similar to: OpenSSH daemon security bug?

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

http://bugzilla.mindrot.org/show_bug.cgi?id=684 Summary: ssh cannot access keys stored in agent Product: Portable OpenSSH Version: 3.7.1p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy:

I have an account where I have DSA key setup with a passphrase. I am trying to write a script to ssh over to another Unix server, without having to type in the passphrase and have ssh read the passphrase from either a file or pass it in from the command line. Is there a way to do something like this? I know that we can it so I don't need to enter a passphrase but we don't want to do

Under 2.5p2, if I ssh'd back to myself I would get a prompt asking for my passphrase, and if that was incorrect it would then ask for my password. Assuming I had a authorized_keys file with my identity.pub in it. Under 2.9.p1 it goes straight to enter password instead of asking for my passphrase. This wouldn't be a problem except that when I have "PasswordAuthentication no" I

Hi! I am distributing 2.5.1p1 for production use on my system by now and prepare switching to protocol 2 as default protocol. I just noted, that ssh-agent can be used for protocol 1 and 2, but the keys kept in ssh-agent are not compared against keys in .ssh. Example: I have a DSA key in id_dsa which I load into ssh-agent on login. When connecting to an account accepting the key everything is

https://bugzilla.mindrot.org/show_bug.cgi?id=3190 Bug ID: 3190 Summary: Inconsistent handling of private keys without accompanying public keys Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:

whats the state of support for self-encrypting drives in CentOS 6 ? these are becoming increasingly common on both laptops and for enterprise storage (particularlly nearline), with features like instant-erase via key destruction. -- john r pierce N 37, W 122 santa cruz ca mid-left coast

Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. I created my SSH keys and copied the public part to the server and renamed it authorized_keys. My command line is: ssh root at xxxxxx.com -p 1234 The output shows the logging-on routine wants 3 types of authentication. Surely one successful authentication is sufficient ? OpenSSH_4.3p2, OpenSSL

Looking for help regaining access to encrypted ZFS file systems that stopped accepting the encryption key. I have a file server with a setup as follows: Solaris 11 Express 1010.11/snv_151a 8 x 2-TB disks, each one divided into three equal size partitions, three raidz3 pools built from a "slice" across matching partitions: Disk 1 Disk 8 zpools +--+ +--+ |p1| .. |p1| <-

according to the openssh mailing list page, this is the spot to report/discuss bugs and i have a potential one. on the other hand, it is probably something i am not doing correctly. the system is red hat linux 6.2 (yuk) running the openssh rpm i grabbed off of the portable openssh site listing, with sshd version OpenSSH_2.9p2 i have it installed via rpm and when i go to launch sshd it gives me

On Thu, Oct 11, 2018 at 10:41 AM Damien Miller <djm at mindrot.org> wrote: > On Wed, 10 Oct 2018, Adam Eijdenberg wrote: > > We see this error on the client side: > > > > debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> > > ... > > debug1: Offering public key: RSA-CERT SHA256:xxx /path/to/key > > debug1: send_pubkey_test: no

Hello, I noticed that since a couple of hours, this following directory on belnet is empty ... ftp://ftp.belnet.be/packages/caosity/centos/3.1/updates/i386/RPMS/ can i do something ? -- Martin

Hello, With the introduction of SSH_ASKPASS_REQUIRE in version 8.4, I've set up a script for SSH_ASKPASS to query my local passwordstore (https://www.passwordstore.org/) vault to retrieve the password for a given key. This works for ssh-add as well as ssh (configured with AddKeysToAgent set to 'yes'). My workflow effectively transforms into entering the password for the GPG key used

Hi People, The Linux Environment I am responsible for is using ssh key pairs to allow access to a number or accounts on a number Linux Servers. I currently have the opportunity to re-design some of this. So I would like to tap into peoples experiences to see what might be some good changes to make. Specifically I have a couple of questions 1. Currently all of the key pairs we are using

I have 5 windows workstations and 1 computer running freebsd 4.4 I want to install rsync on the freebsd computer so I can use it to backup some files/documents on my windows workstations. I want rsync to run automatically every 6pm mon-sat. I wanna ask if there is someone in this list who can give me guidelines on how i can do this. And another question I have is do I need to install samba? i

On Mon, Jan 18, 2010 Joachim Schipper wrote: > What this patch does can be described as follows: > > Without: > you at local$ ssh somehost > Enter passphrase for RSA key 'foo': > you at somehost$ exit > $ ssh otherhost > Enter passphrase for RSA key 'foo': > you at otherhost$ > > With: > you at local$ ssh somehost > Enter passphrase for RSA

Sending your passphrase encrypted is all fine, but tinc sends the key with which it was encrypted about a second later... Anyone being able to intercept these two requests is authorized on the VPN. We need asymmetric authentication _now_. -- Ivo Timmermans -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size:

Hi, the following series adds a --key option in the majority of tools: this makes it possible to pass LUKS credentials programmatically, avoid the need to manually input them, or unsafely pass them via stdin. Thanks, Pino Toscano (2): mltools: create a cmdline_options struct Introduce a --key option in tools that accept keys builder/cmdline.ml | 2 +-

Hi Rich and Pino, Commenting after a test. I've installed a RHEL 7 virtual machine with 2 disks, using the graphical installer. During the installation, I selected the 2 disks as well as encryption checkbox. It asked me for only one password. After the installation, when the machine boots, it asks for the password (showing a device UUID) only once. When connected as root, I can see that there

Hi list, I do not known, if this is really an issue but i noticed that when connecting to a remote ssh host with the standard linux openssh client using a private key, that there is no line of text indicating when the local key-passwd process was completed and the connection session was established. On a compromised host, the login shell could write the line 'Enter passphrase for key