Displaying 20 results from an estimated 3000 matches similar to: "OpenSSH private key format errors with LibreSSL 2.7"
2018 Apr 07
6
OpenSSH private key format errors with LibreSSL 2.7
On 2018-04-07 11:24, Bernard Spil wrote:
> On 2018-04-07 9:04, Joel Sing wrote:
>> On Friday 06 April 2018 21:31:01 Bernard Spil wrote:
>>> Hi,
>>>
>>> When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA
>>> and
>>> ECDSA private keys.
>>>
>>> Error loading key "./id_rsa": invalid format
2008 Jun 18
2
SSH connection hang after upgrade
I recently had to upgrade my version of OpenSSH from 4.7 to 5.0p1 on my
MacBook (Darwin). I installed the latest 'portable' tarball and
removed the system version:
$ ssh -V
OpenSSH_5.0p1, OpenSSL 0.9.7l 28 Sep 2006
$ which ssh
/usr/bin/ssh
sshd is the same version, installed in /usr/sbin/sshd. Now, things are
a bit broken: I am able to ssh from another machine into my MacBook,
so the
2009 Jan 20
1
OpenSSH private key encryption: time for AES?
Hi, all.
So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys
should be, i realized that, if i update my 2048-bit keypairs to 4096
bits, it really doesn't matter that much, because they're still
only encrypted with 3DES, which provides an effective 112 bits of
symmetric encryption strength:
$ head -4 ~/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type:
2018 Apr 08
5
lda fails in parse_angle_addr if sieve is enabled
Hi,
Since updating to 2.3.1 on my FreeBSD mailserver mail delivery using
lda is broken if I have sieve enabled.
(Before updating this was 2.2 and pigeonhole 0.4)
FreeBSD 11.1-p8 amd64
Dovecot 2.3.1
Pigeonhole 0.5.1
Mailflow is OpenSMTPd as MTA, using mda delivery to rspamc which
utlimately delivers using dovecot-lda.
smtpd.conf
deliver to mda "rspamc -h scan --mime -e
2020 Aug 07
3
ssh-agent does not accept all forwarded RSA keys on later versions.
Hello,
I've got a problem with newer versions of ssh-agent not accepting all keys
being forwarded to them.
Example:
LOCAL-WORKSTATION
ssh-add -l
4096 SHA256:HFSzrozPapudofYJi8QvXQdA1/vNpFc2iPWH8CGVsEg (none) (RSA)
2048 SHA256:lbjpmHAYtUO+zaLaKvWVxGNYkXRkOumcoOpLdRSVX/U
/home/matt/.ssh/id_rsa_embedded (RSA)
ssh -V
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
BROKEN-REMOTE
ssh
2004 Jun 30
10
[Bug 887] Problem connecting OpenSSH Client to a F-Secure SSH Server
http://bugzilla.mindrot.org/show_bug.cgi?id=887
Summary: Problem connecting OpenSSH Client to a F-Secure SSH
Server
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: other
Status: NEW
Severity: major
Priority: P2
Component: sftp
AssignedTo: openssh-bugs at
2015 Nov 09
2
OpenSSH-7.1p1 fails configure check with LibreSSL-2.2.4
Howdy,
I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the
ssl implementation. Unfortunately, this fails to work (tested on
Debian Unstable and Gentoo):
cd libressl-2.2.4
./configure --prefix=/opt/libressl-2.2.4 && make -j8 && sudo make install
cd ../openssh-7.1p1
./configure --with-ssl-dir=/opt/libressl-2.2.4
fails with:
checking OpenSSL header version...
2015 Nov 10
3
OpenSSH-7.1p1 fails configure check with LibreSSL-2.2.4
On Mon, Nov 9, 2015 at 5:35 PM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Tue, Nov 10, 2015 at 9:22 AM, Austin English <austinenglish at gmail.com> wrote:
>> Howdy,
>>
>> I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the
>> ssl implementation. Unfortunately, this fails to work (tested on
>> Debian Unstable and Gentoo):
2003 Nov 21
2
How to tell if key is encrypted?
I would like to automatically deduce in a script if an ssh key is
encrypted or not. Basically in a very particular application I want
to be the BOFH and enforce that users place a passphrase on their
id_rsa key. If they don't put a passphrase I want to send them back
to ssh-keygen until they do. I have not been able to deduce a way to
detect this yet. Any hints?
Thanks
Bob
2014 Jul 12
1
openssh portable and libressl portable cause recursion between arc4random and RAND_bytes
Hi,
Yesterday I tried to replace the system openssl in a gentoo system with
libressl.
With openssh an interesting issue popped up:
* RAND_bytes in libressl calls arc4random
* arc4random is a compat function both in openssh and libressl
* arc4random from openssh uses RAND_bytes
So what's happening is a recursion. arc4random wants to use RAND_bytes
and RAND_bytes wants to use arc4random. The
2014 Oct 02
1
Anyone have LibreSSL working on CentOS 6.5?
Hi folks,
I searched the list for LibreSSL and found only one mention of it!
Has anyone gotten this working? I have it compiling no problem, but
removing OpenSSL is another story of course. It seems to be compiled
with FIPS support and of course there is no such thing in LibreSSL -
that is something they tore out
thanks,
-Alan
--
"Don't eat anything you've ever seen advertised
2017 Feb 04
2
Panic error from dovecot 2.2.27 using libressl 2.4.5 (cross-posting at GitHub)
https://github.com/libressl-portable/portable/issues/278
2017 Mar 25
7
[Bug 2699] New: PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699
Bug ID: 2699
Summary: PKCS#8 private keys with AES-128-CBC stopped working
Product: Portable OpenSSH
Version: 7.5p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh-keygen
Assignee:
2015 Mar 07
0
[PATCH] Fix dovecot 1.2 build with LibreSSL
Hi All,
mail/dovecot build fails when linked against LibreSSL. This is due to
LibreSSL no longer including comp.h from ssl.h/ssl3.h.
See https://wiki.freebsd.org/LibreSSL as well.
This patch fixes the build failure. Build log attached as well (not any
more, too large! Get it via link just above).
Please commit this fix to the 1.2 branch (2.1 branch is not affected)
Kind regards,
Bernard
2015 Aug 07
1
LibreSSL
With 2.2.2 release
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.2-relnotes.txt is there
a paln to provide a drop-in replacement of OpenSSL?
--
Ciao,
luigi
/
+--[Luigi Rosa]--
\
Furious activity is no substitute for understanding.
--H. H. Williams
2017 Feb 05
1
Panic error from dovecot 2.2.27 using libressl 2.4.5 (cross-posting at GitHub)
On 5 Feb 2017, at 19.49, Timo Sirainen <tss at iki.fi> wrote:
>
> On 4 Feb 2017, at 20.03, Ruga <ruga at protonmail.com> wrote:
>>
>> https://github.com/libressl-portable/portable/issues/278
>
> I've no idea why that would happen. The only idea I had got rejected by someone.
Oh, that's with OSX. I think that's the reason. Nothing to do with
2023 Feb 17
2
Dropping support for OpenSSL <1.1.1, LibreSSL <3.1.0
Hi,
We carry some compat code for old OpenSSL <1.1.1 and LibreSSL <3.1.0.
OpenSSL 1.0.x is no longer supported upstream and AFAIK LibreSSL do
not support old versions at all.
I'd like to retire this config code, which would mean that users on
platforms that include the versions of libcrypto would have to either
bring their own libcrypto or compile OpenSSH --without-openssl (and
accept
2017 Feb 26
1
v2.2.28: patches (to use libressl 2.4.5) and test error (strftime)
Timo,
re: What OS is this?
OS 10.12.3 with Xcode 8.2.1 and the official clang 3.9.0
re: test-time-util.c
t_strftime and variants now .......................................... : ok
Info: 'Thu, 08 Dec 2016 18:42:16 +0100'
test-time-util.c:124: Assert failed: strcmp(t_strftime(RFC2822_FMT, gmtime(&ts)), exp) == 0
Info: 'Thu, 08 Dec 2016 18:42:16 +0100'
2018 Apr 11
1
lda fails in parse_angle_addr if sieve is enabled
Hi Stephan,
Shared the message to you in person only via separate mail.
With to Return-Path, I've not seen any difference in failures, all
messages were consistently failing with the same error.
Thank you! Bernard.
2018-04-10 2:54 GMT+02:00 Stephan Bosch <stephan at rename-it.nl>:
> Op 4/8/2018 om 8:10 PM schreef Bernard Spil:
>> Hi,
>>
>> Since updating to 2.3.1
2017 Feb 25
3
v2.2.28: patches (to use libressl 2.4.5) and test error (strftime)
t_strftime and variants now .......................................... : ok
test-time-util.c:123: Assert failed: strcmp(t_strftime(RFC2822_FMT, gmtime(&ts)), exp) == 0
test-time-util.c:124: Assert failed: strcmp(t_strfgmtime(RFC2822_FMT, ts), exp) == 0
t_strftime and variants fixed timestamp .............................. : FAILED
timings 0