similar to: [Bug 1961] New: ECDSA memory leak

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 Loganaden Velvindron <loganaden at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2199|0 |1 is obsolete| | --- Comment #12 from Loganaden Velvindron

https://bugzilla.mindrot.org/show_bug.cgi?id=2163 Bug ID: 2163 Summary: unchecked returned value from pam_get_item() Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: PAM support Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2140 Bug ID: 2140 Summary: Capsicum support for FreeBSD 10 (-current) Product: Portable OpenSSH Version: -current Hardware: All OS: FreeBSD Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2171 Bug ID: 2171 Summary: potential fd leak Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sftp Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1949 Bug #: 1949 Summary: PermitOpen none option Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: OpenBSD Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1921 Bug #: 1921 Summary: [Patch] memory leak in sftp-client.c Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: sftp AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 --- Comment #3 from Loganaden Velvindron <loganaden at gmail.com> --- ping :-) ? -- You are receiving this mail because: You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2170 Bug ID: 2170 Summary: Potential integer overflow Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2197 Bug ID: 2197 Summary: Add ED25519 support to SSHFP dns record Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 Bug #: 2021 Summary: sftp resume support (using size and offset) Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp

https://bugzilla.mindrot.org/show_bug.cgi?id=1961 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Set all RESOLVED bugs to CLOSED with release

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

https://bugzilla.mindrot.org/show_bug.cgi?id=1962 Bug #: 1962 Summary: command buffer struct is not freed before exit() Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=1956 Bug #: 1956 Summary: sftp segfaults in parse_args() when argv[0] is NULL Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 --- Comment #10 from Loganaden Velvindron <loganaden at gmail.com> --- ping :-) ? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2275 Bug ID: 2275 Summary: sftp undocumented flags Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: sftp Assignee: unassigned-bugs at mindrot.org Reporter:

https://bugzilla.mindrot.org/show_bug.cgi?id=2001 Bug #: 2001 Summary: Document PermitOpen none in man page Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: OpenBSD Status: NEW Severity: trivial Priority: P2 Component: Documentation

Ajay Ramjatan asks if it would be ok to have: A config file that contains list of DSA/RSA/ED25519 entries to be added, when run by default. Currently According to the man page: " Alternative file names can be given on the command line. If any file requires a passphrase, ssh-add asks for the passphrase from the user. " Instead of specifying each key file, a single file such as .config

How about using the existing OpenSSH client's PKCS#11 support to isolate keying material in a dedicated process? A similar approach, "Practical key privilege separation using Caml Crush", was discussed at FOSDEM'15 with a focus on Heatbleed [1][2] but the ideas and principles are the same. Now this is easily done using the following available components: - SoftHSM to store

https://bugzilla.mindrot.org/show_bug.cgi?id=2142 Bug ID: 2142 Summary: openssh sandboxing using libseccomp Product: Portable OpenSSH Version: -current Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at