Displaying 20 results from an estimated 3000 matches similar to: "ssh-ed25519 and ecdsa-sha2-nistp256 host keys"
2016 Sep 07
2
Question regarding Host keys.
Hi,
I'm having a problem when I add "HostKeyAlgorithms +ssh-dss" to the
ssh_config file the host key will always negotiate to a wrong one. In my
case it will negotiate to "ecdsa-sha2-nistp256". The client was already
configured with the servers rsa public key, before the change I added to
the ssh_config file I could see from the debug that server and client will
negotiate
2020 Sep 16
2
ssh-ed25519 and ecdsa-sha2-nistp256 host keys
Here you go:
OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /home/ryantm/.ssh/config
debug1: /home/ryantm/.ssh/config line 4: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 13: Applying options for *
debug2: resolving "{REDACTED}" port 22
debug2: ssh_connect_direct
debug1: Connecting to
2018 Apr 21
4
build-issue on AIX with openssh-7.7p1 - easy correction! included
Get the following error:
root at x065:[/data/prj/openbsd/openssh/openssh-7.7p1/openbsd-compat]make
??????? xlc_r -I/opt/include -O2 -qmaxmem=-1 -qarch=pwr5 -q64 -I. -I..
-I../../src/openssh-7.7p1/openbsd-compat
-I../../src/openssh-7.7p1/openbsd-compat/.. -I/opt/include
-DHAVE_CONFIG_H -c ../../src/openssh-7.7p1/openbsd-compat/strndup.c
2017 Jun 06
10
[Bug 2727] New: ssh_dispatch_run_fatal: Connection to 127.0.0.1 port 8002: message authentication code incorrect
https://bugzilla.mindrot.org/show_bug.cgi?id=2727
Bug ID: 2727
Summary: ssh_dispatch_run_fatal: Connection to 127.0.0.1 port
8002: message authentication code incorrect
Product: Portable OpenSSH
Version: 7.5p1
Hardware: ix86
OS: Linux
Status: NEW
Severity: major
Priority: P5
2017 Nov 01
2
Winbind, Kerberos, SSH and Single Sign On
Hi,
at first I'm not sure if this is the correct list to ask this question.
But since I'm using winbind I hope you can help me.
I try to realize a kerberized ssh from one client to another. Both
clients are member of subdom2.subdom1.example.de and joined to it. The
users are from example.de, where subdom1.example.de is a subdomain
(bidirectional trust) of example.de and
2019 Mar 27
26
Call for testing: OpenSSH 8.0
Hi,
OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2016 Sep 21
2
Where to look next?
Hello,
I'm looking for your insight about the log below. We have an SFTP server (IBM Sterling File Gateway) and we're connecting from an OpenSSH SFTP client but something fails during KEX.
Complete client-side debug output is below, but I believe the relevant part is:
debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none
debug1: kex: client->server
2016 Nov 08
4
one host only: ssh_dispatch_run_fatal
Darren Tucker <dtucker at zip.com.au> writes:
> On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote:
> [...]
>> gv harry> ssh -vv 2x
>>
>> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016
>
> this is a third-party modified version of OpenSSH. Can you reproduce
> the problem with a stock OpenSSH from the source from
2018 Apr 24
2
AIX make checks issue
On 23/04/2018 11:49, Michael Felt wrote:
> On 21/04/2018 16:21, Michael Felt wrote:
>
>
> Question: I have not dug into the tests yet. Will copy to a "local"
> directory, and not build out of tree and see if that fixes it (as it
> does for many other packages). However, just in case it does not - how
> can I fast-forward the tests to the "agent" tests?
2016 Sep 21
3
Where to look next?
Thanks for your suggestion! It seems to have gone a little further this time, but isn't accepting the key and is failing back on password-based auth.
We're double-checking that the public key was correctly configured with the account, and also trying a DSA key to see if it behaves differently.
