Displaying 20 results from an estimated 50000 matches similar to: "[Bug 1422] GSS Key Exchange support for Mac OS X"
2010 Feb 09
0
[Bug 1242] GSSAPI Keyexchange support
https://bugzilla.mindrot.org/show_bug.cgi?id=1242
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #7 from Damien Miller <djm at
2024 Apr 02
2
Debian openssh option review: considering splitting out GSS-API key exchange
[I've CCed openssh-unix-dev for awareness, but set Mail-Followup-To to
just debian-devel and debian-ssh to avoid potentially spamming them with
a long discussion. If you choose to override this then that's your
call, but please be mindful of upstream's time.]
Following the xz-utils backdoor, I'm reconsidering some choices in
Debian's OpenSSH packaging. Please note that
2024 Aug 30
1
Debian openssh option review: considering splitting out GSS-API key exchange
On Tue, Apr 02, 2024 at 01:30:11AM +0100, Colin Watson wrote:
> * for Debian trixie (current testing):
>
> * add dependency-only packages called something like
> openssh-client-gsskex and openssh-server-gsskex, depending on their
> non-gsskex alternatives
> * add NEWS.Debian entry saying that people need to install these
> packages if they want to retain
2013 Nov 01
1
[PATCH] curve25519-sha256@libssh.org key exchange proposal
Here are three versions (patch against openbsd cvs)
1) repace nacl w/libsodium, so i could test
2) curve25519-donna
3) Matthew's public domain reference implementation.
i'd vote for #3
-------------- next part --------------
Am 30.10.2013 um 07:27 schrieb Damien Miller <djm at mindrot.org>:
> On Tue, 24 Sep 2013, Aris Adamantiadis wrote:
>
>> Dear OpenSSH
2011 Jun 03
0
[Bug 1314] Support for rsa1024-sha1 KEX method
https://bugzilla.mindrot.org/show_bug.cgi?id=1314
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |WONTFIX
--- Comment #1 from Damien Miller <djm at
2013 Sep 24
9
[PATCH] curve25519-sha256@libssh.org key exchange proposal
Dear OpenSSH developers,
I've worked this week on an alternative key exchange mechanism, in
reaction to the whole NSA leaks and claims over cryptographic backdoors
and/or cracking advances. The key exchange is in my opinion the most
critical defense against passive eavesdropping attacks.
I believe Curve25519 from DJB can give users a secure alternative to
classical Diffie-Hellman (with fixed
2008 Jun 09
1
Problem in RSA Key authentication
Hello Damien,
I am using OpenSSH-5.0 on my ARM board. I want to perform RSA
authentication, but server is not accepting the key generated by the
client. I have copied the authorized_keys in the "$HOME/.ssh/" folder
and provided permission (755) to that folder. Please help me how to
solve this problem.
Following is the log from the client
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
2014 Jan 24
3
[Bug 2198] New: GSSAPIKeyExchange gssapi-keyex bug in kex.c choose_kex()
https://bugzilla.mindrot.org/show_bug.cgi?id=2198
Bug ID: 2198
Summary: GSSAPIKeyExchange gssapi-keyex bug in kex.c
choose_kex()
Product: Portable OpenSSH
Version: 6.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Kerberos support
2008 Jun 13
0
[Bug 1172] [PATCH] Restrict public key authentication to scp access only
https://bugzilla.mindrot.org/show_bug.cgi?id=1172
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
CC|
2015 Apr 17
0
[Bug 1909] "WARNING: UNPROTECTED PRIVATE KEY FILE!" warning needs an actionable step
https://bugzilla.mindrot.org/show_bug.cgi?id=1909
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |djm at mindrot.org
Resolution|---
2018 Sep 14
4
X448 Key Exchange
On 09/13/2018 08:18 PM, Damien Miller wrote:
> We have any plans to add more crypto options to OpenSSH without a strong
> justification, and I don't see one for X448-SHA512 ATM.
What I like about it is that it offers ~224 bit security level, whereas
X25519 offers ~128 bits (according to RFC7748). Hence, pairing X448
with AES256 would provide a full chain of security in the ~224 bit
2008 Jun 12
0
[Bug 742] Allow sftp to read config file to honor "Protocol 1"
https://bugzilla.mindrot.org/show_bug.cgi?id=742
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |WONTFIX
CC|
2016 Jun 17
0
[Bug 2586] Ed25519 secret keys are 64 bytes but only 32 bytes used
https://bugzilla.mindrot.org/show_bug.cgi?id=2586
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
CC|
2009 Jul 26
0
GSSAPI Key Exchange Patch for OpenSSH 5.2p1
Somewhat belatedly, I'm pleased to announce the availability of my
GSSAPI key exchange patches for OpenSSH 5.2p1. Apologies for the delay
in getting these out, a honeymoon, followed by the pressure of work,
made the first half of this year rather busy!
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
2010 Jan 24
0
GSSAPI Key Exchange Patch for OpenSSH 5.3p1
From the better-late-than-never-department, I'm pleased to announce the availability of my GSSAPI Key Exchange patches for OpenSSH 5.3p1. This is a pretty minor maintenance release - it contains a couple of fixes to take into account changes to the underlying OpenSSH code, and a compilation fix for when GSSAPI isn't required. Thanks to Colin Wilson and Jim Basney for their bug reports.
2015 May 01
0
[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)
https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
Status|NEW |RESOLVED
CC|
2016 Feb 05
0
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
CC|
2007 Mar 12
0
GSSAPI Key Exchange Patch for OpenSSH 4.6p1
Hi,
I'm pleased to announce the availability of my GSSAPI Key Exchange
patch for OpenSSH 4.6p1.
This patch adds support for the RFC4462 GSSAPI key exchange
mechanisms to OpenSSH, along with some minor fixes for the GSSAPI
code that is already in the tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. (#1242)
*)
2008 Apr 04
0
GSSAPI Key Exchange Patch for OpenSSH 5.0p1 (plus an added extra)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's that time again! There's been another OpenSSH release, and once
again, I'm pleased to announce the availability of my GSSAPI Key
Exchange patch for it.
Whilst OpenSSH contains support for GSSAPI user authentication, this
still relies upon SSH host keys to authenticate the server to the
user. For sites with a deployed Kerberos
2006 Oct 02
0
GSSAPI Key Exchange for 4.4p1
Hi,
I'm pleased to be able to announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.4p1.
This patch adds RFC4462 compatibility to OpenSSH, along with adding
additional GSSAPI support that is yet to make it into the main tree.
The patch implements:
*) gss-group1-sha1-*, gss-group14-sha1-* and gss-gex-sha1-* key
exchange mechanisms. This can be enabled through the