Displaying 20 results from an estimated 30000 matches similar to: "[Bug 1806] SSH Client - Excessively Militant Identity File Permission Checking Potentially Increases Risk of Key Compromise"
2010 Aug 13
3
[Bug 1806] New: SSH Client - Militant Identity File Permission Potentially Increases Security Risk
https://bugzilla.mindrot.org/show_bug.cgi?id=1806
Summary: SSH Client - Militant Identity File Permission
Potentially Increases Security Risk
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2013 Jan 17
3
[Bug 1981] Trying to use ssh with a missing identity file gives no warnings
https://bugzilla.mindrot.org/show_bug.cgi?id=1981
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2136| |ok+
Flags| |
--- Comment #4 from Damien Miller <djm at mindrot.org>
2016 Dec 02
0
[Bug 1592] Fingerprints for SSHD host key don't match (local ssh-keygen -l vs. ssh localhost)
https://bugzilla.mindrot.org/show_bug.cgi?id=1592
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Can you reproduce this with a
2017 Jun 26
0
[Bug 1592] Fingerprints for SSHD host key don't match (local ssh-keygen -l vs. ssh localhost)
https://bugzilla.mindrot.org/show_bug.cgi?id=1592
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WORKSFORME
Status|NEW |RESOLVED
--- Comment #3 from Damien Miller <djm at
2002 May 11
0
PubkeyAuthentication broken because ssh cannot ready it's identity keys
This is a copy of the bug report I sent debian.
Package: ssh
Version: 1:3.0.2p1-9
Severity: important
I want to be able to login between two hosts without entering
passwords.
ssh-keygen -t dsa
* Copy key to other machine
cat id_dsa.pub >> .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
Trouble is that the originating host appears unable to parse its own
keys. This is the
2019 Jun 24
2
AW: AW: OpenSSH public key authentication does not work from Windows client if private key was added to SSH agent
Hi,
I pasted two server connection logs at https://pastebin.com/vJb5tnTL. First a successful one and second an unsuccessful one.
Patrick
-----Urspr?ngliche Nachricht-----
Von: Damien Miller <djm at mindrot.org>
Gesendet: Samstag, 22. Juni 2019 10:43
An: Steinforth, Patrick <Steinforth at osnabrueck.de>
Cc: openssh-unix-dev at mindrot.org
Betreff: Re: AW: OpenSSH public key
2019 Jun 21
2
AW: OpenSSH public key authentication does not work from Windows client if private key was added to SSH agent
Hey Damien,
thank you for your reply. I posted the debug information at https://pastebin.com/40esNPED and replaced some sensitive information before (usernames, servernames, domainnames, IP addresses). In addition I commented some lines with a message like "### <my message> ###".
Patrick
-----Urspr?ngliche Nachricht-----
Von: Damien Miller <djm at mindrot.org>
Gesendet:
2017 Nov 15
2
OpenSSH 7.6p1 ssh-agent exiting if passed an invalid key blob
On Nov 14, 2017, at 4:11 PM, Damien Miller <djm at mindrot.org> wrote:
> On Mon, 13 Nov 2017, Ron Frederick wrote:
>> I noticed a problem recently when running some test code against
>> the OpenSSH 7.6p1 ssh-agent. These tests ran fine against OpenSSH
>> 7.5p1 and earlier, but with OpenSSH 7.6p1, they were suddenly causing
>> ssh-agent to exit.
>
> Sorry,
2017 Feb 02
2
ssh-agent check for new fresh certificate (and key)? worthwhile doing?
Damien Miller wrote:
> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
>
>> On Thu, Feb 2, 2017 at 10:42 AM Damien Miller <djm at mindrot.org> wrote:
>>> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
>>>> I guess a case could be made for ssh-add to always set a timeout when
>>>> adding a certificate with an expiry time, but I think for now I'm
2008 Jun 09
1
Problem in RSA Key authentication
Hello Damien,
I am using OpenSSH-5.0 on my ARM board. I want to perform RSA
authentication, but server is not accepting the key generated by the
client. I have copied the authorized_keys in the "$HOME/.ssh/" folder
and provided permission (755) to that folder. Please help me how to
solve this problem.
Following is the log from the client
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
2020 Sep 30
4
How to use ssh -i with a key from ssh-agent rather than from a file?
On Wed, Sep 30, 2020 at 03:35:43PM +1000, Damien Miller <djm at mindrot.org> wrote:
> On Wed, 30 Sep 2020, raf wrote:
>
> > Hi,
> >
> > I have a VM with a git repository whose origin is on
> > github. I have several keys known to github, so I needed
> > to set git's core.sshcommand config parameter in the
> > repository to something like this:
2017 Feb 02
3
ssh-agent check for new fresh certificate (and key)? worthwhile doing?
On Thu, Feb 2, 2017 at 10:42 AM Damien Miller <djm at mindrot.org> wrote:
> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
> > I guess a case could be made for ssh-add to always set a timeout when
> > adding a certificate with an expiry time, but I think for now I'm
> > happy enough to do that on our end.
>
> That sounds like a fine idea.
Damien, to clarify did
2013 Jul 25
1
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2130
--- Comment #7 from Damien Miller <djm at mindrot.org> ---
Retarget to openssh-6.4
--
You are receiving
2014 Feb 05
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2188
--- Comment #9 from Damien Miller <djm at mindrot.org> ---
Retarget incomplete bugs / feature requests to
2014 Apr 12
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2226
--- Comment #11 from Damien Miller <djm at mindrot.org> ---
Retarget to 6.7 release, since 6.6 was mostly
2014 Aug 29
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2266
--- Comment #13 from Damien Miller <djm at mindrot.org> ---
Retarget incomplete bugs to 6.8 release.
--
2015 Mar 02
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|2266 |
--- Comment #15 from Damien Miller <djm at mindrot.org> ---
OpenSSH 6.8 is approaching release and closed for
2015 Mar 02
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2360
--- Comment #16 from Damien Miller <djm at mindrot.org> ---
Retarget to 6.9
--
You are receiving this
2015 Aug 11
0
[Bug 1967] Potential memory leak in ssh [detected by melton]
https://bugzilla.mindrot.org/show_bug.cgi?id=1967
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #18 from Damien Miller <djm at mindrot.org> ---
Set all RESOLVED bugs to CLOSED with
2015 Jun 02
0
[Bug 1993] ssh tries to add keys to ~/.ssh/known_hosts though StrictHostKeyChecking yes is set
https://bugzilla.mindrot.org/show_bug.cgi?id=1993
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|dtucker at zip.com.au |djm at mindrot.org
Status|NEW |ASSIGNED
Attachment #2641|