similar to: missing HAVE_EVP_RIPEMD160 breaks ssh client

Add OSCCA SM3 secure hash algorithm (OSCCA GM/T 0004-2012 SM3). --- Makefile.in | 2 +- configure.ac | 2 +- digest-libc.c | 11 ++ digest-openssl.c | 1 + digest.h | 3 +- mac.c | 1 + sm3.c | 320 +++++++++++++++++++++++++++++++++++++++++++++++ sm3.h | 51 ++++++++ 8 files changed, 388 insertions(+), 3 deletions(-) create mode

Hi, This implementation looks fine, but there is no specification for using SM3 in the SSH protocol. Could I suggest that you start by talking to the IETF to get the standardisation process started? https://mailman3.ietf.org/mailman3/lists/ssh.ietf.org/ is a good mailing list to start at. There have been recent conversations in the IETF about how best to handle national cryptographic standards

Hi, It would be preferable to use EVP_Digest for oneshot digest calculation: - one calloc/free less - EVP_Digest properly sets oneshot flag (certain hardware accelerators work only if the flag is set) Please consider applying the following patch: diff -ru openssh-6.6p1.orig/digest-openssl.c openssh-6.6p1/digest-openssl.c --- openssh-6.6p1.orig/digest-openssl.c 2014-02-04 02:25:45.000000000

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a

Hello, as a follow-up on my mail some time last month where we were facing weird issues when authenticating to new OpenSSH servers, I went down the road to investigate what is really going on there and I found out that even though all the logs in client and server happily say that the SHA2 extension is used, under the hood there is just SHA1. This is because the different agents are ignoring the

From: Christian Hesse <mail at eworm.de> Modern Linux systems create a private directory in /run/user/ for each user, named by user id. This adds a new character sequence '%i' for expansion in ControlPath to match thisi directory. Signed-off-by: Christian Hesse <mail at eworm.de> --- ssh.c | 5 ++++- ssh_config.5 | 4 +++- 2 files changed, 7 insertions(+), 2

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |