similar to: [Bug 3786] New: openssh client no longer connects to dropbear server

Am So., 29. Sept. 2024 um 00:20 Uhr schrieb <piticu.pulii at gmail.com>: > > On Fri, Sep 27, 2024 at 04:35:22PM +0200, Norbert Lange wrote: > > ssh-copy-id has special handling for dropbear, but this seems to be > > quite out of date (or forever wrong). > > I dont see dropbear ever accessing `/etc/dropbear/authorized_keys`, > > and I don't see any hints this

https://bugzilla.mindrot.org/show_bug.cgi?id=3527 Bug ID: 3527 Summary: ssh-copy-id broken for dropbear Product: Portable OpenSSH Version: 9.1p1 Hardware: Other OS: Linux Status: NEW Severity: major Priority: P5 Component: ssh-copy-id Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=2232 Bug ID: 2232 Summary: curve25519-sha256 at libssh.org Signature Failures When 'ssh' Used with Dropbear, libssh Servers Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: major

Hello, ssh-copy-id has special handling for dropbear, but this seems to be quite out of date (or forever wrong). I dont see dropbear ever accessing `/etc/dropbear/authorized_keys`, and I don't see any hints this ever was the case. dropbear uses ~/.ssh/authorized_keys just like OpenSSH, so the special handling needs to go. regards, Norbert

Hi, We have a proprietary RTOS which is *not* POSIX complaint. We want to port SSH server and SCP client onto our platform. How difficult it would be, to port Dropbear into our platform? We would like to integrate our CLI with the SSH. Any recommendations on using Dropbear for our platform? Appreciate sharing your experiences with Dropbear. --- Thanks, Mohan

https://bugzilla.mindrot.org/show_bug.cgi?id=3680 Bug ID: 3680 Summary: Wrong destination in case of dropbear server Product: Portable OpenSSH Version: 8.9p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-copy-id Assignee: unassigned-bugs at

Hi, I have a router running an old version of OpenWRT with an old version of dropbear (Dropbear sshd v0.44test3). It has been working for many years and I ssh in from my desktop systems (running Debian Testing) with no problem. However, recently I upgraded one of my desktops and I can no longer connect to the router. Dropbear on the router is exiting with: exit before auth: bad

https://bugzilla.mindrot.org/show_bug.cgi?id=2233 Bug ID: 2233 Summary: curve25519-sha256 at libssh.org Signature Failures When 'sshd' Used with Dropbear Clients Product: Portable OpenSSH Version: 6.6p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5

I'm using the most up to date version of openssh on OL8 that I can patch to (OpenSSH_8.0p1), I've used update-crypto-policies to disallow the use of ssh-rsa, but apparently am connecting to a host that uses ssh-rsa. I've tried adding HostkeyAlgorithms +ssh-rsa,ssh-rsa-cert-v01 at openssh.com PubkeyAcceptedAlgorithms +ssh-rsa,ssh-rsa-cert-v01 at openssh.com or HostkeyAlgorithms

Il giorno gio 22 nov 2018 alle ore 21:24 Stuart Henderson <stu at spacehopper.org> ha scritto: > > On 2018/11/22 19:55, owl700 at gmail.com wrote: > > Hi, I have compatibility issues with the latest version of > > openssh-server and an old dropbear client, the dopbear client stops at > > preauth > > > > ov 22 14:34:03 myhostname sshd[3905]: debug1: Client

The crypto policies are system-wide to disallow any software (using system crypto) from using unsafe/weak/unwanted algorithm, which is exactly what you are trying to do. You?ll need to allow that system-wide by default, unfortunately. Luckily you can then disallow ssh-rsa in ssh-config by default and only enable it for a few hosts. The correct solution is to throw whatever requires it to the

Lol! Our Security team sent out new policies that dictated turning off ssh-rsa, so *we did. turns out our Security Team doesn't necessarily follow their own dictates, so here we are. Our Linux team says that the correct way to turn off ssh-rsa is via the crypto policies, not via direct manipulation of the /etc/ssh/ssh_config, and I guess that's probably the absolute best way to do so,

well nuts. that, in fact, doesn't work. it appears that, based on an strace, the order of reading for policies is personal .ssh/config, /etc/ssh/ssh_config (and conf.d files), then crypto policies, with the more restrictive policy being used. --- Regards, Kevin Martin On Mon, Sep 9, 2024 at 11:07?AM kevin martin <ktmdms at gmail.com> wrote: > Lol! Our Security team sent out

Hi, I have compatibility issues with the latest version of openssh-server and an old dropbear client, the dopbear client stops at preauth ov 22 14:34:03 myhostname sshd[3905]: debug1: Client protocol version 2.0; client software version dropbear_0.46 Nov 22 14:34:03 myhostname sshd[3905]: debug1: no match: dropbear_0.46 Nov 22 14:34:03 myhostname sshd[3905]: debug1: Local version string

https://bugzilla.mindrot.org/show_bug.cgi?id=2508 Bug ID: 2508 Summary: Wanting OpenSSL error messages in ssherr() for SSH_ERR_LIBCRYPTO_ERROR Product: Portable OpenSSH Version: 7.1p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5

Hi! I'm investigating the seccomp filter in openssh and I wanted to know whether the following system calls should be added to the filter: 1. getgroups - do_authentication2->dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->temporarily_use_uid->getgroups 2. setgroups -

OpenSSH 9.6 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

On Fri, Jan 26, 2024 at 7:24?PM Jochen Bern <Jochen.Bern at binect.de> wrote: > On 25.01.24 14:09, Kaushal Shriyan wrote: > > I am running the below servers on Red Hat Enterprise Linux release 8.7 > > How do I enable strong KexAlgorithms, Ciphers and MACs > > On RHEL 8, you need to be aware that there are "crypto policies" > modifying sshd's behaviour,

OpenSSH 9.6 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

https://bugzilla.mindrot.org/show_bug.cgi?id=3831 Bug ID: 3831 Summary: Invalid key length Product: Portable OpenSSH Version: 9.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org