similar to: Any way to reduce CPU use of OpenSSH?

My LAN is running Samba v1.9.18p10 under RedHat Linux v5.2. Using the SMB services are Win95 and OS/2 clients. It's all running fine. I will soon be adding Win98, though, and I understand that there is a question of password encryption. I'm concerned how the encrypted/plain-text communication of password will affect my existing configuration. If I reconfigure Samba to use encrypted

Hi, In a recent security review some systems I manage were flagged due to supporting "weak" ciphers, specifically the ones listed below. So first question is are people generally modifying the list of ciphers supported by the ssh client and sshd? On CentOS 6 currently it looks like if I remove all the ciphers they are concerned about then I am left with Ciphers

I am trying to initiate an sftp session from a Linux (Redhat) to a LynxOs machine (where i have ported opnessh-2.9p1) and configured without PAM support (as I was not able to find PAM version for LynxOS operating system) I get the following error: $ sftp -P /home/telica -l telica -v ben select: Bad file descriptor read: Input/output error sftp> Can somebody help me asap on this?

I've got several SMP machines, some running CentOS 4.3 and some running Fedora Core 4. All machine are kept fully updated. A few are Pentium3-based and a few are Pentium4-based. They are all running the irqbalance daemon. The distribution of interrupts across CPUs is indeed kept balanced, yet even after months of uptime ps shows no CPU use whatsoever by irqbalance. This from a

Hi, When do the sftp to remote server with file system full, sftp connection get "ID mismatch" and connection closed. Is it supposed to get the "sftp>" prompt back? I try with V3.7.1p2 and V3.8.1p1 and have the same result. Please help. rdsosl.sef_cdf-831# sftp -v edosuser at rdsosl Connecting to rdsosl... OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004 debug1: Reading

Attached is the very verbose ssh output. Just to be perverse, this time two nodes lost connectivity. The only thing I see is lines saying that the two connections are lost, although being honest I have no idea what everything else means. For reference, 8 ssh cinnections were being made at the same time for a 8x8mpi task. N.B., since the OS I am using does not have rsh, I am currently using the

In case this hasn't already been reported or discussed... It took some doing for me to get openssh working on HPUX 11i. The fixes are quite simple. First, one must have the IPV6 package installed: em 512# swlist -l product | grep IPV6 IPV6AA A.01.01.5D IPv6 11i product Second, I have to edit config.h to undefine HAVE_GETADDRINFO. Without IPV6, ssh can't connect

https://bugzilla.mindrot.org/show_bug.cgi?id=1801 Summary: cipher_spec section of ssh man page needs update Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: unassigned-bugs at mindrot.org

Darren Tucker <dtucker at zip.com.au> writes: > On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote: > [...] >> gv harry> ssh -vv 2x >> >> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016 > > this is a third-party modified version of OpenSSH. Can you reproduce > the problem with a stock OpenSSH from the source from

Hello all, I have made SecurID authentication for OpenSSH 3.6.1p2. This patch was totaly rewritten, so please test it before use. Kbd-int authentication is now integrated into challenge response auth. Privsep is now fully suported. PS: What do you think of selective access to the individual authentications, similar to AllowGroups/DenyGroups or maybe AllowUsers/DenyUsers ? Vaclav Tomec

Hi there, has anybody managed to get the eToken Pro Anywhere work with SSH? I'm using the latest SafeNetAuthentication drivers available for Ubuntu 64bit (8.3) and everything is working just fine except for ssh. I can use the eToken for logging in, openvpn, rdestkop, etc. but it seems ssh does not recognize the device properly. The command "ssh -I /usr/lib/libeToken.so.8 user at

Hello all, It seems the overhaul on key exchange/selection broke it badly. I haven't managed to use any other encryption method than 3des and blowfish when connecting to SNAP -> SNAP. SNAP -> 2.2.0p1 will use arcfour etc. quite cleanly. How SNAP -> SNAP looks like: --- debug: Local version string SSH-2.0-OpenSSH_2.2.0p2 debug: send KEXINIT debug: done debug: wait KEXINIT debug:

I don?t know what?s going on the sushi from the laptop always kick me out!!! Fresh installation. packet_write_wait: Connection How can that be! Andy

Hi, Is cipher "3des-ctr" supported by openssh? It is not mentioned in the list of supported ciphers in the man page of ssh_config: Thanks, Sunil Ciphers Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. The supported ciphers are ''3des-cbc'', ''aes128-cbc'',

Hi! I'm having a difficult time getting X11 forwarding to work. Since I've read the docs completely about this, this must be an SSH bug which is likely because I'm using Gentoo as the SSH server. When trying to forward X11 connections, I get X11 connection rejected because of wrong authentication. kwrite: cannot connect to X server XXXXXXXXX:10.0 Using command ssh -Y -p 1111 -4

Hi OpenSSH, I encountered that SSH will hang over after I input the password. Could you help show me how to resolve this problem? Thanks for your help. Please find the ssh debug info and my ssh version as below. $ ssh -vvv user1 at remote_host OpenSSH_6.9p1, LibreSSL 2.1.8 debug1: Reading configuration data /Users/user1/.ssh/config debug1: /Users/user1/.ssh/config line 36: Applying options for

Hi, I am trying to run openssh 3.1p1. But it is giving "Bad packet length" error when I run sshd with default config file. On further investigation I found that the error is coming only for the cipher algorithm "aes128-cbc". Also the error comes only when I don't specify any protocol file (/usr/local/etc/ssh_host_[rd]sa_key) or specify only "protocol 2" files. I

Folks, I've just updated a machine to the latest IBM supplied OpenSSL RPMS: openssl-0.9.6m-1 openssl-devel-0.9.6m-1 (this is a power4 running AIX 5.1) and Tried to upgrade to the latest OpenSSH (3.8p1 - both the release and a snapshot from about a week ago) I'm using: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/opt/freeware and the compilation seems OK: OpenSSH

Hi, If I enable "UseLogin" under AIX, I get the following message upon login: /dev/pts/2: 3004-004 You must "exec" login from the lowest login shell. The manpage states: "In order to preserve the integrity of the system, only one session at a time is allowed to be logged in to a port. This means that the login command entered from the shell prompt cannot succeed,

Hi, I'm having a problem when I add "HostKeyAlgorithms +ssh-dss" to the ssh_config file the host key will always negotiate to a wrong one. In my case it will negotiate to "ecdsa-sha2-nistp256". The client was already configured with the servers rsa public key, before the change I added to the ssh_config file I could see from the debug that server and client will negotiate