similar to: [Bug 2165] New: ssh option to prompt for fingerprint input

https://bugzilla.mindrot.org/show_bug.cgi?id=2332 Bug ID: 2332 Summary: Show more secure fingerprints than MD5 (e.g. SHA256) in ssh and ssh-keygen Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: All Status: NEW Severity: enhancement Priority: P5

On Sat, Jan 13, 2001 at 09:33:24PM -0800, Noam Sturmwind wrote: > I've noticed that in openssh 2.3.0 when I connect to a new server or to > one on which the host key has changed, it warns me that the key is unknown > or changed, but doesn't show me the host key fingerprint so I can verify > it. This goes for both protocols 1 (RSA host key) and 2 (DSA host key). I > remember

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|pgsery at swcp.com |djm at mindrot.org --- Comment #58 from Damien Miller

https://bugzilla.mindrot.org/show_bug.cgi?id=2166 Bug ID: 2166 Summary: sshd logs unnecessary messages if some of default host keys doesn't exist Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2263 Bug ID: 2263 Summary: sshd privsep monitor process doesn't handle SIGXFSZ signal Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2011 --- Comment #8 from Petr Lautrbach <plautrba at redhat.com> --- Created attachment 2214 --> https://bugzilla.mindrot.org/attachment.cgi?id=2214&action=edit don't probe seccomp capability of running kernel in configure I'd like to add also possibility to build seccomp_filter sandbox on system with older kernel, E.g. Fedora

https://bugzilla.mindrot.org/show_bug.cgi?id=2133 Bug ID: 2133 Summary: scp failes between two ends using password authentication Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: scp

https://bugzilla.mindrot.org/show_bug.cgi?id=2102 Bug ID: 2102 Summary: [PATCH] Specify PAM Service name in sshd_config Classification: Unclassified Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: PAM support

I had a situation where I needed to remove a file locally after I transferred it to a remote machine. I modified rsync and added the --delete-local option. I am now submitting my changes back to the community in case anyone else needs this option. enjoy p.s. I am not subscribed to the list but you can reply to me directly at dseff@advisen.com. -Dave -- Dave Seff <dseff@advisen.com>

https://bugzilla.mindrot.org/show_bug.cgi?id=2245 Bug ID: 2245 Summary: Multiple USER_LOGIN messages when linux audit support is enabled on bad login Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2270 Bug ID: 2270 Summary: AuthenticationMethods - partial success is considered as failure Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd

On 03/15/2019 12:49 AM, Jeremy Lin wrote: > [...] connecting to hosts where the host key > changes frequently. I realize this is a fairly niche use case [...] Doesn't StrictHostKeyChecking=no do what is wanted?

https://bugzilla.mindrot.org/show_bug.cgi?id=1872 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Summary|proposal how to change |Support better hash

https://bugzilla.mindrot.org/show_bug.cgi?id=1993 alex at testcore.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alex at testcore.net Version|5.9p1 |6.2p1 --- Comment #1 from alex at testcore.net --- Also

Hello, I have a kind of problem: I need to connect to a virtual host (a f "floating" IP address) that is one of two physical hosts in a HA environment. Yesterday the virtual IP address was moved to another host. Today ssh refuses to connect, because the host key is different. Reading the documentation I found that there is no command line option (documented) to temporarily bypass

https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #51 from Petr Lautrbach <plautrba at redhat.com> 2012-03-28 02:35:54 EST --- Created attachment 2138 --> https://bugzilla.mindrot.org/attachment.cgi?id=2138 fixes of original patch (In reply to comment #46) > Created attachment 2096 [details] > Updated version of original patch. Fix missing braces around block in

https://bugzilla.mindrot.org/show_bug.cgi?id=2400 Bug ID: 2400 Summary: StrictHostKeyChecking=no behaviour on HOST_CHANGED is excessively insecure Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component:

Hi. With SCP, it seems like the option precedence is ignored. Although this seems to work well with SSH. $ scp -oStrictHostKeyChecking=no hs21-dev04:/tmp/1 hs21-dev02:/tmp/2 The authenticity of host 'hs21-dev04 (192.168.12.11)' can't be established. RSA key fingerprint is ec:0f:eb:b2:fa:6f:50:ef:89:64:01:5e:c9:cc:54:20. Are you sure you want to continue connecting (yes/no)? $

On Sun, 4 Oct 2020, Christoph Anton Mitterer wrote: > On Sun, 2020-10-04 at 14:02 +1100, Damien Miller wrote: > > This is strictly no worse than continuing to use the old key, so I > > don't consider it a problem. > > Well but in reality it will lead to people never again replace their > key by proper means. Well, first I disagree that this method is improper. The

https://bugzilla.mindrot.org/show_bug.cgi?id=1872 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2007|0 |1 is obsolete| | Attachment #2429|0 |1 is