similar to: ssh -q doesn't suppress all warning messages

This patch allows DSA identities to be specified on the command line. Previously, only RSA identities were allowed. ------------------------------------------------------------------------ diff -U2 openssh-2.2.0p1/ssh.0 openssh-2.2.0p1.nigelw/ssh.0 --- openssh-2.2.0p1/ssh.0 Sat Sep 2 10:08:46 2000 +++ openssh-2.2.0p1.nigelw/ssh.0 Thu Dec 21 10:53:07 2000 @@ -224,5 +224,5 @@ -g Allows

https://bugzilla.mindrot.org/show_bug.cgi?id=1429 Summary: ssh -q doesn't suppress all warning messages Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: HPPA OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at

Hi all, I recently made a patch to openssh 4.1p1 to allow it to use the in-kernel key management provided by 2.6.12 or later Linux kernels. I've attached the patch (which is still only a proof-of-concept, for instance its very verbose right now) to this mail. Now, my question is, is this a completely insane idea and would (a later version of) the patch have a chance of making it into the

I'm trying to replace some sshv1 clients and servers in a modular way, and the "Server Lies" warning (when the server says the key has one more bit than it really has) is causing heartache. Per the FAQ, this is relatively benign. Here's a patch that allows an admin or user to disable the warning. - Morty diff -Nur openssh-3.7.1p2/readconf.c

Hello, I need to allow for some people to execute ssh with one shared private key for remote executing command on various machines. However, it is not possible to set group permissions for private keys and it is possible to have just one private key file for one user. Please, is it possible to add patches into openssh development tree like these, so that standard behavior of ssh is not changed,

Here is the user-dependent IdentityFile patch for openssh3.5 (BSD version), which allows private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location. This addresses an important security hole on systems where home directories are NFS mounted, particularly if there are users who use blank passphrases (or when lpd is tunneled through ssh on systems running lpd

I just found that trying to specify a DSA identity file with '-i' doesn't work. Although the man page doesn't indicate that this is supported for DSA keys, it also doesn't indicate very clearly that its _not_. Indeed, in ssh.c:main(), the "-i" only increments and sets: options.options.num_identity_files options.identity_files where it would need to modify:

Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following

By the way, I noticed in the previous IdentityFile patch I forgot to expand tilde. I fixed this by making the change in ssh.c instead of readconf.c, which is probably where it belongs, as far as the existing code is concerned: diff -ur openssh-3.0.2p1/auth.c openssh-3.0.2p1I/auth.c --- openssh-3.0.2p1/auth.c Sun Nov 11 17:06:07 2001 +++ openssh-3.0.2p1I/auth.c Sun Jan 27 12:05:14 2002 @@ -44,7

Here is a patch to allow private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location on systems where home directories are NFS mounted. This is especially important for users who use blank passphrases rather than ssh-agent (a good example of where this is necessary is for tunnelling lpd through ssh on systems that run lpd as user lp). IdentityFile now accepts

Hello, This change is to get the IdentityFile option processed from the included configuration files. Regards, Oleg Oleg Zhurakivskyy (1): Process the IdentityFile option from the included files readconf.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) -- 2.9.3

https://bugzilla.mindrot.org/show_bug.cgi?id=52 leanne <njleanne at hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |njleanne at hotmail.com --- Comment #58 from leanne <njleanne at hotmail.com> 2008-05-15 17:05:09 --- (In

https://bugzilla.mindrot.org/show_bug.cgi?id=1433 Summary: sshd.pid has permissions of 666 Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: HPPA OS/Version: HP-UX Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org

Suppose an SSH server has both RSA and DSA host keys for protocol 2, but I only have the DSA key, and I want to use that. I'm stuck; the OpenSSH client is hard-wired to offer both algorithms in the key exchange, and will select ssh-rsa if it's available (see myproposal.h, KEX_DEFAULT_PK_ALG). Below is a patch adding the client configuration option "PKAlgorithms" for this

Hi all, I noticed that openssh5.5 finally revised this bug, pls check the bugzilla https://bugzilla.mindrot.org/show_bug.cgi?id=1290 but when i test it both on linux and hp-ux, it will still fails: In hp-ux, server side: root at sshia2# /opt/ssh/sbin/sshd -p 1234 -D -h ssh_host_dsa_key -ddd .......... debug3: send_rexec_state: entering fd = 9 config len 322 debug3: ssh_msg_send: type

I have renamed all of the patch files to .txt, which should be acceptable for the mailer daemon at mindrot, per Angel's suggestion. I am attaching the patch files to the email, with the extra space removed and a minor correction made. Bill Parker (wp02855 at gmail dot com) -------------- next part -------------- --- port-linux.c.orig 2012-12-19 17:40:53.231529475 -0800 +++ port-linux.c

Hello All, In reviewing source code for OpenSSH-6.1p1, I found instances of deprecated library calls still within various source code files. Examples of deprecated calls are: bzero() (replaced with memset() which is ANSI compliant), index() (replaced with strchr() which is also ANSI compliant). In file 'auth2-jpake.c', I've replaced all the bzero() calls with the equivalent

Howdy. I'm trying to get OpenSSH to work on Mac OS X which is basically BSD unix. I'm getting segfaults connecting to SSH1 servers (I have no SSH2 servers to test against so I'm not sure if it's common). I've followed the instructions on compiling at http://www.stepwise.com/Articles/Workbench/2001-03-21.01.html which essentially amount to ./configure

Hi folks, I am new with Speex, while looking for Voice Chat in MSN/Yahoo, i cam across Speex. In case of Yahoo, i found Speex with variable bit rate. and in this case, the speex_decode function is not producing any output. Does in case of variable bit rate, something else is to be done with decoding process. Please guide me, what to do. Thanx in advance Lokesh

Here is a quick patch against openssh-2.5.1p1 to add a new config option (pkalg) for the ssh client allowing the selection of which public keys are obtained/verified. --cut-here- diff -c3 -r orig/openssh-2.5.1p1/key.c openssh-2.5.1p1/key.c *** orig/openssh-2.5.1p1/key.c Mon Feb 5 18:16:28 2001 --- openssh-2.5.1p1/key.c Sun Mar 11 23:10:10 2001 *************** *** 534,539 **** --- 534,567 ----