similar to: F-Secure SSH / OpenSSH pubkey compatibilty?

I would like to automatically deduce in a script if an ssh key is encrypted or not. Basically in a very particular application I want to be the BOFH and enforce that users place a passphrase on their id_rsa key. If they don't put a passphrase I want to send them back to ssh-keygen until they do. I have not been able to deduce a way to detect this yet. Any hints? Thanks Bob

https://bugzilla.mindrot.org/show_bug.cgi?id=3173 Bug ID: 3173 Summary: spurious message about pubkey being invalid format Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2678 Bug ID: 2678 Summary: PubKey Authentication fails when more than one user/group ACL is set on any Path component to authorized_keys Product: Portable OpenSSH Version: 5.3p1 Hardware: amd64 OS: Linux Status: NEW

http://bugzilla.mindrot.org/show_bug.cgi?id=937 Summary: ssh2 pubkey auth broken by user:style syntax Product: Portable OpenSSH Version: -current Platform: All OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

I have a gentoo 2.6.14 box with 4 nics, LAN/DMZ/PUB1/PUB2 LAN and DMZ have a 1918 /22 each, PUB1 and PUB2 have a /29 each of which 5 ips are assigned. Using the mangle table, I give all packets a mark (according to local policies) in the range 1-10. Using ip rule, i pass marks 1-5 through the pub1 route table, and marks 6-10 through the pub2 routing table. Using the nat table, I SNAT to one

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi all, i have two OSX boxes set up for ssh via pubkey auth only. i'm setting up rsync comms for the first time. i have rsyncd running on box A. no-auth rsync from box B to/from box A's rsyncd works as expected. rsync@B to/from rsyncd@A using pubkey-auth'd-ssh trasport: rsync --verbose --stats --recursive -e "ssh -F

I have made all these changes in my Ubuntu desktop. I have also enabled passwordless login for ssh at destination. But still, everytime i run into the same problem. On Thu, Mar 24, 2016, 4:05 PM Michal Privoznik <mprivozn@redhat.com> wrote: > On 24.03.2016 11:23, nidhi d wrote: > > From the auth log at the destination: > > Failed password for <user> from <ip>

https://bugzilla.mindrot.org/show_bug.cgi?id=2082 Bug ID: 2082 Summary: Please add pubkey fingerprint to authentication log message Classification: Unclassified Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=1523 Summary: Log public key identifier on pubkey login Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=1649 Summary: CreateObject : Mismatch auth between pubkey and password Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Cygwin on NT/2k Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

Hi, first of: my familiarity with OpenSSH/Pam code-base is very limited.. Please excuse me if some of this does not make any sense or seems stupid! I'm investigating if it is possible for a PAM module to find out which public key was accepted (when 'AuthenticationMethods publickey,keyboard-interactive' is used). From my digging in the source, it seems it is currently not. Would

On Thu, 27 Sep 2018, Victor Sudakov wrote: >> As others have written, you may see performance degradation as Dovecot >> will have to rebuild indices, but if you have small mailboxes, this won't >> be too bad. The only reason I use direct file access rather than IMAP >> is that I'm too lazy to work out a passwordless access method. If this >> doesn't

Hi. The error message 'AuthorizedKeyCommandUser \"%s\" not found' in user_key_command_allowed2() should inform about non-existing username, not about command. --- auth2-pubkey.c 14 Nov 2012 08:04:02 -0000 1.36 +++ auth2-pubkey.c 14 Feb 2013 16:50:04 -0000 @@ -480,7 +480,7 @@ pw = getpwnam(username); if (pw == NULL) { error("AuthorizedKeyCommandUser

I'm running a Debian VPS that was originally configured with OpenSSH 5.5 and I could use pubkey auth without issue. A few days ago, I decided to compile and install OpenSSH 6.2 for the AES-GCM support, and now I cannot login to my server with pubkey auth. I can't seem to figure out what the problem is, and when I replace the new sshd with the one originally included with my server, it

HD Moore from MetaSploit has noted that, given a pubkey (and not the corresponding private key, as might be found in authorized_keys), he can determine if he'd be able to log into an account. It's a small thing, but he's using it for very interesting recon/deanonymization. He'll be releasing a paper shortly, not overplaying the characteristic, but certainly showing it can be used

The patch to enable FIPS mode for openssh 6.0p1 missed two instances of the ssh client trying to use MD5. It causes pubkey-based authentication to fail in FIPS mode. I have copied the missing changes from auth2-pubkey.c into sshconnect2.c. Here is a patch: diff -cr openssh-6.0p1/sshconnect2.c openssh-6.0p1-patched/sshconnect2.c *** openssh-6.0p1/sshconnect2.c Sun May 29 07:42:34 2011 ---

http://bugzilla.mindrot.org/show_bug.cgi?id=1011 Summary: Multiple log entries for successful pubkey authentication Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at

I have sshd server sshd -V ... OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 ... running on linux/64 with cat sshd_config ... PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no

https://bugzilla.mindrot.org/show_bug.cgi?id=2196 Bug ID: 2196 Summary: ssh-copy-id: selects "wrong" pubkey Product: Portable OpenSSH Version: 6.4p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-copy-id Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=1388 Summary: Parts of auth2-pubkey.c are completely devoid of debug logging Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: