Displaying 20 results from an estimated 400 matches similar to: "ssh-agent does not immediately clean timeouted keys from memory"
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly:
http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html
<quote>
The paper concludes that the keystroke timing data observable from
today's SSH implementations reveals a dangerously significant amount of
information about user terminal sessions--enough to locate typed
passwords in the session data stream and reduce the
2001 Oct 06
1
Defeating Timing Attacks
Hello,
In response to the timing analysis attacks presented by Dawn Song et.
al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html
we
at Silicon Defense developed a patch for openssh to avoid such
measures.
Timing Analysis Evasion changes were developed by C. Jason Coit and Roel
Jonkman of Silicon Defense.
These changes cause SSH to send packets unless request not to,
2001 Oct 16
1
Defeating Timing Attacks Patch for OpenSSH 2.9.9p2 and 2.9p2
Hello,
In response to the timing analysis attacks presented by Dawn Song et.
al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html
we
at Silicon Defense developed a patch for openssh to avoid such
measures.
Timing Analysis Evasion changes were developed by C. Jason Coit and Roel
Jonkman of Silicon Defense.
These changes cause SSH to send packets unless request not to,
2001 Oct 10
7
OpenSSH solaris: bad return code after exec of remote command
Hi OpenSSH developers,
I am using openSSH (now 2.9.9p2, but prob occurs in 2.9p2 also) to execute
commands on a remote machine which outputs data to stdout then pipes it to
another invocation of ssh which connects back to the first machine in the same
way, where it starts a program to read and store the output from the command on
the second machine. I am using the "command" option in
2006 Sep 07
12
Multiple (multiplexed) simultaneous ssh connections - Cygwin bug?
Hello,
?
I need to make many (>50) ssh connections from linux to cygwin at the same time. Using Windows 2000 Server (OpenSSH_4.3p2, OpenSSL 0.9.8b and updated cygwin) and Linux RHEL4 (OpenSSH_3.9p1, OpenSSL 0.9.7a).
?
It's been difficult to optimize many simultaneous connections. Here were some issues:
1.?????? On Windows XP/Professional, Microsoft intentionally cripples the TCP/IP stack.
2003 Sep 15
1
SCO 3.2v4.2 and OpenSSH -current --> connection hangs and does no t close
Greetings,
I have a problem with OpenSSH -current and SCO 3.2v4.2,
when I execute a remote command or exit from a session,
the connection hangs, ( line 326 of serverloop.c).
This problem only exists when using ssh2.
server side debug (-d -d -d ):
debug1: Received SIGCHLD.
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0:
2006 Apr 22
2
bug & patch in ServerAliveInterval (openssh 4.3-p2)
Hi openssh-unix-dev subscribers :)
I have found that ServerAliveInterval & ServerAliveCountMax have
some bug. Basically the ssh-alive check function (that verify the
peer is alive) is called only if no data at all gets into ssh (when it
should work only for server channel).I am pretty sure developers know
about this ..anyway I have tried to fix this issue. Here is the patch:
diff -rNu
2001 Sep 05
2
sshd hangs on logout -- is this a bug?
In the changelog, there is an entry:
20001129
- (djm) Back out all the serverloop.c hacks. sshd will now hang again
if there are background children with open fds.
Does this mean that this is regarded as expected (and correct) behavior, that
should not change in the future, or does it mean that this behavior is a
known problem that someone will eventually fix?
--Adam
--
Adam McKenna
2020 Oct 14
2
Connection hang, can't stop SSH
Using OpenSSH_8.3p1 I had an open (working) connection to some other
box; after a bit of inactivity, some device in the middle seems to have
forgotten about the TCP connection (NAT) and broke it.
I've got an EscapeChar defined, though; so first I tried to send a BREAK
and, when that didn't help (TCP already gone, packets get lost!), I
tried (just out of curiosity) a Rekey.
Now I can see
2003 Apr 04
5
Anti-idle in OpenSSH client?
Heya,
Most of the windows ssh clients (putty, securecrt) have anti-idle
features. They offer either a null packet or protocol no-op or user
defined string to be sent over every x seconds.
Is this possible or planned with the OpenSSH client? Our draconian
firewall admins have started timing out ssh sessions. Yes I'm aware I
could hack up a port forwarding dumb traffic process, but was
2005 Mar 03
3
ssh hang problem under solaris 8
Hi :-)
i have try a hang on exit patch that i found in the web for an old openssh
version, but it dosent help :-(
in a german gdb howto i found a tip that the backtrace output can help to
analyse the problem....
is it a solaris problem ?