Is there anything you'd suggest we look at or try at this point, and thank you very much
2016 Aug 24
3
kex protocol error: type 7 seq xxx error message
Hi,
mancha and me debugged a problem with OpenSSH 7.3p1 that was reported on
the #openssh freenode channel. Symptoms were that this message was
popping on the console during a busy X11 session:
kex protocol error: type 7 seq 1234
I managed to reproduce the problem, it is related to the SSH_EXT_INFO
packet that is send by the server every time it is sending an
SSH_NEWKEYS packet, hence after
2016 May 26
19
[Bug 2573] New: dead sessions cannot be closed with ~.
https://bugzilla.mindrot.org/show_bug.cgi?id=2573
Bug ID: 2573
Summary: dead sessions cannot be closed with ~.
Product: Portable OpenSSH
Version: 3.7.1p2
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2023 Jun 30
1
Subsystem sftp invoked even though forced command created
On 30/06/2023 09:56, Damien Miller wrote:
> It's very hard to figure out what is happening here without a debug log.
>
> You can get one by stopping the listening sshd and running it manually
> in debug mode, e.g. "/usr/sbin/sshd -ddd"
Or starting one in debug mode on a different port, e.g. "-p99 -ddd"
2017 May 02
2
playing around with removing algos
On Tue, May 02, 2017 at 06:17:47PM +0200, Cristian Ionescu-Idbohrn wrote:
> $ ssh -vvv -oMacs=umac-64 at openssh.com localhost : 2>&1 | egrep -i 'macs|umac'
> debug2: MACs ctos: umac-64 at openssh.com
> debug2: MACs stoc: umac-64 at openssh.com
> debug2: MACs ctos: umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm
2017 May 02
4
playing around with removing algos
On 05/01/2017 04:48 PM, Cristian Ionescu-Idbohrn wrote:
> On Mon, 1 May 2017, Cristian Ionescu-Idbohrn wrote:
>>
>> Example, 'Macs'.
>>
>> On the man page I read:
>>
>> "Multiple algorithms must be comma-separated.
>> ...
>> If the specified value begins with a '-' character, then the
>> specified algorithms (including
2017 Jun 13
7
[Bug 2729] New: Can connect with MAC hmac-sha1 even though it's not configured on the server
https://bugzilla.mindrot.org/show_bug.cgi?id=2729
Bug ID: 2729
Summary: Can connect with MAC hmac-sha1 even though it's not
configured on the server
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: Linux
Status: NEW
Severity: security
Priority: P5
2016 Oct 24
2
SSH fail to login due to hang over after authenticated.
Hi OpenSSH,
I encountered that SSH will hang over after I input the password.
Could you help show me how to resolve this problem? Thanks for your
help.
Please find the ssh debug info and my ssh version as below.
$ ssh -vvv user1 at remote_host
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /Users/user1/.ssh/config
debug1: /Users/user1/.ssh/config line 36: Applying options for
2013 Dec 11
4
OpenSSH 6.3p1 Smartcard-Support
Hi there,
has anybody managed to get the eToken Pro Anywhere work with SSH? I'm using the latest SafeNetAuthentication drivers available for Ubuntu 64bit (8.3) and everything is working just fine except for ssh. I can use the eToken for logging in, openvpn, rdestkop, etc. but it seems ssh does not recognize the device properly. The command "ssh -I /usr/lib/libeToken.so.8 user at
2015 May 23
2
X11 forwarding not working.
Hi!
I'm having a difficult time getting X11 forwarding to work.
Since I've read the docs completely about this, this must be an SSH bug
which is likely because I'm using Gentoo as the SSH server.
When trying to forward X11 connections, I get
X11 connection rejected because of wrong authentication.
kwrite: cannot connect to X server XXXXXXXXX:10.0
Using command
ssh -Y -p 1111 -4
2014 Dec 19
2
chaining AUTH methods -- adding GoogleAuthenticator 2nd Factor to pubkey auth? can't get the GA prompt :-/
I added an EXPLICIT
AuthenticationMethods publickey,keyboard-interactive
+ UsePam yes
to sshd_config. Now, at connect attempt I get
Password:
Verification code:
Password:
Verification code:
Password:
...
I.e.,
It's asking for Password, not accepting pubkey
AND
when given the password (which is correct), and the GA VerificationCode, it
simply repeats the credentials request.