similar to: SRP for OpenSSH

We started receiving this message in our production server. Warning: Server lies about size of server public key: actual size is 767 bits vs. announced 768. Warning: This may be due to an old implementation of ssh. When I looked in the list archives I see that there has been a conversation about this topic before back about a year ago. Currently we are going from Openssh version 3.4 to another

I just joined the list, and I see in the archives that about a month ago there was a brief discussion of SRP, but it was dismissed. I urge people to take a look at this site: http://srp.stanford.edu/srp/ It's very cool. Let's say I'm on vacation visiting a friend, and I want to log in to my account back home. I trust my friend's machine, but I don't have my home

G'day, First off, I'm not subscribed to the list, so if there are any responses that should be directed to me, feel free to CC me in :) The below url is an updated patch of Professor Tom's earlier SRP patches for SSH. The only things changed was so that it would compile on a newer openssh version. For more information regarding SRP, see http://srp.stanford.edu This isn't

This is to announce the availability of SRP (Secure Remote Password) support for OpenSSH. A tarball is available on Tripod: http://members.tripod.com/professor_tom/archives/ http://members.tripod.com/professor_tom/archives/openssh-2.5.2p2-srp5.tar.gz (Note: Tripod requires you to LEFT click on links to download files.) To install, unpack, configure --with-srp, and make install, then create an

On Sun, 29 Apr 2001, RJ Atkinson wrote: > At 06:26 27/04/01, Tom Wu wrote: > >For those of you who were following the discussion about the new draft > >and implementation of SRP-based password authentication in OpenSSH, I > >promised to have Stanford issue the IETF an official, explicit, > >statement reiterating the unencumbered royalty-free licensing terms. > >The

>Simply stated, SRP is a strong password authentication protocol that >resists passive/active network attack, and when used in conjunction with >OpenSSH, solves the "unknown host key" problem without requiring host >key fingerprint verification or PKI deployment (e.g. X.509 certs). Put >another way, is there any good reason *not* to fold these patches into >OpenSSH

Are there any plans to include support for SRP or a similar zero-knowledge password protocol into OpenSSH? -- Jeremy

Just wondering if there were any plans to integrate SRP support into OpenSSH. And if there aren't would a patch be accepted that would enable such. And if so could anyone give me a couple of pointers as to where the authentication code goes. Edward Flick

Hi, I have been having a problem with OpenSSH which afaict has _never_ happened prior to upgrading to 3.0. (I always run the current release, so I'd been on 2.9.9[p2] prior to 3.0.) At a seemingly random time, I will lose my connection to the remote host, for example: Read from remote host crate.alongtheway.com: Connection reset by peer Granted, I am not sure that that was the error

This is the 2nd beta release of SRP for OpenSSH. The patch attached to this message is relative to the current (20010411) CVS sources of OpenSSH-portable (2.5.4p1). A tarball is also available: http://members.tripod.com/professor_tom/archives/ http://members.tripod.com/professor_tom/archives/openssh-2.5.4p1-srp6.tar.gz (Note: Tripod requires you to LEFT click on links to download files, and

Dear members. I'm looking for best practice for administration Infiniband SRP volume with libvirt (virsh) How to manage these volumes? * SRP Disk is /dev/disk/by-id/scsi-2766f6c3030303037 or /dev/sdi Now I edited guest domain file with ``virsh edit XXXX'' command and append the following lines. <disk type='block' device='disk'>

[I know this is the 'port' list, but I can't find a better place to post this, and with the garbage going on @slashdot I figured I'd get this out. This belongs on sci.crypt or a general OpenSSH mailing list] First, a quick rehash of stuff everyone here already knows, OpenSSH can use two major forms of authentication: 1. Password 2. RSA keys The RSA method is good because it

In message <Pine.LNX.4.30.0104031615270.8678-100000 at holly.crl.go.jp>, Tom Holro yd writes: >SRP has different requirements from Diffie-Hellman. In particular, >for SRP the generator must be primitive. It turns out that the "primes" >file contains only safe primes with primitive generators, and is thus >ideal for SRP, but so far in OpenSSH it has only been used for

For those of you who were following the discussion about the new draft and implementation of SRP-based password authentication in OpenSSH, I promised to have Stanford issue the IETF an official, explicit, statement reiterating the unencumbered royalty-free licensing terms. The new statement is now available from the IETF's IPR page. Tom

I have uploaded a new release of the OpenSSH (portable) SRP patch. This version is vs. the 20010625 openssh_cvs; there are no other changes. You can find it here: http://members.tripod.com/professor_tom/archives/ http://members.tripod.com/professor_tom/archives/OpenSSH-srp9.tar.bz2 http://members.tripod.com/professor_tom/archives/OpenSSH-srp9.patch.bz2 The tarball is the whole thing with the

I've got an rsync job which is consistently failing, but I've been unable to diagnose the problem. FAQ/Google/docs/etc. checked and no luck. Basically, it looks like the rsync process invoked on the far end is exiting, and then the local process waits until the timeout and exits. Both systems are Sun boxes, Ultra 10 or better with 256+ MB of memory. Rsync version is 2.5.0 on the local

Hi Folks, Just installed Samba 2.2.10 on my FreeBSD 4.9 computer. I can see the FreeBSD box on all of my Win 9x boxes, but when I double click on its icon, I get a rude box message that says something like: ==================================================== You must supply a password to make this connection Resource: \\SAMMY\IPC$ ====================================================

Hello, running Coccinelle (http://coccinelle.lip6.fr/) on the DragonFly source tree with a patch to find issues of this kind turned up this one. Please see the attached diff (against OpenBSD). Regards, Sascha

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1692 The NIST advisory says that all versions of OpenSSH potentially contain the flaw. ?But is that really true? ?For example, I looked at the 3.8.1p1 distribution and didn't find any reference to JPAKE at all. Thanks.

>>>>>> facing [ no shared cipher ] error with EC private keys. >>>>> the client connecting to your instance has to support ecdsa >>>>> >>>>> >>>> It does - Thunderbird 60.0b10 (64-bit) >>>> >>>> [ security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384;true ] >>>> >>>> It seems there is