similar to: Password authentication problem with 6.4p1 (and later) clients

I have been looking into this over the weekend, and what I have found might be of interest to OpenSSH developers. First, the bug that triggers the problem is in the embedded system. Second, such as things were changed in 6.4p1, the OpenSSH client seems to be open to a potential DoS attack. The infinite loop described in my previous post is embodied in the last four messages of the 6.4p1 traces.

Hello my name is Derek Bodin. ? As a personal side project I am trying to create a java SSH2 server.? I have so far been able to work my through the transportation protocol and the user authentication protocol.? My question is when the authentication protocol starts OpenSSH will sit and hang waiting for the server to send a SSH_MSG_USERAUTH_FAILURE packet and a list of appropriate authentication

Hello! I recently discoverd a problem with ssh.com's ssh-agent2 and OpenSSH: If I have more than one key in my agent, then the agent tries to authenticicate me with every one of them at the OpenSSH server; but none of them is a valid key for that server. The Problem is that the Server increments the authctxt->attempt at every of that tries. So even if you want to login with a password at

https://bugzilla.mindrot.org/show_bug.cgi?id=2365 Bug ID: 2365 Summary: openssh client ignores -o Tunnel=ethernet option, creating an IP tunnel device instead of an ethernet tap device Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW

Apparently my ssh agent is feeling energetic today: debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: [...] debug1: Authentications that can continue: publickey,password debug1: Offering RSA public key: [...] debug1: Authentications that can continue: publickey,password debug1: Offering RSA public key:

Philipp Marek wrote: > An easy workaround is to use a password manager (a plain file as a minimum) If you can/want to use a file then consider using a key instead. publickey authentication is non-interactive on the wire and the key is already unlocked so packet timing leaks nothing about your passphrase. //Peter

Hi, I'm still hoping that some-one can offer a solution to this issue.... Anyone? > I've got the following issue, which I'm unable to resolve by > myself. Hopefully, someone on the list will be able to guide > me, or provide more information towards resolving this. > > We've compiled OpenSSH v3.7.1p1 (which I know is not the most > recent version) on

Thanks for testing - are you able to see if there's anything in the server logs? I've just committed some extra verbosity in the client's log messages that might clarify where it is exiting (patch attached). -d On Fri, 29 Mar 2019, Adam Eijdenberg wrote: > On Wed, Mar 27, 2019 at 10:04 PM Damien Miller <djm at mindrot.org> wrote: > > > > OpenSSH 8.0p1 is almost

Hi, I've got the following issue, which I'm unable to resolve by myself. Hopefully, someone on the list will be able to guide me, or provide more information towards resolving this. We've compiled OpenSSH v3.7.1p1 (which I know is not the most recent version) on Solaris 8 SPARC, and have noticed that when the "UseLogin=yes" parameter is set in the sshd_config file, the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I've been working in the bash scripts used in the page http://wiki.centos.org/HowTos/Chroot_Vsftpd_with_non-system_users Some of the changes are: - - Add vsftpd TLS support in the configuration. So USER and PASS don't be clearly readable. - - If SELinux is available, set the boolean allow_ftpd_anon_write to on in the configuration

https://bugzilla.mindrot.org/show_bug.cgi?id=2191 Bug ID: 2191 Summary: Feature Proposal: Add an identity to the agent automatically when loading the identity Product: Portable OpenSSH Version: 6.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

The problem I am seeing was introduced between 6.4p1 and 6.5p1 (and still exists in 6.6p1). With HostbasedAuthentication/EnableSSHKeysign turned on, I am seeing one of two sets of messages: no matching hostkey found ssh_keysign: no reply key_sign failed and not a valid request ssh_keysign: no reply key_sign failed Then in either case two password prompts: bowman at HOST.math.utah.edu's

https://bugzilla.mindrot.org/show_bug.cgi?id=2649 Bug ID: 2649 Summary: Problem with reverse tunnel between SSH client 5.5p1 and SSH server > 6.4p1 Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

Hello, We have a problem with OpenSSH and HP-UX 11i. With OpenSSH_3.6.1p1 we can use the publickeys (~/.ssh/id_rsa). With the same .ssh-dir and config-files in /etc/openssh OpenSSH_3.7.1p2 will not use the publickeys and prompt for password :-( We have try this with OpenSSL 0.9.7b and OpenSSL 0.9.7c ! Why OpenSSH_3.7.1p2 not use my publickey-files ???????? The OpenSSH_3.7.1p2-Server (sshd) has no

sftp OpenSSH_7.6p1, OpenSSL 1.1.0h-fips 27 Mar 2018 linux 4.12.14-lp150.12.16-default x86_64 I created bash script to download database files once a week. It uses sftp as the agent. The script runs correctly when started from a command line. It fails when run from cron. Authentication with the remote server is set to use a private/public key and does not require an explicit password. Why

https://bugzilla.mindrot.org/show_bug.cgi?id=1526 Summary: SSH key prompt if public key missing and pubkey auth fails Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Mac OS X Status: NEW Severity: normal Priority: P4 Component: ssh-agent AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2663 Bug ID: 2663 Summary: [man] sshd_config(5) AuthenticationMethods segment clarification, proposal and questions Product: Portable OpenSSH Version: 7.2p2 Hardware: Other OS: Linux Status: NEW Keywords: low-hanging-fruit

http://bugzilla.mindrot.org/show_bug.cgi?id=237 Summary: Key authentication failed with SSH 2 / Path wrong Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

We are attempting to use openssh sftp to connect to a server that is running some version of the Axway SFTP server. After a publickey auth completes, the server resends publickey as a valid auth. This results in a loop as openssh sftp resubmits the publickey information. This seems similar to a discussion in 2014 that terminated with the thought that it might be nice if the client tracked

Thread split from my previous communication. Here is the key-commands logs on the platform. ***************** failed-regress.log ************ trace: AuthorizedKeysCommand with arguments FAIL: connect failed trace: AuthorizedKeysCommand without arguments FAIL: connect failed ***************** failed-ssh.log ************ trace: AuthorizedKeysCommand with arguments