Displaying 20 results from an estimated 2000 matches similar to: "[Bug 2493] New: Accept host key fingerprint as the same as 'yes'"
2010 Apr 19
3
[Bug 1759] New: allow display of bubblebabble fingerprint when connecting
https://bugzilla.mindrot.org/show_bug.cgi?id=1759
Summary: allow display of bubblebabble fingerprint when
connecting
Product: Portable OpenSSH
Version: -current
Platform: All
URL: http://bugs.debian.org/578422
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
2008 Aug 16
21
[Bug 1506] New: rationalize agent behavior on smartcard removal/reattachment
https://bugzilla.mindrot.org/show_bug.cgi?id=1506
Summary: rationalize agent behavior on smartcard
removal/reattachment
Product: Portable OpenSSH
Version: 5.1p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Smartcard
AssignedTo:
2012 Feb 22
1
[Bug 1984] New: Add Unix Domain Socket Forwarding
https://bugzilla.mindrot.org/show_bug.cgi?id=1984
Bug #: 1984
Summary: Add Unix Domain Socket Forwarding
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo:
2010 Aug 23
3
[Bug 1808] New: "SetupCommand" invoked before connecting
https://bugzilla.mindrot.org/show_bug.cgi?id=1808
Summary: "SetupCommand" invoked before connecting
Product: Portable OpenSSH
Version: 5.6p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
2010 Jun 09
5
[Bug 1777] New: KnownHostsCommand
https://bugzilla.mindrot.org/show_bug.cgi?id=1777
Summary: KnownHostsCommand
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: dkg at fifthhorseman.net
A
2016 Mar 29
3
request: add IP address to a log message to allow blocking
On Tue 2016-03-29 18:10:00 -0400, Damien Miller wrote:
> On Tue, 29 Mar 2016, IMAP List Administration wrote:
>> If you haven't already, an you please add the IP address to this message, and
>> any similar messages? I'm using version 6.7p1.
>
> I actually added that recently. It will be in openssh-7.3, due in a
> couple of months.
Will it be configurable? There
2011 Nov 21
3
ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
hi folks:
it looks like ssh-keygen -r can''t export SSHFP records for ECDSA keys:
0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -f foobar -t ecdsa -q -P ''''
0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -r foobar -f foobar.pub
export_dns_rr: unsupported algorithm
0 dkg@pip:/tmp/cdtemp.oiRYAS$
the first number in my prompt is the return code of the last command;
note that
2015 Feb 06
2
Re: Creating users "on - the - fly"
On Fri 2015-02-06 14:30:13 -0500, Cary FitzHugh wrote:
> Hence - maybe a NSS User Database extension which looks for the
> public keys from a webservice (and then maybe writes them to
> /tmp/<username>.
No, i'm suggesting that when you want to look up the user, use NSS to
find the username and map it to a numeric user ID and the other
information that is typically found in
2015 Jan 15
3
OpenSSH v6.7 & NumberOfPasswordPrompts Option ...
Yes, I have tried that option with no difference in behavior. It seems it ignores that option when provided. Just for reference, I am building it on RedHat 5. I have never had this issue on any previous version of OpenSSH. I use the default configuration with only the changes specified in the RHEL 5 STIG applied.
I appreciate the security advice. The root account was indicated simply as an
2007 Jan 31
2
Patch to fix the 255 status code problem
Hi,
Currently using openssh-4.5p1 on Solaris 8 in conjunction with Oracle 8i
dataguard. Is there a patch available to prevent ssh returning status
code 255 for a successful execution of a remote connection/command.
Many Thanks,
Tim Mann
2011 Feb 24
3
[Bug 1871] New: ssh-askpass should be able to distinguish between a prompt for confirmation and a prompt for an actual passphrase
https://bugzilla.mindrot.org/show_bug.cgi?id=1871
Summary: ssh-askpass should be able to distinguish between a
prompt for confirmation and a prompt for an actual
passphrase
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
2015 Feb 06
4
Creating users "on - the - fly"
I guess I didn't want to litter the users table either - it just seems
"wrong" to be actually adding things to the host when it is really so
transient. It feels like it should be LDAP-ish. Just ask the server
for the keys and do a one-off authentication. But I've seen even LDAP
creates the user directories.
I see that 2.6 kernels can have some 4B users, which should last me a
2011 Feb 24
6
[Bug 1869] New: ssh-add can no longer read from FIFOs as of 5.7p1
https://bugzilla.mindrot.org/show_bug.cgi?id=1869
Summary: ssh-add can no longer read from FIFOs as of 5.7p1
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh-add
AssignedTo: unassigned-bugs at mindrot.org
2008 Jul 31
5
[Bug 1498] New: OpenSC smartcard access should use raw public keys, not X.509 certificates
https://bugzilla.mindrot.org/show_bug.cgi?id=1498
Summary: OpenSC smartcard access should use raw public keys,
not X.509 certificates
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.1p1
Platform: Other
OS/Version: Linux
Status: NEW
Keywords: patch
Severity: normal
2013 May 16
1
[Bug 1545] ssh-keygen -R removes all comments from known_hosts file
https://bugzilla.mindrot.org/show_bug.cgi?id=1545
Daniel Kahn Gillmor <dkg at fifthhorseman.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dkg at fifthhorseman.net
--- Comment #15 from Daniel Kahn Gillmor <dkg at fifthhorseman.net> ---
2009 Oct 22
39
[Bug 1663] New: Allow to use agent for distribution of public keys.
https://bugzilla.mindrot.org/show_bug.cgi?id=1663
Summary: Allow to use agent for distribution of public keys.
Product: Portable OpenSSH
Version: 5.3p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2004 Dec 27
1
Potential DoS against forwarded ssh-agent
It appears there is an opportunity for a denial-of-service attack
against ssh-agent when using ForwardAgent.
This note describes the circumstances, and provides a patch.
Background (not the vulnerability):
If ssh-agent is forwarded to a compromised account, a remote
attacker could use the connection to authenticate as the owner of
the agent. "ssh-add -c" currently defends
2016 Feb 04
3
Unix socket support for sshd
Greetings everyone!
I would like to know if adding support for Unix socket to sshd would be a
feature that would be consider to be added upstream? (ListenAddress).
One of the main reason for this question to you all is that tor now has Unix
socket support for hidden services that is traffic of a hidden service can be
forwarded to a Unix socket (see HiddenServicePort in tor.1). The rationale
2015 Jun 12
2
[Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group
On Fri 2015-06-12 01:52:54 -0400, Mark D. Baushke wrote:
> I have communicated with Allen Roginsky on this topic and I have been given permission to post his response.
>
> In this message below, the 'vendor' was Darren Tucker's generated prime
> that used a generator value of 5.
>
> -- Mark
>
> From: "Roginsky, Allen" <allen.roginsky at
2015 Feb 06
2
Creating users "on - the - fly"
Hi all.
I have a situation that I wonder someone may have run into - or has a
direction I should dig / develop in.
Let's say I have a system with 1M "users". Their public keys are
stored in a database, and I can access them via a web call.
I have a few servers which should allow those users access.
Some constraints to make it non-crazy.
The users can only reverse tunnel. They