similar to: broken ssh-keysign for openssh 3.6.1p1 on Solaris 8

The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and still exists in 6.6p1). With HostbasedAuthentication/EnableSSHKeysign turned on, I am seeing one of two sets of messages: no matching hostkey found ssh_keysign: no reply key_sign failed and not a valid request ssh_keysign: no reply key_sign failed Then in either case two password prompts: bowman at HOST.math.utah.edu's

> I like the idea of your rsync-exclude.patch and have thought > about hacking it in myself. However as you already have done the work > may I make a small suggestion...... can the name of the exclude file > (your .rsync) be specified in the flags.... e.g. > > rsync --rsync-exclude=.snapshot -axvH /here /there > > In this way different invocations (e.g. system and

Hi, On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote: > My ssh_config has > Host * > HostbasedAuthentication yes > EnableSSHKeysign yes > NoHostAuthenticationForLocalhost yes > > NoHostAuthenticationForLocalhost is not necessary. > The one you are missing is EnableSSHKeysign. > > Additionally, you made no mention of your ssh_known_hosts files. Make > sure

It appears that /etc/ssh/ssh_config enforces policy on local users in addition to its documented role as provider of defaults. $ ssh -V OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f $ cat .ssh/config Host localhost HostbasedAuthentication yes PreferredAuthentications hostbased $ ssh localhost Hostbased authentication not enabled in /etc/ssh/ssh_config ssh_keysign: no reply

http://bugzilla.mindrot.org/show_bug.cgi?id=304 Summary: ssh-keysign memory freeing bug Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: Miscellaneous AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: openssh

We were running samba v2.2.x with the 'security = server' option and everything worked wonderfully. We upgraded to samba 3.0.10 with the same configuration. Everything still works but it's very very slow. Opening a file can take 15 to 30 seconds or more. I changed the security option to 'user' and everything is fast again. Clearly something has changed between 2.x.x and 3.x.x

On Fri, Jan 09, 2015 at 12:22:00 -0800, grantksupport at operamail.com wrote: > @client > > as root (as before) > > ssh server.DOMAIN.COM > Permission denied (hostbased). > > instead, as my user, fails differently for some reason, > > ssh server.DOMAIN.COM > ... > no matching hostkey found for key ED25519

https://bugzilla.mindrot.org/show_bug.cgi?id=1569 Summary: Hostbased auth fails when using a proxy command Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

It looks like host based authentication will not work if you attempt to set EnableSSHKeysign on a per host basis. Ie. This does not work. ------- Host ou8 HostName ou8.somedomain.com HostbasedAuthentication yes EnableSSHKeysign yes NoHostAuthenticationForLocalhost yes ------- Unless you also add ----- Host * EnableSSHKeysign yes ----- Is this the intended behavior? -- Tim Rice

Hi, About a year and a half ago I brought up the topic of encrypted hostkeys and posted a patch (http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the general reaction seemed receptive to the idea, a few problems were pointed out with the implementation (UI issues, ssh-keysign breakage). I've finally had some spare time in which to get back to this, and I've

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hi, I'm cross compiling openSSH-6.2p1 on a ARM architecture with zlib-1.2.7 openssl-1.0.1e the compilation succeeds but when I launch sftp x.y.z.t it fails: exec: /home/working_area/disk1/usr/bin/ssh: No such file or directory the problem is that /home/working_area/disk1/ is the path within the host PC Is there a way to fix the cross-compilation or to export a variable in the target

On Thu, 15 Jan 2004, Ian Ollmann wrote: > On Thu, 15 Jan 2004, Jean-Marc Valin wrote: > > > > Personally, I don't think much of PNI. The complex arithmetic stuff they > > > added sets you up for a lot of permute overhead that is inefficient -- > > > especially on a processor that is already weak on permute. In my opinion, > > > > Actually, the new

http://bugzilla.mindrot.org/show_bug.cgi?id=786 Summary: ssh is still looking at default config file when it is about EnableSSHKeysign Product: Portable OpenSSH Version: 3.7p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

Hi, below is a patch which only affects Cygwin. It adds the $(EXEEXT) suffix in calls to install, and it fixes the list of documentation files to install into /usr/share/doc/openssh in a Cygwin installation. Thanks, Corinna Index: Makefile.in =================================================================== RCS file: /cvs/openssh/Makefile.in,v retrieving revision 1.306 diff -u -p -r1.306

Hi rsync'ers, I'm soliciting feedback, discussion, and hopefully eventually support for a (currently very short and simple) proposal that would make it easier and more automatic for users to exclude from backups and other data transfers all the cache directories that various applications create and manage, such as Mozilla's web cache. The idea is simple: if applications that

They claim to max out at 1,800 MFLOPs And have a clock speed of up to 300 mhz. Jean-Marc Valin wrote: >Tell me how fast these chips are, I'll tell you if there's a chance... > > Jean-Marc > >Le jeu 18/12/2003 à 16:52, David Siebert a écrit : > > >>Anyone have any idea if the any of the Sharc or TigerSHARC DSPs are >>powerful enough to do realtime Speex?

http://bugzilla.mindrot.org/show_bug.cgi?id=356 Summary: 3.4p1 hostbased authentication between Linux and Solaris Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

Hello, I've troubles getting the hostbased method to work. I've given up on system-to-system for now (different versions), and I'm just trying to debug localhost. As far as I can see, the key is accepted, but then a sudden "Failed hostbased" is returned: [...] debug3: mm_answer_keyallowed: key 0x8099bc0 is disallowed debug3: mm_append_debug: Appending debug messages for

A few options appear to be missing from the list in ssh's manual. The one I didn't add is EnableSSHKeysign, whose description implies it is only effective when placed in the system-wide config file. Index: ssh.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh.1,v retrieving revision 1.319 diff -u -p -r1.319 ssh.1 --- ssh.1 7 May 2011