similar to: [Bug 3675] New: CASignatureAlgorithms should be verified before verifying signatures

Oops, I meant to CC the list on this. -- Iain ----- Forwarded message from Iain Morgan <Iain.Morgan at nasa.gov> ----- Date: Thu, 17 Jan 2013 14:51:01 -0800 From: Iain Morgan <Iain.Morgan at nasa.gov> To: Damien Miller <djm at mindrot.org> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Wed, Jan 16, 2013 at 21:26:39 -0600, Damien Miller wrote: > On Mon, 14 Jan

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Bug ID: 3577 Summary: CASignatureAlgorithms supports -cert alogrithms Product: Portable OpenSSH Version: 9.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at

code version referenced: openssh-5.9p1 Hi all, When building openssh with openssl (specifically versions newer than openssl 0.9.8q), there is an issue if FIPS mode is active for openssl. In ssh-rsa.c on line 243 RSA_public_decrypt is called, which is disallowed now in openssl (if in FIPS mode). The library requires appliactions to use the EVP API if running in FIPS mode so it can disallow

Does anyone knows if there is a patch for OpenSSH in order to make it work with 0.9.8r OpenSSL in FIPS Mode ? I'm having problem with the RSA_public_decrypt() function that is failing in FIPS Mode, I changed it to use RSA_verify instead and setting the flag "RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if this is allowed in FIPS Mode, does anyone

https://bugzilla.mindrot.org/show_bug.cgi?id=1987 Bug #: 1987 Summary: FIPS signature verification incompatibility with openssl versions > 0.9.8q Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: normal

https://bugzilla.samba.org/show_bug.cgi?id=10496 Summary: --itemize-changes always reports xattr changes with --xattrs --fake-super Product: rsync Version: 3.1.1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P5 Component: core AssignedTo: wayned at

Dear Group, I'm having a problem connecting Solaris 10 Server to a Redhat Enterprise Linux 5.4 and meanwhile pretty clueless on that issue. Hopefully I get at least a hint, from your group, where to look at. key-length is 2048, permissions are correct on .ssh-directory and the files itself, keygen is done manually. On the Linuxserver we're using openssh-4.3p2-36.el5, on Solaris the

https://bugzilla.mindrot.org/show_bug.cgi?id=2755 Bug ID: 2755 Summary: [PATCH] sshd_config: allow directories in AuthorizedKeysFile= Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

Hello, I found a script with a rsync command. I see two options with this command : --server and --sender. I know it is internal options but i would like to understand the signification of these options :) Really thanks for your help :D ___________________________________________________________________________ Yahoo! Mail r?invente le mail ! D?couvrez le nouveau Yahoo! Mail et son

I hope I don't get flamed the first time I post to a new list. I have spent a couple of hours poking around without seeing anything like this. The problem is, as soon as I load the Zaptel drivers (with a TDM-31B card), ssh into or out of the server is broken. Trying to ssh in, I get: RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01

Timo, Is seems that this commit broke convertion from Maildir to Mbox using dovecot 1.2 convert-tool binary : 2009-07-09 Timo Sirainen <tss at iki.fi> * src/plugins/convert/convert-storage.c: convert plugin: Fixed changing hierarchy separators in mailbox names when alt_hierarchy_char isn't set. [a9f719f9a509] <HEAD> Since, I get the

Hi, I'm setting up an IMAP/POP cluster using dovecot director for some NFS reasons and I'm getting some troubles with director_servers directive. Configuration is shared on both nodes : director_servers = 10.0.50.50 10.0.50.51 director_mail_servers = 192.168.0.150 192.168.0.151 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 }

On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote: > > I need to make these error messages more user-friendly :( > > > > -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the > > key for some reason. I'll make a patch to improve the error message, > > but in the meantime you could probably figure out the exact failure > > using

Hi, I want tested Xen with my OS based on a kernel 2.4 (it''s a CentOS 3.4). I downloaded the unstable sources of xen (xen-unstable-src.tgz). I read the user guide and I verified the "Prerequisites", I''ve : - the "iproute 2" package - the "linux bridge utils" - an installation of Twisted - gcc, binutils & make -

you wrote: > I am using openssh 3.5p1 and I am having problems using the protocol 2 > of ssh with openssl 0.9.6i > It was working fine with openssl 0.9.6g. > I am using binary packages downloaded fron SunFreeware and I did not > changed any config file. > Both the machines are running Solaris 8. > > <test1> /usr/local/bin> ssh -2 -v -v -v test2 > ... > ...

---------- Forwarded message ---------- Date: Fri, 18 Jan 2013 10:19:35 +1100 (EST) From: Damien Miller <djm at mindrot.org> To: Iain Morgan <Iain.Morgan at nasa.gov> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Thu, 17 Jan 2013, Iain Morgan wrote: > > Could you tell me the declaration of the function pointer do_cipher in > > OpenSSL's evp.h on your

On Wed, Feb 17, 2016 at 3:51 AM, Hisashi T Fujinaka <htodd at twofifty.com> wrote: > Sorry, I haven't been paying too much attention here, but I'm having > repeated failures when I tried this morning. > > NetBSD-current: > test_sshkey: ..................................[1] Segmentation fault > (core dumped) ${V} /home/htodd... > *** Error code 139 did it

Hi, I have a returning problem with one of my sparc Solaris machines. I have a Ultra2 with two 296MHz processors. All recent combinations of openssh/openssl have a not permanent problem. If i try to connect to the machine, i get sometimes these errors: # ssh root at simba RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 key_verify failed

https://bugzilla.mindrot.org/show_bug.cgi?id=1853 Summary: sshd doesn't seem to be able to auth a user using an rsa key of 20000 bit Product: Portable OpenSSH Version: 5.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

On Fri, Apr 22, 2016 at 3:41 AM, Damien Miller <djm at mindrot.org> wrote: > On Tue, 19 Apr 2016, Elouan Keryell-Even wrote: > >> Hello, >> >> I have a client machine and a server machine. I generated a pair of >> private-public rsa keys using ssh-keygen. >> >> On the client-machine, I uploaded my private key onto ~/.ssh/id_rsa >> >> On