similar to: CTR mode

Hi. OpenSSH currently has its own implementation of AES in counter mode (cipher-ctr.c). This is probably because it wasn't available in OpenSSL. From what I see now, recent OpenSSL does implement EVP_aes_{128,192,256}_ctr() and it would be nice to use it whenever possible. The gain here is that OpenSSH's version uses software AES implementation and OpenSSL's version will use AES-NI if

On Mon, Mar 31, 2014 at 08:40:26AM -0700, no_spam_98 at yahoo.com wrote: > OpenSSH uses its own CTR mode implementation, correct? ?I seem to > recall some discussion about why it hasn't/won't switch over to using > OpenSSL's implementation, but I can't find the thread anymore. > > So... why doesn't OpenSSH use OpenSSL's CTR mode implementation? I believe as

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1692 The NIST advisory says that all versions of OpenSSH potentially contain the flaw. ?But is that really true? ?For example, I looked at the 3.8.1p1 distribution and didn't find any reference to JPAKE at all. Thanks.

Hi, mancha and me debugged a problem with OpenSSH 7.3p1 that was reported on the #openssh freenode channel. Symptoms were that this message was popping on the console during a busy X11 session: kex protocol error: type 7 seq 1234 I managed to reproduce the problem, it is related to the SSH_EXT_INFO packet that is send by the server every time it is sending an SSH_NEWKEYS packet, hence after

Here's a recently-published paper that describes a flush & reload attack on OpenSSL's ECDSA implementation: http://eprint.iacr.org/2014/140.pdf According to the authors, snooping a single signing round is sufficient to recover the secret key. --mancha

Hi, Is cipher "3des-ctr" supported by openssh? It is not mentioned in the list of supported ciphers in the man page of ssh_config: Thanks, Sunil Ciphers Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. The supported ciphers are ''3des-cbc'', ''aes128-cbc'',

Hello, in addition to my last thread about a new config option to make strict-kex mandatory, I also wonder if a new mechanism for ciphers/macs can be introduced and is reliable by simple both sides using it. So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the messages together, so it will be resistant against terrapin even without the strict-kex. Consequently

Dear OpenSSH developers, I've worked this week on an alternative key exchange mechanism, in reaction to the whole NSA leaks and claims over cryptographic backdoors and/or cracking advances. The key exchange is in my opinion the most critical defense against passive eavesdropping attacks. I believe Curve25519 from DJB can give users a secure alternative to classical Diffie-Hellman (with fixed

http://bugzilla.mindrot.org/show_bug.cgi?id=1291 Summary: aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL 0.9.8e Product: Portable OpenSSH Version: 4.5p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: bitbucket at

Hi there, > So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the > messages together, so it will be resistant against terrapin even without the strict-kex. > > Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to > also include the transcript hash or similar things. This would still require both, client and

Hi. Last night on an irc openssh channel, a user brought up a use case involving cluster trees and very descriptive (i.e. long) hierarchical hostnames. To make a long story short, his ControlPath (~/.ssh/control-master /%r@%h:%p) was bumping up against UNIX_PATH_MAX. Attached patch adds a new percent-token (%H) that expands to the sha1 digest of the concatenation of host (%h) + port (%p) +

Ok, lo pruebo y os digo... Jesús ________________________________ De: Isidro Hidalgo Arellano <ihidalgo en jccm.es> Enviado: lunes, 24 de octubre de 2016 9:46 Para: 'Jesús Para Fernández'; r-help-es en r-project.org Asunto: RE: [R-es] Quitar datos atípicos de una recta Hay un paquete que lo hace, pero no lo he utilizado, así que no sé cómo se porta: "outliers"... Un

Hi, So I screwed up when writing the support for the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha256 at libssh.org properly about 0.2% of the time (one in every 512ish

https://bugzilla.mindrot.org/show_bug.cgi?id=2223 Bug ID: 2223 Summary: Ed25519 support in SSHFP DNS resource records Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

On Tue 2015-05-26 14:02:07 -0400, Hubert Kario wrote: > On Tuesday 26 May 2015 13:43:13 Daniel Kahn Gillmor wrote: >> On Tue 2015-05-26 12:57:05 -0400, Hubert Kario wrote: >> > creating composites that will pass even 100000 rounds of Miller-Rabin is >> > relatively simple.... >> > (assuming the values for M-R tests are picked randomly) >> >> Can you

Hi, The 20130110 snapshot fails to build against OpenSSL 0.9.8 and 1.0.0 with the following error: gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/tmp/foo/etc\" -D_PATH_SSH_PROGRAM=\"/tmp/foo/bin/ssh\"

Folks, I've just updated a machine to the latest IBM supplied OpenSSL RPMS: openssl-0.9.6m-1 openssl-devel-0.9.6m-1 (this is a power4 running AIX 5.1) and Tried to upgrade to the latest OpenSSH (3.8p1 - both the release and a snapshot from about a week ago) I'm using: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/opt/freeware and the compilation seems OK: OpenSSH

Hola Comunidad, Tengo una duda, Queria que en un For si fuese ejecutando un proceso desde 1 hasta 5 por poner un ejemplo , y que el resultado se fuese guardando en variables que se llamar Ki, es decir k1, k2, k3... Un ejemplo de como crei que funcionaria y no lo hizo xD for (i in 1:3) { paste("k", i, sep = "") <- sum(1:i) } Esperaba se crearan las variables k1 =

Una duda, si fuese a leer 3 archivos csv que se llamar archivo 1, archivo 2 y archivo 3 también se podría usar? gracias ________________________________ De: Isidro Hidalgo Arellano <ihidalgo en jccm.es> Enviado: lunes, 26 de septiembre de 2016 07:48 a.m. Para: 'Rafael Saturno'; 'R' Asunto: RE: [R-es] Variable Progresiva Lo que quieres hacer se hace con la función

On Wed, May 27, 2015 at 05:08:25PM -0400, Daniel Kahn Gillmor wrote: > On Tue 2015-05-26 15:39:49 -0400, Mark D. Baushke wrote: > > Hi Folks, > > > > The generator value of 5 does not lead to a q-ordered subgroup which > > is needed to pass tests in > > > > http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf > > I