similar to: [Bug 2197] New: Add ED25519 support to SSHFP dns record

https://bugzilla.mindrot.org/show_bug.cgi?id=2223 Bug ID: 2223 Summary: Ed25519 support in SSHFP DNS resource records Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hi All, I've been working on a diff to get SSHFP support for ed25519 in OpenSSH. SM has been working through the IETF process to obtain the SSHFP RR Type number. Despite getting "rough consensus", we still haven't heard anything from the IETF Security Directors for the draft. SM sent a mail asking why it is taking so long, and it appears that his mail was ignored. Please see:

Hello. Subramanian Moonesamy has gotten the ball rolling to include Ed25519 in IANA's registry for SSHFP key types [1]. I've opened a bug report [2] that includes a patch that adds the needed support code and provisionally assigns Ed25519 a value of 4 (values 1,2,3 reserved for RSA, DSA, and ECDA, respectively) [3]. The enhancement request/bug is meant to keep the issue on the radar.

https://bugzilla.mindrot.org/show_bug.cgi?id=2140 Bug ID: 2140 Summary: Capsicum support for FreeBSD 10 (-current) Product: Portable OpenSSH Version: -current Hardware: All OS: FreeBSD Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=1949 Bug #: 1949 Summary: PermitOpen none option Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: OpenBSD Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2163 Bug ID: 2163 Summary: unchecked returned value from pam_get_item() Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: PAM support Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 Loganaden Velvindron <loganaden at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2199|0 |1 is obsolete| | --- Comment #12 from Loganaden Velvindron

hi folks: it looks like ssh-keygen -r can''t export SSHFP records for ECDSA keys: 0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -f foobar -t ecdsa -q -P '''' 0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -r foobar -f foobar.pub export_dns_rr: unsupported algorithm 0 dkg@pip:/tmp/cdtemp.oiRYAS$ the first number in my prompt is the return code of the last command; note that

https://bugzilla.mindrot.org/show_bug.cgi?id=1961 Bug #: 1961 Summary: ECDSA memory leak Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=1956 Bug #: 1956 Summary: sftp segfaults in parse_args() when argv[0] is NULL Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp

Hi, we're currently considering making use of RFC4255 SSHFP records, but are hitting a problem with a 4.4p1 client running on Tru64 5.1A: [...] debug3: verify_host_key_dns DNS lookup error: out of memory [...] No matching host key fingerprint found in DNS. A 4.3p2 linux client gives the following : [...] debug3: verify_host_key_dns debug1: found 1 insecure fingerprints in DNS debug1:

https://bugzilla.mindrot.org/show_bug.cgi?id=2170 Bug ID: 2170 Summary: Potential integer overflow Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 --- Comment #3 from Loganaden Velvindron <loganaden at gmail.com> --- ping :-) ? -- You are receiving this mail because: You are watching the assignee of the bug.

Ajay Ramjatan asks if it would be ok to have: A config file that contains list of DSA/RSA/ED25519 entries to be added, when run by default. Currently According to the man page: " Alternative file names can be given on the command line. If any file requires a passphrase, ssh-add asks for the passphrase from the user. " Instead of specifying each key file, a single file such as .config

https://bugzilla.mindrot.org/show_bug.cgi?id=2021 Bug #: 2021 Summary: sftp resume support (using size and offset) Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp

on FreeBSD, gcc complains that %d is used for sig_atomic_t Casting to (int) as a solution ? Index: serverloop.c =================================================================== RCS file: /cvs/openssh/serverloop.c,v retrieving revision 1.172 diff -u -p -r1.172 serverloop.c --- serverloop.c 2 Dec 2012 22:50:55 -0000 1.172 +++ serverloop.c 4 Dec 2012 11:46:33 -0000 @@ -708,7 +708,7 @@

When doing a make with the portable developer version, I came across this error: ssh/ssh_host_ecdsa_key|/opt/etc/ssh_host_ecdsa_key|g' -e 's|/etc/ssh/ssh_host_dsa_key|/opt/etc/ssh_host_dsa_key|g' -e 's|/etc/ssh/ssh_host_rsa_key|/opt/etc/ssh_host_rsa_key|g' -e 's|/var/run/sshd.pid|/var/run/sshd.pid|g' -e 's|/etc/moduli|/opt/etc/moduli|g' -e

> > Message: 8 > Date: Tue, 30 Jul 2013 12:46:50 -0700 > From: Iain Morgan <imorgan at nas.nasa.gov> > To: Damien Miller <djm at mindrot.org> > Cc: "openssh-unix-dev at mindrot.org" <openssh-unix-dev at mindrot.org> > Subject: Re: Call for testing: OpenSSH-6.3 > Message-ID: <20130730194649.GC18047 at linux124.nas.nasa.gov> >

https://bugzilla.mindrot.org/show_bug.cgi?id=2143 Bug ID: 2143 Summary: X11 forwarding for ipv4 is broken when ipv6 is disabled on the loopback interface Product: Portable OpenSSH Version: 5.3p1 Hardware: All OS: Linux Status: NEW Severity: minor Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=1962 Bug #: 1962 Summary: command buffer struct is not freed before exit() Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh