similar to: [Bug 3823] New: SSH on same device ignores MAC restrictions

Hello, I'm looking for your insight about the log below. We have an SFTP server (IBM Sterling File Gateway) and we're connecting from an OpenSSH SFTP client but something fails during KEX. Complete client-side debug output is below, but I believe the relevant part is: debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none debug1: kex: client->server

On 23/04/2018 11:49, Michael Felt wrote: > On 21/04/2018 16:21, Michael Felt wrote: > > > Question: I have not dug into the tests yet. Will copy to a "local" > directory, and not build out of tree and see if that fixes it (as it > does for many other packages). However, just in case it does not - how > can I fast-forward the tests to the "agent" tests?

Thanks for your suggestion! It seems to have gone a little further this time, but isn't accepting the key and is failing back on password-based auth. We're double-checking that the public key was correctly configured with the account, and also trying a DSA key to see if it behaves differently. Is there anything you'd suggest we look at or try at this point, and thank you very much

Hi, at first I'm not sure if this is the correct list to ask this question. But since I'm using winbind I hope you can help me. I try to realize a kerberized ssh from one client to another. Both clients are member of subdom2.subdom1.example.de and joined to it. The users are from example.de, where subdom1.example.de is a subdomain (bidirectional trust) of example.de and

On Tue, May 02, 2017 at 06:17:47PM +0200, Cristian Ionescu-Idbohrn wrote: > $ ssh -vvv -oMacs=umac-64 at openssh.com localhost : 2>&1 | egrep -i 'macs|umac' > debug2: MACs ctos: umac-64 at openssh.com > debug2: MACs stoc: umac-64 at openssh.com > debug2: MACs ctos: umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm

Hi, mancha and me debugged a problem with OpenSSH 7.3p1 that was reported on the #openssh freenode channel. Symptoms were that this message was popping on the console during a busy X11 session: kex protocol error: type 7 seq 1234 I managed to reproduce the problem, it is related to the SSH_EXT_INFO packet that is send by the server every time it is sending an SSH_NEWKEYS packet, hence after

https://bugzilla.mindrot.org/show_bug.cgi?id=3814 Bug ID: 3814 Summary: incorrect signature when ssh'ing to an AIX server (Big Endian) from amd64 (Little endian) Product: Portable OpenSSH Version: 10.0p1 Hardware: PPC64 OS: AIX Status: NEW Severity: major Priority: P5

Here you go: OpenSSH_7.9p1, OpenSSL 1.1.1d 10 Sep 2019 debug1: Reading configuration data /home/ryantm/.ssh/config debug1: /home/ryantm/.ssh/config line 4: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 13: Applying options for * debug2: resolving "{REDACTED}" port 22 debug2: ssh_connect_direct debug1: Connecting to

Hello. I am running OpenSSH 7.9p1 on my client and server. ssh-keyscan shows the server has ssh-rsa, ssh-ed25519, and ecdsa-sha2-nistp256 host keys. My /etc/ssh/ssh_known_hosts file contains the server's ssh-ed25519 host key. When I try to SSH to the server I get this error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

Hi, I'm having a problem when I add "HostKeyAlgorithms +ssh-dss" to the ssh_config file the host key will always negotiate to a wrong one. In my case it will negotiate to "ecdsa-sha2-nistp256". The client was already configured with the servers rsa public key, before the change I added to the ssh_config file I could see from the debug that server and client will negotiate

https://bugzilla.mindrot.org/show_bug.cgi?id=2729 Bug ID: 2729 Summary: Can connect with MAC hmac-sha1 even though it's not configured on the server Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: Linux Status: NEW Severity: security Priority: P5

Get the following error: root at x065:[/data/prj/openbsd/openssh/openssh-7.7p1/openbsd-compat]make ??????? xlc_r -I/opt/include -O2 -qmaxmem=-1 -qarch=pwr5 -q64 -I. -I.. -I../../src/openssh-7.7p1/openbsd-compat -I../../src/openssh-7.7p1/openbsd-compat/.. -I/opt/include -DHAVE_CONFIG_H -c ../../src/openssh-7.7p1/openbsd-compat/strndup.c

https://bugzilla.mindrot.org/show_bug.cgi?id=3691 Bug ID: 3691 Summary: Connection to localhost succeeds with disabled MAC Product: Portable OpenSSH Version: 9.7p1 Hardware: amd64 OS: Other Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

Thanks for testing - are you able to see if there's anything in the server logs? I've just committed some extra verbosity in the client's log messages that might clarify where it is exiting (patch attached). -d On Fri, 29 Mar 2019, Adam Eijdenberg wrote: > On Wed, Mar 27, 2019 at 10:04 PM Damien Miller <djm at mindrot.org> wrote: > > > > OpenSSH 8.0p1 is almost

I'm trying to send data to a server with openssh 7.9p1, but it's hanging somewhere. the client stop at the line : Jul 7 11:52:16 TOTO sshd[19553]: debug3: channel 0: will not send data after close and after 5 minutes the client closes the connection, why ? This is the trace of the server openssh : ( DEBUG3 level) Jul 7 11:52:15 TOTO sshd[31175]: debug3: fd 6 is not O_NONBLOCK Jul

Hi, OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

On 05/01/2017 04:48 PM, Cristian Ionescu-Idbohrn wrote: > On Mon, 1 May 2017, Cristian Ionescu-Idbohrn wrote: >> >> Example, 'Macs'. >> >> On the man page I read: >> >> "Multiple algorithms must be comma-separated. >> ... >> If the specified value begins with a '-' character, then the >> specified algorithms (including

https://bugzilla.mindrot.org/show_bug.cgi?id=2727 Bug ID: 2727 Summary: ssh_dispatch_run_fatal: Connection to 127.0.0.1 port 8002: message authentication code incorrect Product: Portable OpenSSH Version: 7.5p1 Hardware: ix86 OS: Linux Status: NEW Severity: major Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=3779 Bug ID: 3779 Summary: SHA1 deprecation Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: trivial Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter:

Darren Tucker <dtucker at zip.com.au> writes: > On Tue, Nov 8, 2016 at 1:02 PM, Harry Putnam <reader at newsguy.com> wrote: > [...] >> gv harry> ssh -vv 2x >> >> OpenSSH_7.3p1-hpn14v11, OpenSSL 1.0.2j 26 Sep 2016 > > this is a third-party modified version of OpenSSH. Can you reproduce > the problem with a stock OpenSSH from the source from