similar to: Test Failure on Mac OS X 10.4.2

Hi, In addition to the strptime change that Darren has just committed to fix Irix, I have committed a change to ssh(1) that affects all platforms: > - djm at cvs.openbsd.org 2010/08/12 21:49:44 > [ssh.c] > close any extra file descriptors inherited from parent at start and > reopen stdin/stdout to /dev/null when forking for ControlPersist. > > prevents tools that

As background, I read: http://therowes.net/~greg/2011/03/23/ssh-trusted-ca-key/ http://www.ibm.com/developerworks/aix/library/au-sshsecurity/ http://bryanhinton.com/blog/openssh-security http://www.linuxhowtos.org/manpages/5/sshd_config.htm

Hello, Testing on my system by doing the requested './configure && make tests' has this crash: ----------------------8< cut here 8<----------------------- test try ciphers: proto 2 cipher acss at openssh.org mac hmac-md5 test try ciphers: proto 2 cipher acss at openssh.org mac hmac-sha1-96 test try ciphers: proto 2 cipher acss at openssh.org mac hmac-md5-96 ok try

This provides a mechanism to attach arbitrary configure options into the ssh_config file and use them from the LocalCommand and ProxyCommand. Examples: # set FOO to foo LocalEnvMod FOO = foo # append bar to FOO with default separator "," LocalEnvMod FOO += bar # unset FOO LocalEnvMod FOO = # append foo to BAR with separator ":", if BAR is empty

Hello list, I am currently testing a setup for a PoC wit this configuration. - 1 x Frontend dovecot for proxying IMAP/POP3/LMTP/ManageSieve/Submission - 2 x Backend dovecot with local mail storage The frontend does the user authentification and communicate with the backends using a master password The fronted accepts PLAIN and LOGIN auth mechanisms and talk with backends using PLAIN auth

Using stock OpenSSH 4.7 I found different behavior when trying to specify the use of the 'none' cipher depending on the command line option nomenclature. This is under linux 2.6.19-web100 using -ocipher=none [root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S /home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb rapier at localhost:/dev/null rapier at

I have recently found the "fsh" program (http://www.lysator.liu.se/fsh/) which offered exactly what I needed. It is a great program but it is not maintained and was even thrown out of Debian because it was claimed that OpenSSH provided anything FSH offers. In fact, however, I miss a few features in OpenSSH that could easily be added inspired by FSH and make a very valuable addition in

After the commit titled "expand %h to the hostname in ssh_config Hostname options" (2010-07-16), %n always got the same value as %h in the LocalCommand config option. Fix this and add a regression test. --- regress/Makefile | 6 ++++-- regress/host-expand.sh | 18 ++++++++++++++++++ ssh.c | 6 ++++-- 3 files changed, 26 insertions(+), 4 deletions(-) diff

Hi, This (hopefully!) might be a case of user error, as I'm new to dovecot... Alternatively it might be some confusion in an index, since I've been mucking about trying different things in my configuration files and had frequent crashes. I'm trying to sync 2 (LAN) hosts, ideally to have full automatic replication happening. They both have hybrid mbox INBOX and maildir++ folders,

On Mon, Jan 18, 2010 Joachim Schipper wrote: > What this patch does can be described as follows: > > Without: > you at local$ ssh somehost > Enter passphrase for RSA key 'foo': > you at somehost$ exit > $ ssh otherhost > Enter passphrase for RSA key 'foo': > you at otherhost$ > > With: > you at local$ ssh somehost > Enter passphrase for RSA

Hi, Although cipher-speed.sh isn't failing, its output is useless on some platforms. Aside from the definition of $DATA noted in a previous post to this list, it makes assumptions about dd's status message and the behaviour of echo. The patch below addresses these issue, at least on RHEL. Index: regress/cipher-speed.sh ===================================================================

On my test systems: Ubuntu 22.04 with GCC 11.4 and OpenSSL 3.0.2 on AMD: PASS Fedora 39 with GCC 12.3.1 and OpenSSL 3.0.9 on Intel: PASS OS X 14.3.1 with clang 15.0.0 on Apple M2 (--without-openssl): FAIL The failure is with "make tests" specifically when it runs /Users/rapier/openssh-portable/ssh-keygen -if /Users/rapier/openssh-portable/regress/rsa_ssh2.prv | diff -

Hi All. Attached is a patch (against OpenSSH Portable -current) to portablize the regression tests. It will also apply to OpenBSD's (with a couple of rejects). They are based on work by Roumen Petrov and myself, with contributions from Corinna Vinschen and David M Williams. My goal is to have the tests work out of the box on as many of our supported platforms as possible so running the

On January 22, 2019 10:45, I wrote: > On January 21, 2019 19:00, Darren Tucker wrote: > > On Tue, 22 Jan 2019 at 12:01, Randall S. Becker > > <rsbecker at nexbridge.com> > > wrote: > > > > > Hi All, > > > > > > I finally got around to trying to test the 7.7p1 release on the HPE > > > NonStop Platform. 7.6p1 worked just fine - no

That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson, Herbie wrote: > > I?m hardly an expert on this, but if I remember correctly, the rekey rate > for good security is mostly dependent on the cipher block size.? I left my > reference books at home; so, I can?t come up with a reference for you, but I > would take Chris?

https://bugzilla.mindrot.org/show_bug.cgi?id=2404 Bug ID: 2404 Summary: scp skips file/directory on permissions error Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: scp Assignee: unassigned-bugs at mindrot.org

On Fri, 29 Sep 2017, Iain Morgan wrote: > Actually, according to OpenBSD's printenv(1) man page, it first appeared > in 2BSD. The man page on OS X claims it was BSD 3.0. However, it doesn't > appear to be part of any standard. > > Your suggestion ran into the same issue as the original test, but > escaping the evaluation by the user's shell appears to work: >

On Thu, Feb 8, 2024 at 1:18?PM Chris Rapier <rapier at psc.edu> wrote: > > I know that there are some methods to use federated identities (e.g. > OAuth2) with SSH authentication but, from what I've seen, they largely > seem clunky and require users to interact with web browsers to get one > time tokens. Which is sort of acceptable for occasional logins but > doesn't

Hi, I've just created a small directory as an example, it holds a file and two symlinks that don't point to anything, and another symlink going nowhere in a subdirectory. rsync (2.5.5) is happy to copy these but produces an error. I can't see why it considers this an error? It's not even aborting after it first encounters this 'error'. $ ls -lR /var/tmp/rsync.test

I'm hardly an expert on this, but if I remember correctly, the rekey rate for good security is mostly dependent on the cipher block size. I left my reference books at home; so, I can't come up with a reference for you, but I would take Chris' "I'm deeply unsure of what impact that would have on the security of the cipher" comment seriously and switch to a cipher with a