Displaying 20 results from an estimated 700 matches similar to: "[Bug 3692] New: rekey.sh doesn't actually test different algorithms"
2015 May 31
2
Call for testing: OpenSSH 6.9
FreeBSD 10.1-RELEASE
passes tests
DragonflyBSD snapshot
passes tests
Debian 8
run test connect.sh ...
Missing privilege separation directory: /var/empty
FATAL: sshd_proxy broken
Makefile:192: recipe for target 't-exec' failed
make[1]: *** [t-exec] Error 1
make[1]: Leaving directory '/home/sme/openssh/regress'
Makefile:544: recipe for target 'tests' failed
make: ***
2024 Mar 25
18
[Bug 3674] New: Tracking bug for OpenSSH 9.8
https://bugzilla.mindrot.org/show_bug.cgi?id=3674
Bug ID: 3674
Summary: Tracking bug for OpenSSH 9.8
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs at
2011 Jan 12
1
[openssh-commits] CVS: fuyu.mindrot.org: openssh
This commit message was supposed to be:
- (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
silly warnings on write() calls we don't care succeed or not.
I fixed the CVS log retrospectively
On Wed, 12 Jan 2011, Damien Miller wrote:
> CVSROOT: /var/cvs
> Module name: openssh
> Changes by: djm at fuyu.mindrot.org 11/01/12 13:34:04
>
2011 Jan 05
0
[PATCH] fix %n expansion in LocalCommand
After the commit titled "expand %h to the hostname in ssh_config Hostname
options" (2010-07-16), %n always got the same value as %h in the LocalCommand
config option. Fix this and add a regression test.
---
regress/Makefile | 6 ++++--
regress/host-expand.sh | 18 ++++++++++++++++++
ssh.c | 6 ++++--
3 files changed, 26 insertions(+), 4 deletions(-)
diff
2004 Feb 20
1
ssh client auto rekey feature.
I plan to use ssh as the secure transport of a VPN. (Yes I know there are
other solutions but...)
These tunnels may be up for a long time, days or weeks, and escape
characters will be turned off because I'll be passing binary data so I can't
force a rekey with that method.
Since the ssh spec says one should rekey every hour, I plan to patch the ssh
client to implement an auto-rekey
2023 Mar 24
1
ChaCha20 Rekey Frequency
I'm wondering why the ChaCha20 cipher rekeys so frequently. At speed I'm
seeing rekeys every second or two. So I'm spending a large amount of
time in the rekey process. From what I've read about ChaCha20 it
shouldn't need to be rekeyed quite so frequently. Am I missing something
obvious?
Just curious more than anything else.
Chris
2023 Jan 19
4
[Bug 3524] New: Rekey interval timeout not working when no package is being transfered
https://bugzilla.mindrot.org/show_bug.cgi?id=3524
Bug ID: 3524
Summary: Rekey interval timeout not working when no package is
being transfered
Product: Portable OpenSSH
Version: 8.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2023 Mar 29
1
ChaCha20 Rekey Frequency
I was wondering if there was something specific to the internal chacha20
cipher as opposed to OpenSSL implementation.
I can't just change the block size because it breaks compatibility. I
can do something like as a hack (though it would probably be better to
do it with the compat function):
if (strstr(enc->name, "chacha"))
*max_blocks = (u_int64_t)1 << (16*2);
2023 Mar 29
1
ChaCha20 Rekey Frequency
Hi Damien,
>This is what I'm playing with at the moment:
if you?re playing with this currently anyway, shouldn?t?
>+ /*
>+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks
>+ * before rekeying where L is the blocksize in bits.
>+ * Most other ciphers have a 128 bit blocksize, so this equates to
>+ * 2**32 blocks / 64GB data.
