similar to: [Bug 1957] New: New -K option overwites output file

Hi there, I'm in the process of generating a moduli file under Linux with 5.9p1 version which in fact takes quite some time for the big primes to be tested. So I've checked both portable and current source code but am unable to find the -K option wich is documented in the man page of OpenBSD site. This option is supposed to add a checkpoint file when screening the candidates

Hello all, I propose the following patch to ssh-keygen.c for openssh version 4.5. It allows to redirect output of the moduli operations to stdout, to do something like e.g.: $ ssh-keygen -G - -b 2048 | ssh-keygen -T - -f - >moduli Best regards, Christian --- ssh/ssh-keygen.c.old 2007-03-01 12:43:06.000000000 +0100 +++ ssh/ssh-keygen.c 2007-03-01 12:47:32.000000000 +0100 @@ -1270,13

Hi folks, This applies to src/share/man/man5/moduli.5 in the OpenBSD source tree, and doesn't seem to apply to the portable OpenSSH, so I've sent this change here instead of via Bugzilla. The wording of moduli(5) implies that sshd puts more thought about which modulus it selects than it really does. The following patch corrects this. Simon. -- Simon Burge

https://bugzilla.mindrot.org/show_bug.cgi?id=2330 Bug ID: 2330 Summary: Moduli Generation - Generator 3 not possible at all! Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2559 Bug ID: 2559 Summary: Warnings from reading moduli file, refer to primes file Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2412 Bug ID: 2412 Summary: make tests does not PASS all tests with SNAP openssh-SNAP-20150607.tar.gz Product: Portable OpenSSH Version: 6.8p1 Hardware: PPC OS: AIX Status: NEW Severity: normal Priority: P5 Component: Build

From: Christian Hesse <mail at eworm.de> Both files can be used, so mention both in error messages. Signed-off-by: Christian Hesse <mail at eworm.de> --- dh.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dh.c b/dh.c index 4c639ac..450f5c4 100644 --- a/dh.c +++ b/dh.c @@ -153,8 +153,8 @@ choose_dh(int min, int wantbits, int max) if ((f =

On 09/24/2017 12:21 AM, Mark D. Baushke wrote: > I suggest you upgrade to a more recent edition of the OpenSSH software. > The most recent release is OpenSSH 7.5 and OpenSSH 7.6 will be released > very soon. This problem is in v7.5 and v7.6. See dh.c:436. > OpenSSH 6.6 was first released on October 6, 2014. I brought up v6.6 to give an example that older clients wouldn't be

On Fri 2015-05-22 00:06:29 -0400, Darren Tucker wrote: > On Thu, May 21, 2015 at 11:26 PM, Matthew Vernon <matthew at debian.org> wrote: >> >> You will be aware of https://weakdh.org/ by now, I presume; the >> take-home seems to be that 1024-bit DH primes might well be too weak. >> I'm wondering what (if anything!) you propose to do about this issue, >>

I'm not nearly knowledgeable enough in crypto to fully understand your answer, but I will try. I wonder why moduli are not automatically generated the first time sshd is started though. That would make much more sense than shipping a default moduli file but also asking everyone to replace it with their own. On Fri, Feb 15, 2019 at 5:50 AM Mark D. Baushke <mdb at juniper.net> wrote: >

if [ ! -f /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/moduli ]; then \ if [ -f /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes ]; then \ echo "moving /opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes to /opt/sldx/

Hi, my question is related to the kex algorithm diffie-hellman-group-exchange-sha256 and moduli generation. I've seen that through ssh-keygen, I'm able to re-generate my moduli file used by DH but I'm note sure to understand one point in the ssh-keygen manpage : "Screened DH groups may be installed in /etc/ssh/moduli. It is important that this file contains moduli of a range of

https://bugzilla.mindrot.org/show_bug.cgi?id=2047 Priority: P5 Bug ID: 2047 Assignee: unassigned-bugs at mindrot.org Summary: Definition of Sophie Germain primes is wrong in manual moduli.5 Severity: normal Classification: Unclassified OS: Linux Reporter: plautrba at redhat.com

Hi, OpenSSH 6.0 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and changes and bug fixes. Testing of the new sandboxed privilege separation mode (see below) would be particularly appreciated. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The

Ben, I am trying to create a package for Openssh.3-1p1, but the /contrib/solaris/buildpkg.sh script failes with the following errors: ./mkinstalldirs /tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/b in mkdir /tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/bin ./mkinstalldirs /tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/s bin mkdir

http://bugzilla.mindrot.org/show_bug.cgi?id=198 Summary: Error getting file with sftp on old F-Secure servers Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sftp AssignedTo: openssh-unix-dev at mindrot.org

Hello, I was re-generating the moduli for SSH, and during that process I noticed that, when running the following command: ssh-keygen -M screen -O prime-tests=600 -O generator=3 -f moduli-2048-01.candidates moduli-2048-01c It does not produce any errors, only the following: ebug2: ???1467763: (4) Sophie-Germain debug2: ???1467763: generator 0 != 3 debug2: ???1467764: (4) Sophie-Germain

Hello, I was re-generating the moduli for SSH, and during that process I noticed that, when running the following command: ssh-keygen -M screen -O prime-tests=600 -O generator=3 -f moduli-2048-01.candidates moduli-2048-01c It does not produce any errors, only the following: ebug2: ???1467763: (4) Sophie-Germain debug2: ???1467763: generator 0 != 3 debug2: ???1467764: (4) Sophie-Germain

http://bugzilla.mindrot.org/show_bug.cgi?id=187 Summary: ssh-keygen not converting from and to SECSH standard correctly Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

> Can this be addressed in ssh_config/sshd_config with the KexAlgorithms setting? weakdh.org/sysadmin.html recommends adding: KexAlgorithms curve25519-sha256 at libssh.org But this thread makes it sound as if it's not necessary. Can anyone confirm? Personally I'm on openssh-6.7. - Grant > You will be aware of https://weakdh.org/ by now, I presume; the take-home seems to be