similar to: PATCH: incorrect behaviour of 'ssh-keygen -HF'

Displaying 20 results from an estimated 600 matches similar to: "PATCH: incorrect behaviour of 'ssh-keygen -HF'"

2024 Oct 14
2
[RFC] Preferentially TOFU certificate authorities rather than host keys
There's currently no way to express trust for an SSH certificate CA other than by manually adding it to known_hosts. This patch modifies the automatic key write-out behaviour on user verification to associate the hostname with the CA rather than the host key, allowing environments making use of certificates to update (potentially compromised) host keys without needing to modify client
2007 Oct 19
3
[Bug 1376] New: 'ssh-keygen -HF' hashes host,IP together
https://bugzilla.mindrot.org/show_bug.cgi?id=1376 Summary: 'ssh-keygen -HF' hashes host,IP together Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh-keygen AssignedTo: bitbucket
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
When connecting to a host for which there's no known hostkey, check if the relevant key has been accepted for other hostnames. This is useful when connecting to a host with a dymamic IP address or multiple names. --- auth.c | 4 ++-- hostfile.c | 42 ++++++++++++++++++++++++++++-------------- hostfile.h | 8 ++++++-- sshconnect.c | 39 +++++++++++++++++++++++++++++++++------
2003 Mar 04
0
hashing known_hosts
Scenario: I have access to a semi-public (about 30 users) server where I keep my webpage. Occasionally, especially if I'm on the road. I use this as a bounce point to get to "secured" systems which only allow ssh from certian IP's. (Ignoring the discussion on spoofing, since we have host keys) But host keys are the problem. If anyone gets root on this hypothetical
2006 Feb 04
2
[PATCH] allow user to update changed key in known_hosts
Hi list, I use ssh a lot and I often need to connect to hosts whose host key has changed. If a host key of the remote host changes ssh terminates and the user has to manually delete the offending host key from known_hosts. I had to do this so many times that I no longer like the idea ;-) I would really like ssh to ask me if the new host key is OK and if I want to add it to known_hosts. I talked
2009 Aug 18
1
[PATCH server] Add of a button destroy for disabled hosts.
Add of a button destroy for disabled hosts. This button behave in a similar way than the delete button of a VM. Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux at orange-ftgroup.com> --- src/app/controllers/host_controller.rb | 5 +++++ src/app/services/host_service.rb | 15 +++++++++++++++ src/app/views/host/show.rhtml | 17 +++++++++++++++++ 3 files changed,
2007 Oct 22
3
[Bug 1379] New: memory leak in process_cmdline()
https://bugzilla.mindrot.org/show_bug.cgi?id=1379 Summary: memory leak in process_cmdline() Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh AssignedTo: bitbucket at mindrot.org
2007 Nov 09
6
[Bug 1390] New: RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390 Summary: RekeyLimit max value is too restrictive Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org
2002 Feb 13
0
[Bug 112] New: Using host key fingerprint instead of "yes"
http://bugzilla.mindrot.org/show_bug.cgi?id=112 Summary: Using host key fingerprint instead of "yes" Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org
2008 Jan 26
8
[Bug 1432] New: MaxAuthTries is not used correctly
https://bugzilla.mindrot.org/show_bug.cgi?id=1432 Summary: MaxAuthTries is not used correctly Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: bitbucket at mindrot.org
2007 Oct 22
15
[Bug 1380] New: incorrect check for strlen(fwd->connect_host) in parse_forward()
https://bugzilla.mindrot.org/show_bug.cgi?id=1380 Summary: incorrect check for strlen(fwd->connect_host) in parse_forward() Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh
2007 Oct 29
2
[Bug 1385] New: extra backslashes in RB_PROTOTYPE
https://bugzilla.mindrot.org/show_bug.cgi?id=1385 Summary: extra backslashes in RB_PROTOTYPE Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: Miscellaneous AssignedTo: bitbucket at
2007 Oct 22
2
[Bug 1378] New: incorrect port check in parse_forward()
https://bugzilla.mindrot.org/show_bug.cgi?id=1378 Summary: incorrect port check in parse_forward() Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh AssignedTo: bitbucket at mindrot.org
2010 Mar 03
2
Viewing cetificate details
Hi, I don't see any way to view the details of a certificate once it is generated. Having such a capability would be very handy for debugging purposes to check what constraints, principals, and validity interval are associated with a given cert. -- Iain Morgan
2016 Apr 13
1
[Fwd: Re: Samba_dlz, dhcp y zona inversa no actualiza]
>> what is in '/usr/bin/dhcpd-update-samba-dns.sh' ? # will receive addresses from this DHCP server. Instructions are found here: # https://wiki.archlinux.org/index.php/Samba_4_Active_Directory_Domain_Controller#DHCP sleep 5 checkvalues() { [ -z "${2}" ] && echo "Error: argument '${1}' requires a parameter." && exit 1 case ${2} in -*) echo
2010 Jan 11
2
/etc/nologin must be world-readable which is not totally clear
hi, the man page for sshd(1) says about /etc/nologin: "The file should be world-readable". However, nologin has no effect if it's not readable by the connecting user: if (pw->pw_uid) f = fopen(_PATH_NOLOGIN, "r"); if (f) { /* /etc/nologin exists. Print its contents and exit. */ ... ... return(254) if root has a
2007 Jan 18
3
proposal: new DisableBanner client side option
hi all, we had quite a few requests recently so that SunSSH allowed to hush a banner on client side when in command-mode only. The argument usually is that the banner is mandatory due to legal reasons so first time login users should see it but that it causes problems when ssh is used from scripts after that. '-q' often seems not an option. RFC 4252 permits hushing banner in section
2012 Nov 24
0
ssh-keyscan continuity patch --
I apologize, this patch should have been sent awhile ago. Between a lot of things that needed to be completed at work as a sysadmin for the Research Computing group at Purdue University and retiring from work after 38 years at the end of May (2012), I basically ignored it. This patch is from a clone of my workstation that I just activated at home. The patch was primarily written to fix the
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,