Displaying 20 results from an estimated 700 matches similar to: "OpenSSH private key encryption: time for AES?"
2009 Jan 22
8
[Bug 1550] New: Move from 3DES to AES-256 for private key encryption
https://bugzilla.mindrot.org/show_bug.cgi?id=1550
Summary: Move from 3DES to AES-256 for private key encryption
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P2
Component: ssh-keygen
AssignedTo:
2001 Jan 11
3
ssh-keygen: passphrase.
Looking at openSSH INSTALL:
To generate a host key, run "make host-key". Alternately you can do so
manually using the following commands:
ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ""
ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N ""
But when I try latter, I get:
(gdb) n
1 0x35a6 in save_private_key_ssh2 (
filename=0xb2d2c
2002 Mar 08
1
Problems with Solaris 8 and OpenSSH 3.1p1
When compiling the software it breaks with an error on the cipher.c file.
Lot's of warnings and error of undeclared stuff.
Snippet follows:
gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I.
-I/usr/local/ssl/include -Iyes -I/usr/local/include -DSSHDIR=\"/etc\"
-D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\"
2013 Jan 14
3
Inconsisten declaration of ssh_aes_ctr_iv()
Hi,
The 20130110 snapshot fails to build against OpenSSL 0.9.8 and 1.0.0
with the following error:
gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/tmp/foo/etc\" -D_PATH_SSH_PROGRAM=\"/tmp/foo/bin/ssh\"
2019 May 15
2
Re: ​Building openssh7.9p1 and above against openssl1.1.1b
On Wed, 15 May 2019 at 23:14, Samiya Khanum <samiya.khanum at broadcom.com> wrote:
> Hi Darren,
> Thanks for quick response.
> Even with openSSH8.0 version, it is not supported?
8.0p1 should work although I have not tested that specific OpenSSL
version. Between 7.9p1 and 8.0p1 I had it working against what was
OpenSSL head at the time.
--
Darren Tucker (dtucker at dtucker.net)
2019 Aug 06
2
[PATCH v2] Remove sshkey_load_private()
Remove sshkey_load_private(), as this function's role
is similar to sshkey_load_private_type().
---
Dependency:
This change depends over recently merged change in openbsd:
https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0
Change log:
v1->v2
- Remove declaration of sshkey_load_private() in authfile.h
authfile.c | 38
2001 Sep 27
4
ssh2 key passphrase problems in 2.9.9 on Linux
I've just compiled and installed openssh-2.9.9p2 (compiled against
openssl-0.9.6b using gcc-3.0.0) on a Slackware 7-based Linux machine
(kernel 2.4.6ac2). The previously installed version was 2.9p2, compiled
against openssl-0.9.6a, also with gcc-3.0.0, but with a different build of
gcc-3.0.0.
Everything seems to work fine except for one problem: passphrase matching
for ssh2 keys
1999 Nov 19
1
solaris compiling woes
Hi,
I have a problem compiling openssh pre 1.12 on solaris 2.5.1 platform with
gnu gcc 2.95.2
u_int32_t is missing somehow and i cannot find any includes which define it.
gcc -g -O2 -Wall -I/usr/local/ssl/include -DETCDIR=\"/usr/local/etc\"
-DSSH_PROGRAM=\"/usr/local/bin/ssh\"
-DASKPASS_PROGRAM=\"/usr/local/lib/ssh/ssh-askpass\" -DHAVE_CONFIG_H -c
authfile.c
2019 Sep 10
3
[Bug 3068] New: Duplicate code in sshkey_load_private() function
https://bugzilla.mindrot.org/show_bug.cgi?id=3068
Bug ID: 3068
Summary: Duplicate code in sshkey_load_private() function
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee:
2020 Apr 04
0
how to pick cipher for AES-NI enabled AMD GX-412TC SOC tincd at 100% CPU
Hello everybody,
Thank you Fufu Fang for your quick reply:
With tinc version 1.0.35 and the bellow options at 100% CPu load i get
about 10 MB/s...
PMTU = 1400
PMTUDiscovery = yes
#Cipher = none
Cipher = chacha20-poly1305
Digest = blake2b512
Tried Cipher = none as well and also got 10MB/s with 100% CPU on one
thread the other three available threads are idle.
