > I

hello, I'm also developing a ssh application in java and I also got stuck with DH-Key Exchange. I just get to the SSH_MSG_KEXDH_REPLY from the server. But what is he expecting me to send then, as far as I understand the Transport Layer Protcol I should send the SSH_MSG_NEWKEYS message, but that doesn't work. Does anyone know what to send then? (the hint from Markus Friedl with kexdh.c

... is actually old & very well known by the maintainer! there is a bug report for exactly this that is 3 years and 124 days old! http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=165505 I can also add my report to this bug and mention that we need a fixed version for our xen packages, but as it looks for me (at the moment) the maintainer is not really interessted in getting this

http://bugzilla.mindrot.org/show_bug.cgi?id=567 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|critical |major Component|Build system |ssh-keygen Summary|pb at the end of compil with|ssh-keygen: DH parameter