>+ */
>+ return
2024 Nov 12
0
[PATCH 1/2] Add test to cover multiple server hostkeys with agent
From: Maxime Rey <maximejeanrey at gmail.com>
This tests the hostkey-prove mechanism in sshd when provided with multiple
host keys managed by the agent
---
regress/hostkey-agent.sh | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh
index 222d424bd..3fa80655e 100644
--- a/regress/hostkey-agent.sh
+++
2023 Mar 30
1
ChaCha20 Rekey Frequency
On Wed, 29 Mar 2023, Thorsten Glaser wrote:
> Hi Damien,
>
> >This is what I'm playing with at the moment:
>
> if you?re playing with this currently anyway, shouldn?t?
>
> >+ /*
> >+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks
> >+ * before rekeying where L is the blocksize in bits.
> >+ * Most other ciphers have a 128
2023 Mar 30
1
ChaCha20 Rekey Frequency
On Thu, 30 Mar 2023, Damien Miller wrote:
>> >+ return (uint64_t)1 << (c->block_size * 2);
>>
>> ? this get an upper bound? This is UB for 256-bit blocksizes
>> at least?
>
>block sizes in struct sshcipher are in bytes, not bits
Yes, exactly.
256 bit = 32 bytes; 32*2 = 64; (uint64_t)1 << 64 is UB.
bye,
//mirabilos
--
Infrastrukturexperte ?
2003 Jun 20
0
[PATCH] Regression test portabilization.
Hi All.
Attached is a patch (against OpenSSH Portable -current) to portablize the
regression tests. It will also apply to OpenBSD's (with a couple of
rejects). They are based on work by Roumen Petrov and myself, with
contributions from Corinna Vinschen and David M Williams.
My goal is to have the tests work out of the box on as many of our
supported platforms as possible so running the
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
Ah, with an internal block size [Is that what one calls it?] of 64 bytes.
From: Damien Miller <djm at mindrot.org>
Sent: Wednesday, March 29, 2023 3:08 PM
To: Robinson, Herbie <Herbie.Robinson at stratus.com>
Cc: Chris Rapier <rapier at psc.edu>; Christian Weisgerber <naddy at mips.inka.de>; openssh-unix-dev at mindrot.org
Subject: RE: [EXTERNAL] Re: ChaCha20 Rekey
2023 Mar 29
2
ChaCha20 Rekey Frequency
On Wed, 29 Mar 2023, Chris Rapier wrote:
> I was wondering if there was something specific to the internal chacha20
> cipher as opposed to OpenSSL implementation.
>
> I can't just change the block size because it breaks compatibility. I can do
> something like as a hack (though it would probably be better to do it with the
> compat function):
>
> if
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
I'm hardly an expert on this, but if I remember correctly, the rekey rate for good security is mostly dependent on the cipher block size. I left my reference books at home; so, I can't come up with a reference for you, but I would take Chris' "I'm deeply unsure of what impact that would have on the security of the cipher" comment seriously and switch to a cipher with a
2018 Apr 24
2
AIX make checks issue
On 23/04/2018 11:49, Michael Felt wrote:
> On 21/04/2018 16:21, Michael Felt wrote:
>
>
> Question: I have not dug into the tests yet. Will copy to a "local"
> directory, and not build out of tree and see if that fixes it (as it
> does for many other packages). However, just in case it does not - how
> can I fast-forward the tests to the "agent" tests?
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher.
On Wed, 29 Mar 2023, Robinson, Herbie wrote:
>
> I?m hardly an expert on this, but if I remember correctly, the rekey rate
> for good security is mostly dependent on the cipher block size.? I left my
> reference books at home; so, I can?t come up with a reference for you, but I
> would take Chris?
2019 Jan 24
2
[Regression] OpenSSH 7.7p1 no longer tests on NonStop Port
On January 22, 2019 10:45, I wrote:
> On January 21, 2019 19:00, Darren Tucker wrote:
> > On Tue, 22 Jan 2019 at 12:01, Randall S. Becker
> > <rsbecker at nexbridge.com>
> > wrote:
> >
> > > Hi All,
> > >
> > > I finally got around to trying to test the 7.7p1 release on the HPE
> > > NonStop Platform. 7.6p1 worked just fine - no
2015 May 29
16
Call for testing: OpenSSH 6.9
Hi,
OpenSSH 6.9 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This release contains
some substantial new features and a number of bugfixes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is