With inc_1.1~pre17-1.1_amd64.deb
2001 May 25
1
ssh-keygen segfault (2.9p1)
On Fri, May 25, 2001 at 02:21:06PM +0200, Nigel Kukard wrote:
> Hi,
>
> [nkukard at wigglytuff .ssh]$ ssh-keygen -pf test_id
> Enter old passphrase:
> 'ey has comment 'ii
> Enter new passphrase (empty for no passphrase):
> Enter same passphrase again:
> Segmentation fault (core dumped)
> [nkukard at wigglytuff .ssh]$
>
>
> That is the error
2020 Apr 04
3
how to pick cipher for AES-NI enabled AMD GX-412TC SOC tincd at 100% CPU
Hello everybody,
First a big thanks for tinc-vpn I am still using it next to wireguard
and openvpn.
I am having a setup where the tinc debian appliance is at 100% cpu load
doing about 7.5MB/s.
Compression = 9
PMTU = 1400
PMTUDiscovery = yes
Cipher = aes-128-cbc
How can I pick a cipher that is the fasted for my CPU and don't create a
CPU bottleneck at 100%.
Kind regards,
Jelle de Jong
2002 Jan 31
7
x509 for hostkeys.
This (very quick) patch allows you to connect with the commercial
ssh.com windows client and use x509 certs for hostkeys. You have
to import your CA cert (ca.crt) in the windows client and certify
your hostkey:
$ cat << 'EOF' > x509v3.cnf
CERTPATHLEN = 1
CERTUSAGE = digitalSignature,keyCertSign
CERTIP = 0.0.0.0
[x509v3_CA]
2016 Feb 29
5
Announce: OpenSSH 7.2 released
OpenSSH 7.2 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support. OpenSSH also includes
transitional support for the legacy SSH 1.3 and 1.5 protocols
that may be enabled at compile-time.
Once again, we would like to thank the OpenSSH community
2010 Jan 12
2
[patch] Automatically add keys to agent
My keys are secured with a passphrase. That's good for security, but
having to type the passphrase either at every login or at every
invocation of ssh(1) is annoying.
I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep
track of whether I invoked it already, or write some hacky scripts; but
the rest of OpenSSH is wonderfully usable without any hacks.
Hence, this patch.
2013 Sep 05
1
Using multiple certificates for a given private key
Hi,
I'm experimenting with certificates for users, giving access via the
TrustedUserCAKeys mechanism. Unfortunately, there seems to be a limit of
one certificate per SSH key on the user's side, which prevents using the
same key for hosts using different TrustedUserCAKeys. Is there a clean
way around this?
To make the above clearer, consider the following situation:
A collection of hosts
2016 Oct 29
3
Stupid vim question
on very large files, vim will condense display - e.g.
+-- 8 lines: static inline void php_openssl_rand_add_timeval()
--------------------------------------------------------------------------------------------------------------------------------------------------
#endif
+-- 29 lines: static int php_openssl_load_rand_file(const char * file,
int *egdsocket, int *seeded)
2010 Jan 12
1
[patch] Make keys work again
This patch makes keys work again. This bug was introduced in r1.78:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/authfile.c.diff?r1=1.77;r2=1.78.
Joachim
Index: authfile.c
===================================================================
RCS file: /usr/obsd-repos/src/usr.bin/ssh/authfile.c,v
retrieving revision 1.78
diff -u -N -p authfile.c
--- authfile.c 11 Jan 2010 04:46:45 -0000
2016 Feb 17
2
Call for testing: OpenSSH 7.2
On Wed, 17 Feb 2016, Hisashi T Fujinaka wrote:
> > I need to make these error messages more user-friendly :(
> >
> > -24 is SSH_ERR_SYSTEM_ERROR, so it's likely failing to find/load the
> > key for some reason. I'll make a patch to improve the error message,
> > but in the meantime you could probably figure out the exact failure
> > using
2001 Jan 27
4
load host key error:
I get error:
%SSHD-3-ERROR: Could not load host key: /tmp/ssh_host_dsa_key: Bad file
descriptor
Jan 26 23:58:52: %SSHD-6-INFO: Disabling protocol version 2. Could not
load host key
Everything looks okay, the file exists, (it was generated using command:
ssh-keygen -d -f ssh_host_dsa_key -N '')
I also do 'ls' and find the file exists with permissions:
-rw------- 1 root group