similar to: [RFC] Add hash token to ControlPath

https://bugzilla.mindrot.org/show_bug.cgi?id=2220 Bug ID: 2220 Summary: Add uuid-style identifier for use with ControlPath Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2223 Bug ID: 2223 Summary: Ed25519 support in SSHFP DNS resource records Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2197 Bug ID: 2197 Summary: Add ED25519 support to SSHFP dns record Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hello. Subramanian Moonesamy has gotten the ball rolling to include Ed25519 in IANA's registry for SSHFP key types [1]. I've opened a bug report [2] that includes a patch that adds the needed support code and provisionally assigns Ed25519 a value of 4 (values 1,2,3 reserved for RSA, DSA, and ECDA, respectively) [3]. The enhancement request/bug is meant to keep the issue on the radar.

https://bugzilla.mindrot.org/show_bug.cgi?id=3570 Bug ID: 3570 Summary: Add substitution token for explicitly selected IdentityFile for ControlPath selection Product: Portable OpenSSH Version: 9.3p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2311 Bug ID: 2311 Summary: simple attack when control channel muxing is used Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P3 Component: ssh Assignee: unassigned-bugs at

On Wed, May 27, 2015 at 05:08:25PM -0400, Daniel Kahn Gillmor wrote: > On Tue 2015-05-26 15:39:49 -0400, Mark D. Baushke wrote: > > Hi Folks, > > > > The generator value of 5 does not lead to a q-ordered subgroup which > > is needed to pass tests in > > > > http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf > > I

https://bugzilla.mindrot.org/show_bug.cgi?id=2321 Bug ID: 2321 Summary: please add a symbol to ControlPath, which expands to (a hash of) the identity Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

I read an article today about keyboard interactive auth allowing bruteforcing. I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

On Tue 2015-05-26 14:02:07 -0400, Hubert Kario wrote: > On Tuesday 26 May 2015 13:43:13 Daniel Kahn Gillmor wrote: >> On Tue 2015-05-26 12:57:05 -0400, Hubert Kario wrote: >> > creating composites that will pass even 100000 rounds of Miller-Rabin is >> > relatively simple.... >> > (assuming the values for M-R tests are picked randomly) >> >> Can you

https://bugzilla.mindrot.org/show_bug.cgi?id=1997 Bug #: 1997 Summary: Add QoS to ControlPath escapes Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2437 Bug ID: 2437 Summary: ssh with ControlMaster and ControlPath hangs on 2nd session in same terminal Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=3610 Bug ID: 3610 Summary: Using ControlPath and the -J option Product: Portable OpenSSH Version: 8.9p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

While it's real handy to have "ControlMaster auto" to have multiple sessions get muxed into one, sometimes it's really helpful to _not_ use the same session (e.g. if you want to ssh -2fNR). It'd be quite nice if there were a flag to tell openssh to not mux the new connection at all - i.e. what "ssh -o ControlPath=none" does. (The 'obvious' invocation `ssh

Hi. Just a suggestion : in the ControlPath syntax, you could add a %H that would expand to the name of the "Host" specification matched, + %h. In my opinion, when you add a "Host" paragraph with a different name for the same target host, generally you dont want to reuse the same control socket. Of course you can write different ControlPath directives in each specification

https://bugzilla.mindrot.org/show_bug.cgi?id=2488 Bug ID: 2488 Summary: "ssh-copy-id -o ControlPath=/tmp/foo" hangs Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh-copy-id Assignee:

From: Christian Hesse <mail at eworm.de> Modern Linux systems create a private directory in /run/user/ for each user, named by user id. This adds a new character sequence '%i' for expansion in ControlPath to match thisi directory. Signed-off-by: Christian Hesse <mail at eworm.de> --- ssh.c | 5 ++++- ssh_config.5 | 4 +++- 2 files changed, 7 insertions(+), 2

Hi guys, I've check that when using sftp with -o ControlPath=... the first attempt just hangs. Can someone point me to appropriate lines in code where can I check whats going on? Maybe it's known issue? I'm using 5.3p1. cheers, marcin

TL;DR: I expect ProxyCommand to have effect in preference to ControlPath. I've just tripped over this one. I have an ssh Host (let us call it "MAIN") with a ControlPath and with ControlMaster=no, from the .ssh/config file. I also have a shell script whose purpose is to hop to a remote host through a port forward, which uses the ProxyCommand option like this: ProxyCommand ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=1997 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- The problem with this is that