Displaying 20 results from an estimated 200 matches similar to: "[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm"
2024 Nov 23
2
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Hi,
I sent this patch back inn april and I still have a need for this. Would it be
possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`?
--
Morten Linderud
PGP: 9C02FF419FECBE16
On Thu, Apr 11, 2024 at 09:16:39PM +0200, Morten Linderud wrote:
> `ssh-keygen -Y sign` only selects the signing algorithm `rsa-sha2-512`
> and this prevents ssh-agent
2024 Nov 26
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Sorry, this now been committed and will be in openssh-10.0
On Sat, 23 Nov 2024, Morten Linderud wrote:
> Hi,
>
> I sent this patch back inn april and I still have a need for this. Would it be
> possible to get any pointers how we can have `hashalg` selectable by `ssh-keygen -Y`?
>
> --
> Morten Linderud
> PGP: 9C02FF419FECBE16
>
> On Thu, Apr 11, 2024 at
2024 Nov 26
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
Thank you!
There is now two " XXX maybe make configurable " in the top of the file that is
probably no longer relevant. Do you want a followup patch for that?
Cheers,
Morten Linderud
On Wed, Nov 27, 2024 at 08:25:15AM +1100, Damien Miller wrote:
> Sorry, this now been committed and will be in openssh-10.0
>
> On Sat, 23 Nov 2024, Morten Linderud wrote:
>
> > Hi,
2024 Nov 23
1
[PATCH] sshsig: check hashalg before selecting the RSA signature algorithm
There is no hash algorithm associated with SSH keys. The key format for RSA keys is always ?ssh-rsa?, and it is capable of being used with any of the available signature algorithms (ssh-rsa for SHA-1 and rsa-sha2-256 or rsa-sha2-512 for SHA-2).
See section 3 in https://www.rfc-editor.org/rfc/rfc8332:
rsa-sha2-256 RECOMMENDED sign Raw RSA key
rsa-sha2-512 OPTIONAL
2023 Oct 20
0
[PATCH] Clean up the regress directory with make clean
This patch removes the various keys and support files created during
make tests. It might not be as compact as it could be, and I'd be happy
to get comments on that, but it does work.
diff --git a/Makefile.in b/Makefile.in
index 70287f51f..0f1ef844d 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -296,6 +296,45 @@ clean: regressclean
rm -f regress/misc/sk-dummy/*.o
rm -f
2009 Jan 19
0
compiling python2.5 (msys+mingw+wine) using msvcr80 assemblies
folks, hi,
after some quiet advice i've tracked down a method for compiling
python2.5 using msvcr80 that _will_ actually work both under native
win32 and also under wine, but it's a _bit_ dodgy, as i couldn't track
down where you're supposed to put Microsoft.VC80.CRT, except in the
path of the application where it's running from. so, instead, i put
the _contents_ of
2010 Dec 04
1
Application Installation Error
I am attempting to use wine to run a windows application called
VideoReDo. I'm getting an error when I try to install the program,
however, and I don't know how to proceed. The error is:
fixme:actctx:parse_depend_manifests Could not find dependent assembly
L"Microsoft.VC80.CRT"
If I ignore the error, I get a further error:
err:seh:setup_exception_record stack overflow 896
2024 Oct 29
5
[Bug 3748] New: "webauthn-sk-ecdsa-sha2-nistp256@openssh.com" signature type not supported from ssh agent
https://bugzilla.mindrot.org/show_bug.cgi?id=3748
Bug ID: 3748
Summary: "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com"
signature type not supported from ssh agent
Product: Portable OpenSSH
Version: 9.7p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: enhancement
2024 Nov 19
3
[Bug 3753] New: ssh-keygen and ssh-keyscan prints SHA1 SSHFP digest by default
https://bugzilla.mindrot.org/show_bug.cgi?id=3753
Bug ID: 3753
Summary: ssh-keygen and ssh-keyscan prints SHA1 SSHFP digest by
default
Product: Portable OpenSSH
Version: 9.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2024 Jun 26
1
CISA et al: "Exploring Memory Safety in Critical Open Source Projects"
i'm not sure if anything has changed since
https://marc.info/?l=openbsd-misc&m=151233345723889&w=2
On Wed, Jun 26, 2024 at 9:32?AM Joseph S. Testa II
<jtesta at positronsecurity.com> wrote:
>
> Has anyone done any initial research into how much effort it would take
> to port OpenSSH to Rust? If not, I might find that interesting to
> start. (Mind you, this would
2024 Oct 24
1
[PATCH] Updated gitignore to ignore sshd-session and sshd-auth targets
---
.gitignore | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.gitignore b/.gitignore
index 213041656..c9d4166a7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,6 +29,8 @@ ssh-keysign
ssh-pkcs11-helper
ssh-sk-helper
sshd
+sshd-session
+sshd-auth
!regress/misc/fuzz-harness/Makefile
!regress/unittests/sshsig/Makefile
tags
--
2.45.2
2020 Sep 20
13
Call for testing: OpenSSH 8.4
Hi,
OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2020 Sep 27
0
Announce: OpenSSH 8.4 released
OpenSSH 8.4 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2020 Sep 21
4
Call for testing: OpenSSH 8.4
On Mon, 21 Sep 2020 at 09:53, Hisashi T Fujinaka <htodd at twofifty.com> wrote:
> OK, NetBSD-current amd64, NetBSD-9-amd64, and NetBSD-9-i386 all pass all
> tests. MacOS, well, I always try it but it has problems.
What's the problem on OS X? We test on it regularly (El Capitan and
High Sierra) and the only problem I'm aware of is that the native
libcrypto on High Sierra is
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
Add support to load additional certificates
for already loaded private keys. Useful
if the private key is on a PKCS#11 hardware token.
The private keys inside ssh-agent are now using a refcount
to share the private parts between "Identities".
The reason for this change was that the PKCS#11 code
might have redirected ("wrap") the RSA functions to a hardware token.
We don't
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
Engine keys are keys whose file format is understood by a specific
engine rather than by openssl itself. Since these keys are file
based, the pkcs11 interface isn't appropriate for them because they
don't actually represent tokens. The current most useful engine for
openssh keys are the TPM engines, which allow all private keys to be
stored in a form only the TPM hardware can decode,
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
Add private key protection information extraction to shh-keygen using -v
option on top of -y option which is already parsing the private key.
Technically, the passphrase isn't necessary to do this, but it is the
most logical thing to do for me.
Adding this to -l option is not appropriate because fingerprinting is
using the .pub file when available.
An other idea is to add a new option, I
2013 May 15
2
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
Functionality request for supporting Digital Signatures for RSA and DSS
Public Key Algorithms in alignment with NIST SP800-131A.
I
assume this has been asked before, but I could not find in the
archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key
algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH
Extension Algorithms are supported, but not a
2020 Jul 21
11
[RFC PATCH 0/4] PAM module for ssh-agent user authentication
Hi,
The main (and probably the only) use case of this PAM module is to let
sudo authenticate users via their ssh-agent, therefore without having
to type any password and without being tempted to use the NOPASSWD sudo
option for such convenience.
The principle is originally implemented by an existing module [0][1]
and many pages that explain how to use it for such purpose can be
found online.