similar to: [PATCH] Clean up the regress directory with make clean

Hello, I've noticed that `ssh-keygen -Y find-principals` warns about empty lines in the allowed signers file, even though the documentation says they should be treated as comments: $ ssh-keygen -Y find-principals -f allowed_signers.md -I wiktor at metacode.biz -n file -s rsa-key.txt.sig < rsa-key.txt allowed_signers.md:3: missing key <---- here wiktor at metacode.biz `-Y

`ssh-keygen -Y sign` only selects the signing algorithm `rsa-sha2-512` and this prevents ssh-agent implementations that can't support sha512 from signing messages. An example of this is TPMs which mostly only really supports sha256 widely. This change enables `ssh-keygen -Y sign` to honor the `hashalg` option for the signing algorithm. Signed-off-by: Morten Linderud <morten at

Sorry, this now been committed and will be in openssh-10.0 On Sat, 23 Nov 2024, Morten Linderud wrote: > Hi, > > I sent this patch back inn april and I still have a need for this. Would it be > possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`? > > -- > Morten Linderud > PGP: 9C02FF419FECBE16 > > On Thu, Apr 11, 2024 at

Thank you! There is now two " XXX maybe make configurable " in the top of the file that is probably no longer relevant. Do you want a followup patch for that? Cheers, Morten Linderud On Wed, Nov 27, 2024 at 08:25:15AM +1100, Damien Miller wrote: > Sorry, this now been committed and will be in openssh-10.0 > > On Sat, 23 Nov 2024, Morten Linderud wrote: > > > Hi,

Hi, I sent this patch back inn april and I still have a need for this. Would it be possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`? -- Morten Linderud PGP: 9C02FF419FECBE16 On Thu, Apr 11, 2024 at 09:16:39PM +0200, Morten Linderud wrote: > `ssh-keygen -Y sign` only selects the signing algorithm `rsa-sha2-512` > and this prevents ssh-agent

There is no hash algorithm associated with SSH keys. The key format for RSA keys is always ?ssh-rsa?, and it is capable of being used with any of the available signature algorithms (ssh-rsa for SHA-1 and rsa-sha2-256 or rsa-sha2-512 for SHA-2). See section 3 in https://www.rfc-editor.org/rfc/rfc8332: rsa-sha2-256 RECOMMENDED sign Raw RSA key rsa-sha2-512 OPTIONAL

--- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 213041656..c9d4166a7 100644 --- a/.gitignore +++ b/.gitignore @@ -29,6 +29,8 @@ ssh-keysign ssh-pkcs11-helper ssh-sk-helper sshd +sshd-session +sshd-auth !regress/misc/fuzz-harness/Makefile !regress/unittests/sshsig/Makefile tags -- 2.45.2

https://bugzilla.mindrot.org/show_bug.cgi?id=3748 Bug ID: 3748 Summary: "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature type not supported from ssh agent Product: Portable OpenSSH Version: 9.7p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement

On January 22, 2019 10:45, I wrote: > On January 21, 2019 19:00, Darren Tucker wrote: > > On Tue, 22 Jan 2019 at 12:01, Randall S. Becker > > <rsbecker at nexbridge.com> > > wrote: > > > > > Hi All, > > > > > > I finally got around to trying to test the 7.7p1 release on the HPE > > > NonStop Platform. 7.6p1 worked just fine - no

OpenSSH 8.4 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

SUBMISSION DEADLINE 5th International Conference on Vehicle Technology and Intelligent Transport Systems Submission Deadline: December 10, 2018 http://www.vehits.org/ May 3 - 5, 2019 Heraklion, Crete, Greece. VEHITS is organized in 5 major tracks: - Intelligent Vehicle Technologies - Intelligent Transport Systems and Infrastructure - Connected Vehicles - Sustainable Transport - Data

SUBMISSION DEADLINE 8th International Conference on Smart Cities and Green ICT Systems Submission Deadline: December 10, 2018 http://www.smartgreens.org/ May 3 - 5, 2019 Heraklion, Crete, Greece. SMARTGREENS is organized in 5 major tracks: - Energy-Aware Systems and Technologies - Sustainable Computing and Systems - Smart Cities and Smart Buildings - Demos and Use-Cases - Smart and

SUBMISSION DEADLINE 21st International Conference on Enterprise Information Systems Submission Deadline: December 10, 2018 http://www.iceis.org/ May 3 - 5, 2019 Heraklion, Crete, Greece. ICEIS is organized in 6 major tracks: - Databases and Information Systems Integration - Artificial Intelligence and Decision Support Systems - Information Systems Analysis and Specification - Software

SUBMISSION DEADLINE 4th International Conference on Internet of Things, Big Data and Security Submission Deadline: December 10, 2018 http://iotbds.org/ May 2 - 4, 2019 Heraklion, Crete, Greece. IoTBDS is organized in 7 major tracks: - Big Data Research - Emerging Services and Analytics - Internet of Things (IoT) Fundamentals - Internet of Things (IoT) Applications - Big Data for

SUBMISSION DEADLINE 9th International Conference on Cloud Computing and Services Science Submission Deadline: December 10, 2018 http://closer.scitevents.org May 2 - 4, 2019 Heraklion, Crete, Greece. CLOSER is organized in 9 major tracks: - Services Science - Data as a Service - Cloud Operations - Edge Cloud and Fog Computing - Service Modelling and Analytics - Mobile Cloud

Hi, OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.

Engine keys are keys whose file format is understood by a specific engine rather than by openssl itself. Since these keys are file based, the pkcs11 interface isn't appropriate for them because they don't actually represent tokens. The current most useful engine for openssh keys are the TPM engines, which allow all private keys to be stored in a form only the TPM hardware can decode,

Add private key protection information extraction to shh-keygen using -v option on top of -y option which is already parsing the private key. Technically, the passphrase isn't necessary to do this, but it is the most logical thing to do for me. Adding this to -l option is not appropriate because fingerprinting is using the .pub file when available. An other idea is to add a new option, I

Hello, We are porting openssh-3.1p1 onto SX-6 running on SuperUX. We landed into problem when we started running sshd with the default encryption settings. As you would have already seen on this mailing list. Basically we are facing two problems (both client and servers run on SX):- 1) If the we use the default encryption algorithm aes128-cbc then we get a Bad Packet length problem on