similar to: [PATCH] sshsig: check hashalg before selecting the RSA signature algorithm

Displaying 20 results from an estimated 200 matches similar to: "[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm"

2024 Nov 23
2
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Hi, I sent this patch back inn april and I still have a need for this. Would it be possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`? -- Morten Linderud PGP: 9C02FF419FECBE16 On Thu, Apr 11, 2024 at 09:16:39PM +0200, Morten Linderud wrote: > `ssh-keygen -Y sign` only selects the signing algorithm `rsa-sha2-512` > and this prevents ssh-agent
2024 Nov 26
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Sorry, this now been committed and will be in openssh-10.0 On Sat, 23 Nov 2024, Morten Linderud wrote: > Hi, > > I sent this patch back inn april and I still have a need for this. Would it be > possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`? > > -- > Morten Linderud > PGP: 9C02FF419FECBE16 > > On Thu, Apr 11, 2024 at
2024 Nov 26
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Thank you! There is now two " XXX maybe make configurable " in the top of the file that is probably no longer relevant. Do you want a followup patch for that? Cheers, Morten Linderud On Wed, Nov 27, 2024 at 08:25:15AM +1100, Damien Miller wrote: > Sorry, this now been committed and will be in openssh-10.0 > > On Sat, 23 Nov 2024, Morten Linderud wrote: > > > Hi,
2024 Nov 23
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
There is no hash algorithm associated with SSH keys. The key format for RSA keys is always ?ssh-rsa?, and it is capable of being used with any of the available signature algorithms (ssh-rsa for SHA-1 and rsa-sha2-256 or rsa-sha2-512 for SHA-2). See section 3 in https://www.rfc-editor.org/rfc/rfc8332: rsa-sha2-256 RECOMMENDED sign Raw RSA key rsa-sha2-512 OPTIONAL
2023 Oct 20
0
[PATCH] Clean up the regress directory with make clean
This patch removes the various keys and support files created during make tests. It might not be as compact as it could be, and I'd be happy to get comments on that, but it does work. diff --git a/Makefile.in b/Makefile.in index 70287f51f..0f1ef844d 100644 --- a/Makefile.in +++ b/Makefile.in @@ -296,6 +296,45 @@ clean: regressclean rm -f regress/misc/sk-dummy/*.o rm -f
2009 Jan 19
0
compiling python2.5 (msys+mingw+wine) using msvcr80 assemblies
folks, hi, after some quiet advice i've tracked down a method for compiling python2.5 using msvcr80 that _will_ actually work both under native win32 and also under wine, but it's a _bit_ dodgy, as i couldn't track down where you're supposed to put Microsoft.VC80.CRT, except in the path of the application where it's running from. so, instead, i put the _contents_ of
2010 Dec 04
1
Application Installation Error
I am attempting to use wine to run a windows application called VideoReDo. I'm getting an error when I try to install the program, however, and I don't know how to proceed. The error is: fixme:actctx:parse_depend_manifests Could not find dependent assembly L"Microsoft.VC80.CRT" If I ignore the error, I get a further error: err:seh:setup_exception_record stack overflow 896
2024 Oct 29
5
[Bug 3748] New: "webauthn-sk-ecdsa-sha2-nistp256@openssh.com" signature type not supported from ssh agent
https://bugzilla.mindrot.org/show_bug.cgi?id=3748 Bug ID: 3748 Summary: "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature type not supported from ssh agent Product: Portable OpenSSH Version: 9.7p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement
2024 Nov 19
3
[Bug 3753] New: ssh-keygen and ssh-keyscan prints SHA1 SSHFP digest by default
https://bugzilla.mindrot.org/show_bug.cgi?id=3753 Bug ID: 3753 Summary: ssh-keygen and ssh-keyscan prints SHA1 SSHFP digest by default Product: Portable OpenSSH Version: 9.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:
2024 Jun 26
1
CISA et al: "Exploring Memory Safety in Critical Open Source Projects"
i'm not sure if anything has changed since https://marc.info/?l=openbsd-misc&m=151233345723889&w=2 On Wed, Jun 26, 2024 at 9:32?AM Joseph S. Testa II <jtesta at positronsecurity.com> wrote: > > Has anyone done any initial research into how much effort it would take > to port OpenSSH to Rust? If not, I might find that interesting to > start. (Mind you, this would
2024 Oct 24
1
[PATCH] Updated gitignore to ignore sshd-session and sshd-auth targets
--- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 213041656..c9d4166a7 100644 --- a/.gitignore +++ b/.gitignore @@ -29,6 +29,8 @@ ssh-keysign ssh-pkcs11-helper ssh-sk-helper sshd +sshd-session +sshd-auth !regress/misc/fuzz-harness/Makefile !regress/unittests/sshsig/Makefile tags -- 2.45.2
2020 Sep 20
13
Call for testing: OpenSSH 8.4
Hi, OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may
2020 Sep 27
0
Announce: OpenSSH 8.4 released
OpenSSH 8.4 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested
2020 Sep 21
4
Call for testing: OpenSSH 8.4
On Mon, 21 Sep 2020 at 09:53, Hisashi T Fujinaka <htodd at twofifty.com> wrote: > OK, NetBSD-current amd64, NetBSD-9-amd64, and NetBSD-9-i386 all pass all > tests. MacOS, well, I always try it but it has problems. What's the problem on OS X? We test on it regularly (El Capitan and High Sierra) and the only problem I'm aware of is that the native libcrypto on High Sierra is
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
Add support to load additional certificates for already loaded private keys. Useful if the private key is on a PKCS#11 hardware token. The private keys inside ssh-agent are now using a refcount to share the private parts between "Identities". The reason for this change was that the PKCS#11 code might have redirected ("wrap") the RSA functions to a hardware token. We don't
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
Engine keys are keys whose file format is understood by a specific engine rather than by openssl itself. Since these keys are file based, the pkcs11 interface isn't appropriate for them because they don't actually represent tokens. The current most useful engine for openssh keys are the TPM engines, which allow all private keys to be stored in a form only the TPM hardware can decode,
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
Add private key protection information extraction to shh-keygen using -v option on top of -y option which is already parsing the private key. Technically, the passphrase isn't necessary to do this, but it is the most logical thing to do for me. Adding this to -l option is not appropriate because fingerprinting is using the .pub file when available. An other idea is to add a new option, I
2013 May 15
2
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?‏
Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a
2020 Jul 21
11
[RFC PATCH 0/4] PAM module for ssh-agent user authentication
Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.