Displaying 20 results from an estimated 600 matches similar to: "PATCH: incorrect behaviour of 'ssh-keygen -HF'"
2024 Oct 14
2
[RFC] Preferentially TOFU certificate authorities rather than host keys
There's currently no way to express trust for an SSH certificate CA other
than by manually adding it to known_hosts. This patch modifies the automatic
key write-out behaviour on user verification to associate the hostname with
the CA rather than the host key, allowing environments making use of
certificates to update (potentially compromised) host keys without needing
to modify client
2007 Oct 19
3
[Bug 1376] New: 'ssh-keygen -HF' hashes host,IP together
https://bugzilla.mindrot.org/show_bug.cgi?id=1376
Summary: 'ssh-keygen -HF' hashes host,IP together
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ssh-keygen
AssignedTo: bitbucket
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
When connecting to a host for which there's no known hostkey, check if the
relevant key has been accepted for other hostnames. This is useful when
connecting to a host with a dymamic IP address or multiple names.
---
auth.c | 4 ++--
hostfile.c | 42 ++++++++++++++++++++++++++++--------------
hostfile.h | 8 ++++++--
sshconnect.c | 39 +++++++++++++++++++++++++++++++++------
2003 Mar 04
0
hashing known_hosts
Scenario:
I have access to a semi-public (about 30 users) server where I keep my
webpage. Occasionally, especially if I'm on the road. I use this as a
bounce point to get to "secured" systems which only allow ssh from
certian IP's. (Ignoring the discussion on spoofing, since we have host
keys)
But host keys are the problem. If anyone gets root on this hypothetical
2006 Feb 04
2
[PATCH] allow user to update changed key in known_hosts
Hi list,
I use ssh a lot and I often need to connect to hosts whose host key has
changed. If a host key of the remote host changes ssh terminates and the
user has to manually delete the offending host key from known_hosts. I
had to do this so many times that I no longer like the idea ;-)
I would really like ssh to ask me if the new host key is OK and if I
want to add it to known_hosts.
I talked
2009 Aug 18
1
[PATCH server] Add of a button destroy for disabled hosts.
Add of a button destroy for disabled hosts.
This button behave in a similar way than the delete button of a VM.
Signed-off-by: Sylvain Desbureaux
<sylvain.desbureaux at orange-ftgroup.com>
---
src/app/controllers/host_controller.rb | 5 +++++
src/app/services/host_service.rb | 15 +++++++++++++++
src/app/views/host/show.rhtml | 17 +++++++++++++++++
3 files changed,
2007 Oct 22
3
[Bug 1379] New: memory leak in process_cmdline()
https://bugzilla.mindrot.org/show_bug.cgi?id=1379
Summary: memory leak in process_cmdline()
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ssh
AssignedTo: bitbucket at mindrot.org
2007 Nov 09
6
[Bug 1390] New: RekeyLimit max value is too restrictive
https://bugzilla.mindrot.org/show_bug.cgi?id=1390
Summary: RekeyLimit max value is too restrictive
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
2002 Feb 13
0
[Bug 112] New: Using host key fingerprint instead of "yes"
http://bugzilla.mindrot.org/show_bug.cgi?id=112
Summary: Using host key fingerprint instead of "yes"
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
2008 Jan 26
8
[Bug 1432] New: MaxAuthTries is not used correctly
https://bugzilla.mindrot.org/show_bug.cgi?id=1432
Summary: MaxAuthTries is not used correctly
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: bitbucket at mindrot.org
2007 Oct 22
15
[Bug 1380] New: incorrect check for strlen(fwd->connect_host) in parse_forward()
https://bugzilla.mindrot.org/show_bug.cgi?id=1380
Summary: incorrect check for strlen(fwd->connect_host) in
parse_forward()
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ssh
2007 Oct 29
2
[Bug 1385] New: extra backslashes in RB_PROTOTYPE
https://bugzilla.mindrot.org/show_bug.cgi?id=1385
Summary: extra backslashes in RB_PROTOTYPE
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Miscellaneous
AssignedTo: bitbucket at
2007 Oct 22
2
[Bug 1378] New: incorrect port check in parse_forward()
https://bugzilla.mindrot.org/show_bug.cgi?id=1378
Summary: incorrect port check in parse_forward()
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ssh
AssignedTo: bitbucket at mindrot.org
2010 Mar 03
2
Viewing cetificate details
Hi,
I don't see any way to view the details of a certificate once it is
generated. Having such a capability would be very handy for debugging
purposes to check what constraints, principals, and validity interval
are associated with a given cert.
--
Iain Morgan
2016 Apr 13
1
[Fwd: Re: Samba_dlz, dhcp y zona inversa no actualiza]
>> what is in '/usr/bin/dhcpd-update-samba-dns.sh' ?
# will receive addresses from this DHCP server. Instructions are found here:
#
https://wiki.archlinux.org/index.php/Samba_4_Active_Directory_Domain_Controller#DHCP
sleep 5
checkvalues()
{
[ -z "${2}" ] && echo "Error: argument '${1}' requires a parameter." &&
exit 1
case ${2} in
-*)
echo
2010 Jan 11
2
/etc/nologin must be world-readable which is not totally clear
hi, the man page for sshd(1) says about /etc/nologin: "The file
should be world-readable". However, nologin has no effect if it's not
readable by the connecting user:
if (pw->pw_uid)
f = fopen(_PATH_NOLOGIN, "r");
if (f) {
/* /etc/nologin exists. Print its contents and exit. */
...
...
return(254)
if root has a
2007 Jan 18
3
proposal: new DisableBanner client side option
hi all, we had quite a few requests recently so that SunSSH allowed
to hush a banner on client side when in command-mode only. The argument
usually is that the banner is mandatory due to legal reasons so first time
login users should see it but that it causes problems when ssh is used from
scripts after that. '-q' often seems not an option. RFC 4252 permits hushing
banner in section
2012 Nov 24
0
ssh-keyscan continuity patch --
I apologize, this patch should have been sent awhile ago. Between a lot
of things that needed to be completed at work as a sysadmin for the
Research Computing group at Purdue University and retiring from work
after 38 years at the end of May (2012), I basically ignored it. This
patch is from a clone of my workstation that I just activated at home.
The patch was primarily written to fix the
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,
2007 Sep 05
0
Announce: OpenSSH 4.7 released
OpenSSH 4.7 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,