Displaying 20 results from an estimated 2000 matches similar to: "seccomp filter for ppc64le in FIPS mode"
2015 Mar 05
31
[Bug 2361] New: seccomp filter (not only) for aarch64
https://bugzilla.mindrot.org/show_bug.cgi?id=2361
Bug ID: 2361
Summary: seccomp filter (not only) for aarch64
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2017 Feb 13
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
This patch enables specific ioctl calls for ICA crypto card on s390
platform. Without this patch, users using the IBMCA engine are not able
to perform ssh login as the filter blocks the communication with the
crypto card.
Signed-off-by: Harald Freudenberger <freude at linux.vnet.ibm.com>
Signed-off-by: Eduardo Barretto <ebarretto at linux.vnet.ibm.com>
---
sandbox-seccomp-filter.c |
2017 Mar 14
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
I've committed this diff. Please test and confirm that it works ok.
(If not, then I've botched the macro fixes in the previous commit)
Thanks,
Damien Miller
On Tue, 14 Mar 2017, Damien Miller wrote:
> ok, with the fixes for the seccomp-bpf sandbox that I just committed
> the diff reduces to.
>
> IMO this is scoped narrowly enough to go in.
>
> -d
>
> diff
2017 Mar 03
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
On 03-03-2017 09:54, Petr Cerny wrote:
> Damien Miller wrote:
>> On Tue, 28 Feb 2017, Eduardo Barretto wrote:
>>
>>> On 13-02-2017 13:23, Eduardo Barretto wrote:
>>> > This patch enables specific ioctl calls for ICA crypto card on s390
>>> > platform. Without this patch, users using the IBMCA engine are not
>>> able
>>> > to
2013 May 17
19
[Bug 2107] New: seccomp sandbox breaks GSSAPI
https://bugzilla.mindrot.org/show_bug.cgi?id=2107
Bug ID: 2107
Summary: seccomp sandbox breaks GSSAPI
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Kerberos support
2019 Oct 31
37
[Bug 3085] New: seccomp issue after upgrading openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=3085
Bug ID: 3085
Summary: seccomp issue after upgrading openssl
Product: Portable OpenSSH
Version: 8.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: critical
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
2015 Dec 04
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Thanks Jakub.
How does this patch match the OpenSSH source version? Does the patch only
applicable to OpenSSH version 6.6.1, or does other version available as
well?
Thanks.
On Fri, Dec 4, 2015 at 4:26 AM, Jakub Jelen <jjelen at redhat.com> wrote:
>
> On 12/04/2015 03:26 AM, security veteran wrote:
>
>> 3. Is there a way to re-compile OpenSSH by turning on/off some flags
2015 Dec 07
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
On 12/04/2015 10:02 PM, security veteran wrote:
> Hi Jakub,
>
> Another question I have is, are there any changes in this patch RedHat
> Linux distribution specific? The reason I ask is, if I port the changes to
> other Linux distribution like Debian or Ubuntu, do you see any issues?
I don't think there is something distro-specific. Distro specific parts
are handled in other
2015 Jun 29
3
[Bug 2419] New: SECCOMP filter does not accept getpgid syscall
https://bugzilla.mindrot.org/show_bug.cgi?id=2419
Bug ID: 2419
Summary: SECCOMP filter does not accept getpgid syscall
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2016 Jan 06
0
[klibc:master] Remove sys/socketcalls.h
Commit-ID: 4a7ac3d2d9602d06b301cca62e2382f17fa6d43b
Gitweb: http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=4a7ac3d2d9602d06b301cca62e2382f17fa6d43b
Author: H. Peter Anvin <hpa at linux.intel.com>
AuthorDate: Tue, 5 Jan 2016 18:24:18 -0800
Committer: H. Peter Anvin <hpa at linux.intel.com>
CommitDate: Tue, 5 Jan 2016 18:24:18 -0800
[klibc] Remove sys/socketcalls.h
2020 Jul 02
8
[Bug 3190] New: Inconsistent handling of private keys without accompanying public keys
https://bugzilla.mindrot.org/show_bug.cgi?id=3190
Bug ID: 3190
Summary: Inconsistent handling of private keys without
accompanying public keys
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2016 Jun 17
14
[Bug 2590] New: Seccomp filter for missing architectures
https://bugzilla.mindrot.org/show_bug.cgi?id=2590
Bug ID: 2590
Summary: Seccomp filter for missing architectures
Product: Portable OpenSSH
Version: 7.2p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: sshd
2015 May 05
3
[Bug 2394] New: Provide a global configuration option to disable ControlPersist
https://bugzilla.mindrot.org/show_bug.cgi?id=2394
Bug ID: 2394
Summary: Provide a global configuration option to disable
ControlPersist
Product: Portable OpenSSH
Version: 6.8p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2017 May 07
3
[Bug 2714] New: Allow specifying a key description when loading from stdin
https://bugzilla.mindrot.org/show_bug.cgi?id=2714
Bug ID: 2714
Summary: Allow specifying a key description when loading from
stdin
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-add
2018 Jul 31
11
[Bug 2890] New: ssh-agent should not fail after removing and inserting smart card
https://bugzilla.mindrot.org/show_bug.cgi?id=2890
Bug ID: 2890
Summary: ssh-agent should not fail after removing and inserting
smart card
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2016 Dec 24
30
[Bug 2652] New: PKCS11 login skipped if login required and no pin set
https://bugzilla.mindrot.org/show_bug.cgi?id=2652
Bug ID: 2652
Summary: PKCS11 login skipped if login required and no pin set
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Smartcard
Assignee:
2017 Apr 24
5
PKCS#11 URIs in OpenSSH
Hello all,
as PKCS#11 URI became standard (RFC 7512), it would be good to be able
to specify the keys using this notation in openssh.
So far I implemented the minimal subset of this standard allowing to
specify the URI for the ssh tool, in ssh_config and to work with
ssh-agent. It does not bring any new dependency, provides unit and
regress tests (while fixing agent-pkcs11 regress test).
The
2020 Aug 26
10
[Bug 3202] New: Ed25519 key on HSM is not getting listed in ssh-add -l command
https://bugzilla.mindrot.org/show_bug.cgi?id=3202
Bug ID: 3202
Summary: Ed25519 key on HSM is not getting listed in ssh-add -l
command
Product: Portable OpenSSH
Version: 8.2p1
Hardware: ARM64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-add
2015 Jan 09
12
[Bug 2335] New: Config parser accepts ip/port in ListenAddress and PermitOpen
https://bugzilla.mindrot.org/show_bug.cgi?id=2335
Bug ID: 2335
Summary: Config parser accepts ip/port in ListenAddress and
PermitOpen
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2018 Jan 05
11
[Bug 2817] New: Add support for PKCS#11 URIs (RFC 7512)
https://bugzilla.mindrot.org/show_bug.cgi?id=2817
Bug ID: 2817
Summary: Add support for PKCS#11 URIs (RFC 7512)
Product: Portable OpenSSH
Version: 7.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Smartcard
Assignee: unassigned-bugs at