Displaying 20 results from an estimated 6000 matches similar to: "[Bug 1957] New: New -K option overwites output file"
2011 Dec 10
3
ssh-keygen -K option
Hi there,
I'm in the process of generating a moduli file under Linux
with 5.9p1 version which in fact takes quite some time for
the big primes to be tested.
So I've checked both portable and current source code but am unable to
find the -K option wich is documented in the man page of OpenBSD site.
This option is supposed to add a checkpoint file when screening the
candidates
2007 Mar 01
1
Proposed patch: ssh-keygen allows writing to stdout for moduli generation
Hello all,
I propose the following patch to ssh-keygen.c for openssh version 4.5.
It allows to redirect output of the moduli operations to stdout, to do
something like e.g.:
$ ssh-keygen -G - -b 2048 | ssh-keygen -T - -f - >moduli
Best regards,
Christian
--- ssh/ssh-keygen.c.old 2007-03-01 12:43:06.000000000 +0100
+++ ssh/ssh-keygen.c 2007-03-01 12:47:32.000000000 +0100
@@ -1270,13
2005 Feb 07
1
moduli(5) changes
Hi folks,
This applies to src/share/man/man5/moduli.5 in the OpenBSD source
tree, and doesn't seem to apply to the portable OpenSSH, so I've
sent this change here instead of via Bugzilla.
The wording of moduli(5) implies that sshd puts more thought about which
modulus it selects than it really does. The following patch corrects
this.
Simon.
--
Simon Burge
2014 Dec 28
2
[Bug 2330] New: Moduli Generation - Generator 3 not possible at all!
https://bugzilla.mindrot.org/show_bug.cgi?id=2330
Bug ID: 2330
Summary: Moduli Generation - Generator 3 not possible at all!
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Other
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee:
2016 Mar 30
6
[Bug 2559] New: Warnings from reading moduli file, refer to primes file
https://bugzilla.mindrot.org/show_bug.cgi?id=2559
Bug ID: 2559
Summary: Warnings from reading moduli file, refer to primes
file
Product: Portable OpenSSH
Version: 7.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2015 Jun 06
4
[Bug 2412] New: make tests does not PASS all tests with SNAP openssh-SNAP-20150607.tar.gz
https://bugzilla.mindrot.org/show_bug.cgi?id=2412
Bug ID: 2412
Summary: make tests does not PASS all tests with SNAP
openssh-SNAP-20150607.tar.gz
Product: Portable OpenSSH
Version: 6.8p1
Hardware: PPC
OS: AIX
Status: NEW
Severity: normal
Priority: P5
Component: Build
2015 Jul 01
4
[PATCH 1/1] update error messages about moduli and primes files
From: Christian Hesse <mail at eworm.de>
Both files can be used, so mention both in error messages.
Signed-off-by: Christian Hesse <mail at eworm.de>
---
dh.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/dh.c b/dh.c
index 4c639ac..450f5c4 100644
--- a/dh.c
+++ b/dh.c
@@ -153,8 +153,8 @@ choose_dh(int min, int wantbits, int max)
if ((f =
2017 Sep 24
3
DH Group Exchange Fallback
On 09/24/2017 12:21 AM, Mark D. Baushke wrote:
> I suggest you upgrade to a more recent edition of the OpenSSH software.
> The most recent release is OpenSSH 7.5 and OpenSSH 7.6 will be released
> very soon.
This problem is in v7.5 and v7.6. See dh.c:436.
> OpenSSH 6.6 was first released on October 6, 2014.
I brought up v6.6 to give an example that older clients wouldn't be
2015 May 22
4
Weak DH primes and openssh
On Fri 2015-05-22 00:06:29 -0400, Darren Tucker wrote:
> On Thu, May 21, 2015 at 11:26 PM, Matthew Vernon <matthew at debian.org> wrote:
>>
>> You will be aware of https://weakdh.org/ by now, I presume; the
>> take-home seems to be that 1024-bit DH primes might well be too weak.
>> I'm wondering what (if anything!) you propose to do about this issue,
>>
2024 Sep 21
1
diffie-hellman-group-exchange-sha256 group size concerns and request
Hello all,
I have recently had cause to dig a little into the specifics of how
diffie-hellman-group-exchange-sha256 group sizes work.
