similar to: Article on Fingerprinting Public/Private Keypairs

https://bugzilla.mindrot.org/show_bug.cgi?id=1611 Summary: ssh-keygen prints wrong randomart if bubblebabble is also printed Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1759 Summary: allow display of bubblebabble fingerprint when connecting Product: Portable OpenSSH Version: -current Platform: All URL: http://bugs.debian.org/578422 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2

When a user encounters a new ssh host, the VisualHostKey option makes ssh display the visual fingerprint of the host's key. ssh-keygen also supports BubbleBabble fingerprinting, but i don't see a way to indicate that ssh should display the bubblebabble fingerprint upon encountering a new host key. It seems like it would be nice to make OpenSSH configurable about its choice of

Hi together, i have a tinc vpn running on several local networks as well as on clients and am writing on a little "zeroconfig" tool to add new (newbie) clients to the net without having to vnc to them for ages. To do this easier, i wanted to have a possibility to check somehow if the public key stored on the server mathes the provate key on the client, or if it needs to be regenerated.

https://bugzilla.mindrot.org/show_bug.cgi?id=1872 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2007|0 |1 is obsolete| | Attachment #2429|0 |1 is

Manon, On Thu, 4 Jul 2024 at 05:00, Manon Goo <manon.goo at dg-i.net> wrote: > My Idea would be to have a shared secret option that the client and server would have to proof to know when initiating the Handshake. The Server or client could terminate the connection immediately when the peer does not know the secret. So in case of a security Problem the administrator could set an

When using `ssh-keygen` to generate a user key, the default output includes a randomart image. I'm trying to figure out what the usefulness of this image is for user keys. For host keys, the benefit is easily explained, as it makes it easier for a human to ensure the remote host's key has not changed. But for user keys I do not see a use. I know that ssh-keygen is used to generate both

Hello, I am testing mail_crypt plugin with per account encryption and wanted to generate a new keypair for an account but noticed that I now end up with 2 keypairs where one is active and the other inactive as you can see below: $ doveadm mailbox cryptokey list -u email at domain.tld -U Folder Active Public ID yes 7b140b4f3d6d68eed2c59259ac5e6f6a280dc82990292dc415b4100d6c797f67

??????? Original Message ??????? On Thursday, July 4, 2019 11:17 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote: > > Is it possible to delete the inactive keypair? if yes how? > > Wouldn?t you then be unable to *unencrypt* previous emails? That's also what I thought but based on my understand and on the documentation of the "mailbox cryptokey generate"

On 3 Jul 2019, at 06:38, mabi via dovecot <dovecot at dovecot.org> wrote: > Is it possible to delete the inactive keypair? if yes how? Wouldn?t you then be unable to encrypt previous emails?

Hi, Here is a patch that adds the possibility of displaying key fingerprints in the bubblebabble format used by ssh.com ssh implementations. I hope it makes its way into the source. --- ./openssh-2.5.1/key_original.h Sun Mar 4 00:47:55 2001 +++ ./openssh-2.5.1/key.h Sun Mar 4 00:57:57 2001 @@ -36,6 +36,17 @@ KEY_DSA, KEY_UNSPEC }; + +enum digest_type { + DIGEST_TYPE_SHA1, +

Hi list, I have a strange permission problem with secrets.tdb on an nfs mounted filesystem. A strace of smbd shows the following lines: ######################################################################## open("/etc/samba/private/secrets.tdb", O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 4 fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1}, 0xbffff010) = -1 EACCES

Hi all, there''s an interesting citaton on kerneltrap.org, mentioning the addition of passive OS fingerprinting to the OpenBSD firewall (http://www.kerneltrap.org/node/view/770 for those interested) This new feature enables the possibility of triggering customized firewall rules according to the (detected) incoming OS, in a fully passive way. I was wondering if the above would be

I was looking through the RSA fingerprinting code from a few releases back, with an eye to being able to close <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=111598>. While it works fine with SSH2, the fingerprint log message goes missing with SSH1. I eventually realized that this is because auth_rsa() is called in the unprivileged child, and so can't write syslog messages. Am I

On Mon, June 27, 2016 12:29, Gordon Messmer wrote: > On 06/26/2016 01:50 PM, James B. Byrne wrote: >> However, all I am seeking is knowledge on how to handle this using >> iptables. I am sure that this defect/anomaly has already been >> solved wherever it is an issue. Does anyone have an example on >> how to do this? > > > I think the bit you're missing is

Since we talked about this before, I might as well announce that we've released our song fingerprinting library under the GPL. You can grab the source at http://sourceforge.net/projects/freetantrum/. Sorry for the spam everyone. Back to vorbis talk. Jon p.s. you only get one copy of this message this time ;) --- >8 ---- List archives: http://www.xiph.org/archives/ Ogg project

Hi, all. So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys should be, i realized that, if i update my 2048-bit keypairs to 4096 bits, it really doesn't matter that much, because they're still only encrypted with 3DES, which provides an effective 112 bits of symmetric encryption strength: $ head -4 ~/.ssh/id_rsa -----BEGIN RSA PRIVATE KEY----- Proc-Type:

Hi Chris, > There's a couple of headless systems on the LAN where login security > is important to me and I've been thinking about the relative merits of > password and public-key authentication. > <snip> At home, I have a smaller LAN than you, but at $DAYJOB I work with much bigger fleets. Whether at home or work, everything is Linux-based, and OpenSSH is the primary

There seems to be a bug in "dotplot" concerning the "cex" parameter. Setting cex has no effect on the character size of the labels of the points. This problem was posted to r-help today (Thu, 18 Jan 2001); the solution given by Brian Ripley (and Uwe Ligges) seems to work for me. Heinrich Rinner. > version _ platform i386-pc-mingw32 arch x86

Hi all, The article I wrote for Rubyist magazine is out: http://jp.rubyist.net/magazine/?0005-RLR-en (English) http://jp.rubyist.net/magazine/?0005-RLR (Japanese) I definitely encourage other developers/users of Win32 Utils to write articles about our project (in any language)! Regards, Dan