similar to: [patch] Make passphrase-protected SSHv1 keys work again

Hello, I need to allow for some people to execute ssh with one shared private key for remote executing command on various machines. However, it is not possible to set group permissions for private keys and it is possible to have just one private key file for one user. Please, is it possible to add patches into openssh development tree like these, so that standard behavior of ssh is not changed,

Hi, I needed to convert a public RSA key to autorized_keys format and found ssh-keygen lacking this feature. I made the option -Q publicfile to allow an conversion like ssh-keygen -Q pubrsa.pem -y The patch is produced using unified diff and made on latest release. If you like it and can make a patch for the man-page also! Regards, /Lars -------------- next part -------------- diff -u

Hello, I had some difficulties in order to convert private keys between different implementations of SSH. So, I wrote the following patch to allow export of SSH2 RSA and DSA private keys into IETF SECSH format. Note that I also slightly revised the IETF SECSH key import code. Usage: use of the "-e" option on a private key file generates an unencrypted private key file in IETF SECSH

Hello, In one recent change (https://anongit.mindrot.org/openssh.git/commit/?id=2b13d3934d5803703c04803ca3a93078ecb5b715), I noticed a regression. If ssh-keygen is given a private file without passphrase and without the corresponding .pub file, I doesn't extract the comment after the commit, while it did before: Before the commit: $ ./ssh-keygen -q -t dsa -N '' -C foobar -f

Add private key protection information extraction to shh-keygen using -v option on top of -y option which is already parsing the private key. Technically, the passphrase isn't necessary to do this, but it is the most logical thing to do for me. Adding this to -l option is not appropriate because fingerprinting is using the .pub file when available. An other idea is to add a new option, I

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

Hello all, I recently found myself wanting to run sshd with passphrase-protected host keys rather than the usual unencrypted format, and was somewhat surprised to discover that sshd did not support this. I'm not sure if there's any particular reason for that, but I've developed the below patch (relative to current CVS at time of writing) that implements this. It prompts for the

A Feature Request for OpenSSH 3.x: In version 2.x, when prompting for the passphrase ssh would print a prompt including the comment string from an RSA key, like: Enter passphrase for RSA key 'Your Dog's Name': The comment string was a useful way to remind the user what the passphrase was (i didn't use hints quite this easy :-). In Openssh 3.0, ssh prompts using the filename:

On Fri, May 25, 2001 at 02:21:06PM +0200, Nigel Kukard wrote: > Hi, > > [nkukard at wigglytuff .ssh]$ ssh-keygen -pf test_id > Enter old passphrase: > 'ey has comment 'ii > Enter new passphrase (empty for no passphrase): > Enter same passphrase again: > Segmentation fault (core dumped) > [nkukard at wigglytuff .ssh]$ > > > That is the error

Hello, I am going through the source of openssh-3.9p1 and I have a quick question on how the sshd daemon loads the host keys. In the default configuration of SSH2 protocol, the private DSA hostkey is found in the file 'ssh_host_dsa_key' and the public DSA hostkey counterpart in 'ssh_host_dsa_key.pub'. Likewise, the private and public RSA hostkeys are found in

Hello, Would it be possible to add generic engine support to OpenSSH? One use in particular would be to support TCP forwarding for secure mail server connections and similar applications. This would permit an administrator to configure in an arbitrary external engine to establish a secure RSA-based tunnel. OpenSSH would need no information built into it to accomodate any particular engine. One

Looking at openSSH INSTALL: To generate a host key, run "make host-key". Alternately you can do so manually using the following commands: ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N "" ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" But when I try latter, I get: (gdb) n 1 0x35a6 in save_private_key_ssh2 ( filename=0xb2d2c

Hi! I was trying to start ssh from a scheduled task in Windows 2000. I got the message "Enter passphrase for key '.ssh/identity':" Well the passphrase I set was empty, so that should not have happen. I traced this problem to the method key_load_public_type(int type, const char *filename, char **commentp) in authfile.c If the file cannot be opened (in my case the

This patch against OpenBSD -current adds a simple form of PKI to OpenSSH. We'll be using it at work. See README.certkey (the first chunk of the patch) for details. Everything below is BSD licensed, sponsored by Allamanda Networks AG. Daniel --- /dev/null Wed Nov 15 15:14:20 2006 +++ README.certkey Wed Nov 15 15:13:45 2006 @@ -0,0 +1,176 @@ +OpenSSH Certkey + +INTRODUCTION + +Certkey allows

hello.. i am running openssh-3.7.1p2. on linux.It is working successfully..and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem.?i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server ?in sshd main before

hello.. i am running openssh-3.7.1p2. on linux.It is working successfully.and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem. i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server in sshd main before

Hi all! I was scanning my servers with nmap, ( i have installed ssh), and the result gave me this: 22/tcp open ssh sshv1: Server Supports SSHv1 ssh-keyhost: 1024 ea:7e:77:b7:a1:78:18:70:6c:46:ee:a0:dd:08:0e:74 (RSA1) 1024 ba:d0:8a:44:16:fc:7c:7a:38:24:2e:72:06:fe:99:56 (DSA) 1024 ff:43:15:78:98:3c:75:f9:12:36:58:92:46:6c:1c:99 (RSA) could this be a threat for intruders? i know that sshv1

https://bugzilla.mindrot.org/show_bug.cgi?id=2044 Priority: P5 Bug ID: 2044 Assignee: unassigned-bugs at mindrot.org Summary: error message is printed for SSHv1 when ssh is forced to allocate a pseudo-tty even when it does not have a one Severity: minor Classification: Unclassified OS:

https://bugzilla.mindrot.org/show_bug.cgi?id=1835 Summary: sftp should fallback to sshv1 if server doesn't support sshv2 Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2519 Bug ID: 2519 Summary: Obsolete SSHv1 config options Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org