similar to: OpenSSH current CVS build issue

#include <errno.h> was removed from includes.h in July: ---------------------------- revision 1.113 date: 2006/07/12 12:22:46; author: dtucker; state: Exp; lines: +1 -2 - stevesk at cvs.openbsd.org 2006/07/11 20:07:25 [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c includes.h

We are attempting to use openssh sftp to connect to a server that is running some version of the Axway SFTP server. After a publickey auth completes, the server resends publickey as a valid auth. This results in a loop as openssh sftp resubmits the publickey information. This seems similar to a discussion in 2014 that terminated with the thought that it might be nice if the client tracked

Hi - I have a data frame with a large number of observations (62,000 rows, but only 2 columns - a character ID and a result list). Sample: > my.df <- data.frame(id=c("ID1", "ID2", "ID3"), result=1:3) > my.df id result 1 ID1 1 2 ID2 2 3 ID3 3 I have a list of ID vectors. This list will have anywhere from 100 to 1000 members, and

this is the proposed gssapi diff against OpenSSH-current (non-portable). note: if this goes in, the old krb5 auth (ssh.com compatible) will be removed. please comment. jakob Index: auth.h =================================================================== RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -u -r1.1.1.2 -r1.3 --- auth.h

On Fri, Feb 23, 2018 at 05:01:00PM +1100, Darren Tucker wrote: > You could try this patch which defers resetting the "tried" flag on the > pubkeys until the list of authentication methods changes. I don't have > a server with this behaviour so I'm not sure if it helps (and I'm not > sure it's the right thing to do anyway). I think this is a better way to

http://bugzilla.mindrot.org/show_bug.cgi?id=684 Summary: ssh cannot access keys stored in agent Product: Portable OpenSSH Version: 3.7.1p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Ugh. With MAKE_KERBEROS5=yes, on a recent STABLE, I get the following trying to use Kerberized telnet: # telnet -l test big.x.kientzle.com Trying 66.166.149.54... Connected to big.x.kientzle.com. Escape character is '^]'. [ Trying mutual KERBEROS5 (host/big.x.kientzle.com@X.KIENTZLE.COM)... ] Bus error (core dumped) Fortunately, it's pretty easy to track down: (gdb) up #2

On Thu, 11 Oct 2018, Damien Miller wrote: > On Thu, 11 Oct 2018, Adam Eijdenberg wrote: > > > Thanks for looking into. I wasn't able to get the patch to apply > > cleanly to the portable source for whatever reason, so I manually made > > the changes and got a little further. I now get past the "no mutual > > signature algorithm" client message, and get

https://bugzilla.samba.org/show_bug.cgi?id=8137 Summary: Use a union instead of storing an integer in idlist::name Product: rsync Version: 3.1.0 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: core AssignedTo: wayned at samba.org

Hi! I am distributing 2.5.1p1 for production use on my system by now and prepare switching to protocol 2 as default protocol. I just noted, that ssh-agent can be used for protocol 1 and 2, but the keys kept in ssh-agent are not compared against keys in .ssh. Example: I have a DSA key in id_dsa which I load into ssh-agent on login. When connecting to an account accepting the key everything is

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

Hello! I have been reading through the OpenSSH 4.0p code. There exist two globals called "Authctxt". One is defined in sshconnect2.c (type 1) and the other in auth.h (type 2). Both are structs with different members. Nevertheless, they are used seemingly interchangeably, e.g.: In line 302 of sshconnect2.c the function "userauth_none" is called: userauth_none(&authctxt);

The patch to enable FIPS mode for openssh 6.0p1 missed two instances of the ssh client trying to use MD5. It causes pubkey-based authentication to fail in FIPS mode. I have copied the missing changes from auth2-pubkey.c into sshconnect2.c. Here is a patch: diff -cr openssh-6.0p1/sshconnect2.c openssh-6.0p1-patched/sshconnect2.c *** openssh-6.0p1/sshconnect2.c Sun May 29 07:42:34 2011 ---

Hello all, is there any recent information on programming on how to add a new authentication method into OpenSSH / OpenSSL ?! Is there any other way, to add a new authentication method into openssh (one-time passwords), apart from adding the functions into sshconnect.c and sshconnect2.c Particularly I'm interested in information on "struct Authctxt" in sshconnect2 and sshuserauth2.

Hi all! I do not know openssh patch policy so I am just sending the patch to the mailing list. Sorry for inconvenience. Ssh-agent seems to be too slow if you need to access thousands of servers. This is a simple patch to enable threading in ssh2 authentication. Patch adds "-p numthreads" option and defaults to the number of processors. I've tested it as I could, but

during my seminar of advanced exploitation techniques (SEAT, [1]) i developed some methods to crack into system via DMA (e.g. via firewire). as part of this i developed a program that steals loaded ssh private keys from ssh-agents. i was astonished to find that the keys are not immediately removed from the agent when a timeout occurs, but only the next time the agent is queried via its socket. i

https://bugzilla.mindrot.org/show_bug.cgi?id=2642 Bug ID: 2642 Summary: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status:

Add support to load additional certificates for already loaded private keys. Useful if the private key is on a PKCS#11 hardware token. The private keys inside ssh-agent are now using a refcount to share the private parts between "Identities". The reason for this change was that the PKCS#11 code might have redirected ("wrap") the RSA functions to a hardware token. We don't

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've patched my local OpenSSH (currently 2.9p2, but the same patch applies to 3.0.2) to allow the cipher 'none' for both SSH1 and SSH2 connections. With SSH1, there is already code to print a warning that any password you enter will be sent in plain text. However the userauth_passwd() in sshconnect2.c does not have any such warning. I

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.