Displaying 20 results from an estimated 10000 matches similar to: "Different HostKeys for different hostnames or IPs in the same sshd?.."
2007 Jan 30
3
[Bug 1279] Address- and/or port-specific HostKeys support
http://bugzilla.mindrot.org/show_bug.cgi?id=1279
Summary: Address- and/or port-specific HostKeys support
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2013 Feb 06
4
FreeBSD-9.1 would not boot on pentium3 laptop
Hello!
I have an old Dell Latitude C800 laptop (with Pentium3 CPU in it).
FreeBSD 6.3-STABLE was running fine on it, but I decided to update the
machine to 9.1-STABLE.
Well, neither my own custom kernel, nor even the official 9.1-RELEASE
CD1 would boot... In both cases the boot process runs up to detecting
uhub0, then either hangs forever or shuts off after a short while.
Again, I thought I
2008 Jul 22
4
"sleeping without queue" ?
Hello!
My attempt to build openoffice.org-3 seems to be hanging. Pressing
Ctrl-T produces:
load: 0.11 cmd: tcsh 79759 [sleeping without queue] 0.00u 0.00s 0% 0k
(tcsh is used by OOo's build-script). What is this "sleeping without
queue" state, and why is process in it for so long?
This is an 4-CPU amd64 system with 4Gb of RAM. Only 16% of the swap is
currently in use and
2012 Dec 27
3
[PATCH] hostfile: list known names (if any) for new hostkeys
When connecting to a host for which there's no known hostkey, check if the
relevant key has been accepted for other hostnames. This is useful when
connecting to a host with a dymamic IP address or multiple names.
---
auth.c | 4 ++--
hostfile.c | 42 ++++++++++++++++++++++++++++--------------
hostfile.h | 8 ++++++--
sshconnect.c | 39 +++++++++++++++++++++++++++++++++------
2017 Jul 24
4
[Bug 2747] New: Different notations for the same IP-address result in multiple entries in known_hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=2747
Bug ID: 2747
Summary: Different notations for the same IP-address result in
multiple entries in known_hosts
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: FreeBSD
Status: NEW
Severity: enhancement
Priority: P5
2024 Nov 12
3
[PATCH 0/2] Specify signature algorithm during server hostkeys prove
From: Maxime Rey <maximejeanrey at gmail.com>
Hello,
I've discovered an issue with sshd when it's configured to use the SSH agent
alongside multiple host keys. Specifically, this problem happens during the
hostkeys-prove-00 at openssh.com request, when the server attempts to
demonstrate ownership of the host keys by calling the agent.
The issue occurs because, while processing the
2019 Oct 21
2
Multiple Signatures on SSH-Hostkeys
Hello, OpenSSH-wizards.
In our company, we have looked into SSH-HostKey-signing in order to
realize automated access without the need to accept the server's
hostkey, manually.
I got it to work with the HostCertificate-directive inside the
sshd_config.
Now, I was wondering whether it is possible to have multiple
signatures, so I can, for example, sign the hostkey once with a
2002 Jun 05
1
Per-port hostkeys
My apologies if this has been covered already. My search of the archives
was unfruitful.
OpenSSH seems to be lacking a certain capability present in ssh.com's
client; namely, the ability to store remote hostkeys on a per-port basis.
I have various machines that, due to iptables port-forwarding, appear to
be running copies of (open)sshd on multiple ports. "Commercial" ssh
stores
2002 Jan 31
7
x509 for hostkeys.
This (very quick) patch allows you to connect with the commercial
ssh.com windows client and use x509 certs for hostkeys. You have
to import your CA cert (ca.crt) in the windows client and certify
your hostkey:
$ cat << 'EOF' > x509v3.cnf
CERTPATHLEN = 1
CERTUSAGE = digitalSignature,keyCertSign
CERTIP = 0.0.0.0
[x509v3_CA]
2024 Sep 23
1
[PATCH] sshd: Add pkcs11 support for HostKey.
Hello,
OpenSSH supports PKCS#11 on the client side, but that does not extend to
the server side. I would like to bring PKCS#11 support to sshd.