The belief in the wild, perpetuated by multiple sources of logjam
mediation papers and also Andras Stribnik's very influential piece
"Secure Secure Shell", is that server operators can force the use of a
minimum group size by removing moduli
2019 Feb 15
4
Can we disable diffie-hellman-group-exchange-sha1 by default?
I'm not nearly knowledgeable enough in crypto to fully understand your
answer, but I will try. I wonder why moduli are not automatically
generated the first time sshd is started though. That would make much
more sense than shipping a default moduli file but also asking
everyone to replace it with their own.
On Fri, Feb 15, 2019 at 5:50 AM Mark D. Baushke <mdb at juniper.net> wrote:
>
2024 Sep 23
1
diffie-hellman-group-exchange-sha256 group size concerns and request
Hello,
On Sun, Sep 22, 2024 at 10:15?AM Kurt Fitzner via openssh-unix-dev
<openssh-unix-dev at mindrot.org> wrote:
>
> I would like to advocate for:
>
> - Change behaviour of the server to allow server operators to set the
> minimum modulus group size allowable for a connection using
> diffie-hellman-group-exchange-sha256
> Whether this is by having the server refuse
2002 Apr 10
1
problem with making solaris package (openssh)
if [ ! -f
/opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/moduli
]; then \
if [ -f
/opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes
]; then \
echo "moving
/opt/sldx/slwo/openssh-3.1p1/openssh-3.1p1/contrib/solaris/package/usr/local/etc/primes
to /opt/sldx/
2014 Jan 24
1
Openssh, moduli and ssh-keygen
Hi,
my question is related to the kex algorithm
diffie-hellman-group-exchange-sha256 and moduli generation. I've seen that
through ssh-keygen, I'm able to re-generate my moduli file used by DH but
I'm note sure to understand one point in the ssh-keygen manpage :
"Screened DH groups may be installed in /etc/ssh/moduli. It is important
that this file contains moduli of a range of
2012 Nov 05
2
[Bug 2047] New: Definition of Sophie Germain primes is wrong in manual moduli.5
https://bugzilla.mindrot.org/show_bug.cgi?id=2047
Priority: P5
Bug ID: 2047
Assignee: unassigned-bugs at mindrot.org
Summary: Definition of Sophie Germain primes is wrong in manual
moduli.5
Severity: normal
Classification: Unclassified
OS: Linux
Reporter: plautrba at redhat.com
2012 Feb 13
8
Call for testing: OpenSSH-6.0
Hi,
OpenSSH 6.0 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This release contains a
couple of new features and changes and bug fixes. Testing of the new
sandboxed privilege separation mode (see below) would be particularly
appreciated.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The
2002 Mar 18
1
Need help with buildpkg script
Ben,
I am trying to create a package for Openssh.3-1p1, but the
/contrib/solaris/buildpkg.sh script failes with the following errors:
./mkinstalldirs
/tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/b
in
mkdir /tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/bin
./mkinstalldirs
/tools/OpenSSH/openssh-3.1p1/contrib/solaris/package/usr/local/s
bin
mkdir
2002 Apr 01
0
[Bug 198] New: Error getting file with sftp on old F-Secure servers
http://bugzilla.mindrot.org/show_bug.cgi?id=198
Summary: Error getting file with sftp on old F-Secure servers
Product: Portable OpenSSH
Version: 3.1p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: sftp
AssignedTo: openssh-unix-dev at mindrot.org
2023 Dec 23
1
ssh-keygen generator 3 broken.
Hello, I was re-generating the moduli for SSH, and during that process I noticed that, when running the following command:
ssh-keygen -M screen -O prime-tests=600 -O generator=3 -f moduli-2048-01.candidates moduli-2048-01c
It does not produce any errors, only the following:
ebug2: ???1467763: (4) Sophie-Germain
debug2: ???1467763: generator 0 != 3
debug2: ???1467764: (4) Sophie-Germain
2023 Dec 23
1
ssh-keygen generator 3 broken
Hello, I was re-generating the moduli for SSH, and during that process I noticed that, when running the following command:
ssh-keygen -M screen -O prime-tests=600 -O generator=3 -f moduli-2048-01.candidates moduli-2048-01c
It does not produce any errors, only the following:
ebug2: ???1467763: (4) Sophie-Germain
debug2: ???1467763: generator 0 != 3
debug2: ???1467764: (4) Sophie-Germain