Greetings
Frank
sshd:
#0 0xff19d618 in _poll () from /usr/lib/libc.so.1
#1 0xff14d53c in select () from /usr/lib/libc.so.1
#2 0x000339a0 in
2003 Sep 17
3
[Bug 651] SCO 3.2v4.2 and OpenSSH 3.7.1p1 --> connection hangs and does not close (ssh2 only)
http://bugzilla.mindrot.org/show_bug.cgi?id=651
Summary: SCO 3.2v4.2 and OpenSSH 3.7.1p1 --> connection hangs and
does not close (ssh2 only)
Product: Portable OpenSSH
Version: 3.7p1
Platform: All
OS/Version: other
Status: NEW
Severity: major
Priority: P2
Component: sshd
2001 Aug 20
1
Idletimeout patch, third attempt
Here is my third attempt at the idletimeout patch. I tried to address
the points which Marcus Friedl brought up.
It is actually bigger than the previous patches, but not as intrusive.
It is big because it moves some stuff from serverloop.c to packet.c.
- I moved all the logic to packet.c. This means that I also had to move
the actual select() call, which used to be in serverloop.c to packet.c.
2009 Aug 18
11
[Bug 1633] New: Race condition in ssh-agent AUTH_CONNECTION
https://bugzilla.mindrot.org/show_bug.cgi?id=1633
Summary: Race condition in ssh-agent AUTH_CONNECTION
Product: Portable OpenSSH
Version: 5.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Keywords: patch
Severity: normal
Priority: P2
Component: ssh-agent
AssignedTo: unassigned-bugs at
2002 Jun 27
1
OpenSSH 3.3p1 on SunOS 4.1.4
Hi,
I just installed OpenSSH 3.3p1 on a SunOS 4.1.4 system (actually a
3-year old Auspex file server) as a replacement for an older, probably
vulnerable ssh version.
I used gcc, openssl 0.9.6d, zlib 1.1.4 and the configure incantation
./configure --with-tcp-wrappers --with-privsep-user=privsep
(the latter option obviously being the default value).
There were two problems: (a) memmove seems
2001 Oct 31
2
suggested fix for the sigchld race
comments?
alternatives: sigsetjmp(ugly) and pselect(not portable, available)
drawback: additional filedescriptors.
Index: serverloop.c
===================================================================
RCS file: /home/markus/cvs/ssh/serverloop.c,v
retrieving revision 1.82
diff -u -r1.82 serverloop.c
--- serverloop.c 10 Oct 2001 22:18:47 -0000 1.82
+++ serverloop.c 11 Oct 2001 18:06:33 -0000
@@
2012 Mar 11
2
[patch] Threading support in ssh-agent
Hi all!
I do not know openssh patch policy so I am just sending
the patch to the mailing list. Sorry for inconvenience.
Ssh-agent seems to be too slow if you need to access thousands of
servers. This is a simple patch to enable threading in ssh2 authentication.
Patch adds "-p numthreads" option and defaults to the number of processors.
I've tested it as I could, but
2005 Sep 04
2
ControlPersist and multiple X11 forwarding.
Three patches attached.
One implements a 'ControlPersist' option, which when used with
'ControlMaster auto' or 'ControlMaster 'yes' make makes the master
background itself and stick around after its own primary session is
completed.
The second causes control clients to pass X11 display, auth proto and
auth data over the control socket so that appropriate X11
2001 Oct 25
2
SIGCHLD race *trivial* patch
Yes, this is a patch against an older version of OpenSSH with other
stuff anyways, BUT, it's so TRIVIAL(*), that you can see how it would
apply to newer versions (which I've not tried).
Here's the gist: server_loop2() has a race condition with respect to
reception of SIGCHLD and checking/setting child_terminated. This patch
does two things: wait_until_can_do_something() adds a 1
2007 Mar 23
7
4.6p1 chan_read_failed error
The 4.6p1 sshd is logging this error during remote commands or file
transfers:
error: channel 0: chan_read_failed for istate 3
Platform is Solaris 8, 4.6p1 + OpenSSL 0.9.8d.
The commands and transfers work correctly, so the error message appears
to be spurious. The error message does not appear when processing logins.
Otherwise 4.6p1 is running without any apparent problems. This error