similar to: OpenSSH private key encryption: time for AES?

https://bugzilla.mindrot.org/show_bug.cgi?id=1550 Summary: Move from 3DES to AES-256 for private key encryption Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: ssh-keygen AssignedTo:

Looking at openSSH INSTALL: To generate a host key, run "make host-key". Alternately you can do so manually using the following commands: ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N "" ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" But when I try latter, I get: (gdb) n 1 0x35a6 in save_private_key_ssh2 ( filename=0xb2d2c

When compiling the software it breaks with an error on the cipher.c file. Lot's of warnings and error of undeclared stuff. Snippet follows: gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I. -I/usr/local/ssl/include -Iyes -I/usr/local/include -DSSHDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\"

Hi, The 20130110 snapshot fails to build against OpenSSL 0.9.8 and 1.0.0 with the following error: gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/tmp/foo/etc\" -D_PATH_SSH_PROGRAM=\"/tmp/foo/bin/ssh\"

On Wed, 15 May 2019 at 23:14, Samiya Khanum <samiya.khanum at broadcom.com> wrote: > Hi Darren, > Thanks for quick response. > Even with openSSH8.0 version, it is not supported? 8.0p1 should work although I have not tested that specific OpenSSL version. Between 7.9p1 and 8.0p1 I had it working against what was OpenSSL head at the time. -- Darren Tucker (dtucker at dtucker.net)

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

I've just compiled and installed openssh-2.9.9p2 (compiled against openssl-0.9.6b using gcc-3.0.0) on a Slackware 7-based Linux machine (kernel 2.4.6ac2). The previously installed version was 2.9p2, compiled against openssl-0.9.6a, also with gcc-3.0.0, but with a different build of gcc-3.0.0. Everything seems to work fine except for one problem: passphrase matching for ssh2 keys

Hi, I have a problem compiling openssh pre 1.12 on solaris 2.5.1 platform with gnu gcc 2.95.2 u_int32_t is missing somehow and i cannot find any includes which define it. gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\" -DSSH_PROGRAM=\"/usr/local/bin/ssh\" -DASKPASS_PROGRAM=\"/usr/local/lib/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c authfile.c

https://bugzilla.mindrot.org/show_bug.cgi?id=3068 Bug ID: 3068 Summary: Duplicate code in sshkey_load_private() function Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Windows 10 Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee:

Hello everybody, Thank you Fufu Fang for your quick reply: With tinc version 1.0.35 and the bellow options at 100% CPu load i get about 10 MB/s... PMTU = 1400 PMTUDiscovery = yes #Cipher = none Cipher = chacha20-poly1305 Digest = blake2b512 Tried Cipher = none as well and also got 10MB/s with 100% CPU on one thread the other three available threads are idle. With inc_1.1~pre17-1.1_amd64.deb

On Fri, May 25, 2001 at 02:21:06PM +0200, Nigel Kukard wrote: > Hi, > > [nkukard at wigglytuff .ssh]$ ssh-keygen -pf test_id > Enter old passphrase: > 'ey has comment 'ii > Enter new passphrase (empty for no passphrase): > Enter same passphrase again: > Segmentation fault (core dumped) > [nkukard at wigglytuff .ssh]$ > > > That is the error

Hello everybody, First a big thanks for tinc-vpn I am still using it next to wireguard and openvpn. I am having a setup where the tinc debian appliance is at 100% cpu load doing about 7.5MB/s. Compression = 9 PMTU = 1400 PMTUDiscovery = yes Cipher = aes-128-cbc How can I pick a cipher that is the fasted for my CPU and don't create a CPU bottleneck at 100%. Kind regards, Jelle de Jong

This (very quick) patch allows you to connect with the commercial ssh.com windows client and use x509 certs for hostkeys. You have to import your CA cert (ca.crt) in the windows client and certify your hostkey: $ cat << 'EOF' > x509v3.cnf CERTPATHLEN = 1 CERTUSAGE = digitalSignature,keyCertSign CERTIP = 0.0.0.0 [x509v3_CA]

OpenSSH 7.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

Hi, I'm experimenting with certificates for users, giving access via the TrustedUserCAKeys mechanism. Unfortunately, there seems to be a limit of one certificate per SSH key on the user's side, which prevents using the same key for hosts using different TrustedUserCAKeys. Is there a clean way around this? To make the above clearer, consider the following situation: A collection of hosts

on very large files, vim will condense display - e.g. +-- 8 lines: static inline void php_openssl_rand_add_timeval() -------------------------------------------------------------------------------------------------------------------------------------------------- #endif +-- 29 lines: static int php_openssl_load_rand_file(const char * file, int *egdsocket, int *seeded)

This patch makes keys work again. This bug was introduced in r1.78: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.77;r2=1.78. Joachim Index: authfile.c =================================================================== RCS file: /usr/obsd-repos/src/usr.bin/ssh/authfile.c,v retrieving revision 1.78 diff -u -N -p authfile.c --- authfile.c 11 Jan 2010 04:46:45 -0000

On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote: > > I need to make these error messages more user-friendly :( > > > > -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the > > key for some reason. I'll make a patch to improve the error message, > > but in the meantime you could probably figure out the exact failure > > using

I get error: %SSHD-3-ERROR: Could not load host key: /tmp/ssh_host_dsa_key: Bad file descriptor Jan 26 23:58:52: %SSHD-6-INFO: Disabling protocol version 2. Could not load host key Everything looks okay, the file exists, (it was generated using command: ssh-keygen -d -f ssh_host_dsa_key -N '') I also do 'ls' and find the file exists with permissions: -rw------- 1 root group