I am working on embedded Linux systems with integrated HSM. The sshd
host key is stored on the HSM. To have sshd using that key, we rely on
the following chain:
sshd -> OpenSSL -> OpenSSL Engine -> HSM Having
PKCS#11 support in sshd, would
2007 Dec 17
3
FETCH for mailbox INBOX UID 39641 got too little data: 4823 vs 4825
Whenever I try to access an e-mail in the middle (rather than at the end) of
the mailbox, my mail-client (KMail) gets an error a message like this is
logged in the maillog:
IMAP(mi): FETCH for mailbox INBOX UID 39641 got too little data: 4823 vs 4825
IMAP(mi): Disconnected: Disconnected
The actual numbers vary, but it is always X vs X+2
The problem started when I upgraded to 1.0.8.
2006 Mar 21
1
weird bugs with mmap-ing via NFS
[Moved from -current to -stable]
???????? 21 ???????? 2006 16:23, Matthew Dillon ?? ????????:
> ? ? You might be doing just writes to the mmap()'d memory, but the system
> ? ? doesn't know that.
Actually, it does. The program tells it, that I don't care to read, what's
currently there, by specifying the PROT_READ flag only.
> ? ? The moment you touch any mmap()'d
2008 Aug 21
12
machine hangs on occasion - correlated with ssh break-in attempts
Hello!
A machine I manage remotely for a friend comes under a distributed ssh
break-in attack every once in a while. Annoyed (and alarmed) by the
messages like:
Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180
Aug 12
2008 Aug 21
12
machine hangs on occasion - correlated with ssh break-in attempts
Hello!
A machine I manage remotely for a friend comes under a distributed ssh
break-in attack every once in a while. Annoyed (and alarmed) by the
messages like:
Aug 12 10:21:17 symbion sshd[4333]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:18 symbion sshd[4335]: Invalid user mythtv from 85.234.158.180
Aug 12 10:21:20 symbion sshd[4337]: Invalid user mythtv from 85.234.158.180
Aug 12
2024 Oct 28
1
[PATCH] Specify signature algorithm during server hostkeys prove
Hello,
I've found that when using the ssh agent and sshd together, there is an issue
when using multiple host keys. Specifically, after the key exchange phase,
when a client requests proof of ownership for the host keys via the
"hostkeys-prove-00 at openssh.com" request, the server prepares the response
without specifying the signature algoorithm in case of non-RSA keys.
This leads
2002 Oct 17
0
[Bug 416] New: problems with sshd starting up and hostkeys
http://bugzilla.mindrot.org/show_bug.cgi?id=416
Summary: problems with sshd starting up and hostkeys
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2002 Oct 17
0
[Bug 416] problems with sshd starting up and hostkeys
http://bugzilla.mindrot.org/show_bug.cgi?id=416
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
------- Additional Comments From markus at openbsd.org 2002-10-18
2013 Jun 25
1
RFC: encrypted hostkeys patch
Hi,
About a year and a half ago I brought up the topic of encrypted hostkeys
and posted a patch
(http://marc.info/?l=openssh-unix-dev&m=132774431906364&w=2), and while the
general reaction seemed receptive to the idea, a few problems were pointed
out with the implementation (UI issues, ssh-keysign breakage).
I've finally had some spare time in which to get back to this, and I've
2015 Jun 20
2
sshd and consequences of HostKeyAgent
Hello,
I tried to use HostKeyAgent with sshd 6.7 under Linux. That worked for
Linux clients. However, when I tried to connect from OpenSSH 6.2 under
Mac OS X, the server disconnects:
debug2: bits set: 1026/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
Connection closed by 84.22.97.209
When I disabled HostKeyAgent and switched HostKey back to the private
2020 Apr 26
5
[Bug 3155] New: openssh support hostkey encrypt
https://bugzilla.mindrot.org/show_bug.cgi?id=3155
Bug ID: 3155
Summary: openssh support hostkey encrypt
Product: Portable OpenSSH
Version: 8.2p1
Hardware: ARM64
OS: Linux
Status: NEW
Severity: security
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org