OpenSSH | Dev

OpenSSH | Dev Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/openssh/dev/ en-us (c) Gossamer Threads Inc. All rights reserved. 12 Feb 2012 11:52:57 -0800 120 Gossamer Threads | OpenSSH | Dev 75 23 http://www.gossamer-threads.com/lists/openssh/dev/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg PATCH: multiple BindAddress Hello all, I recently have a problem with multiple addresses and address families. Problem is simple, i have some hosts with IPv4 access only and some 12 Feb 2012 07:22:09 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53370 openssh client on Windows 7 key auth issue Dear All, could anybody be so kind and explain me such situation: I set up OpenSSH client on Windows 7. Then I generated keys pair by 'ssh-keygen -t 10 Feb 2012 08:51:52 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53366 Restrict commands available in an SFTP session Hello, i am using SFTP with CHROOT. I want to allow my users that they can upload and download with the sftp server, but they should never do an MK 09 Feb 2012 05:08:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53361 Having issues with remote command execution - ssh -t host 'sudo command' I've been trying to find an answer on other sites however I could not resolve my problem. spec: os: ubuntu 10.0, OpenSSH_5.5p1 Debian-4ubuntu4, OpenS 08 Feb 2012 15:11:02 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53357 Suggestion for openssh Hi! I do not know if it's the ideal place, but I'm sending some suggestion. Always use openssh and its enormous features. - I needed to create an en 07 Feb 2012 04:04:54 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53350 Potential memory leak in sshd [detected by melton] Hi all, After the memory leaks (bug 1967 <https://bugzilla.mindrot.org/show_bug.cgi?id=1967>) I reported in bugzilla are fixed, I also applied melto 03 Feb 2012 17:55:21 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53319 PATCH: Fix memory leak in sshd Hello, The below patch fixes a memory leak I noticed in monitor_read_load() when the child's log pipe is closed. Thanks, Zev Weiss -- diff --git a/ 28 Jan 2012 01:30:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53301 PATCH: Support for encrypted host keys Hello all, I recently found myself wanting to run sshd with passphrase-protected host keys rather than the usual unencrypted format, and was somewhat 28 Jan 2012 01:25:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53300 PermitOpen None diff Hi, I was wondering if this diff would make it into the next release: https://bugzilla.mindrot.org/show_bug.cgi?id=1949 Thanks, //Logan C-x-C-c -- 26 Jan 2012 05:29:35 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53298 Server/Client Alive mechanism issues Hello, I have a bandwidth-constrained connection that I'd like to run rsync over through an SSH tunnel. I also want to detect any network drops prett 25 Jan 2012 09:26:34 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53292 Solaris BSM audit support Does anyone know if openssh has removed the experimental designation for BSM audit support for Solaris systems? If so, which release, please. Thanks. 24 Jan 2012 12:22:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53291 Patterns in HostName ? I have a Unix host that's DHCPd, so resolv.conf is rewritten. Because of company policies, it's not allowed to change the client dhcp config to overr 23 Jan 2012 07:46:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53286 Regarding Pubkey Enumeration HD Moore from MetaSploit has noted that, given a pubkey (and not the corresponding private key, as might be found in authorized_keys), he can determin 20 Jan 2012 01:18:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53269 Donation of 10 ePass2003 to the OpenSSH project Dear all, There were a lot of discussions about smartcards and tokens, and we would like to make a simple offer: donate to each OpenSSH developer an 20 Jan 2012 01:08:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53268 ChrootDirectory per SSH Subsystem? Hi, According to the sshd_config manual page the option ChrootDirectory can be used to force a chroot:ed environment for the SSHD server. But as I un 19 Jan 2012 05:38:43 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53252 sftp-server vs. internal-sftp Hi guys, Given that internal-sftp is the only way to support chrooted users, is there any particular reason why sftp-server is still the default 16 Jan 2012 16:10:14 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53251 X.509 certificate integration continue with PKCS11 and FIPS capable OpenSSL Hello list members, I would like to inform that version 7.1 of X.509 certificate support) is ready. The just published update from "Integration" se 15 Jan 2012 11:38:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53250 [PATCH 1/1] Ported gnome-ssh-askpass2 to gtk3. Hello List, This is for the portable release. I wanted gnome-ssh-askpass to be a gtk+3 app, so I made a quick port. Mark --- contrib/Makefile 13 Jan 2012 02:48:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53248 Request for obfuscating the handshake Dear OpenSSH team, First of all thanks a lot for your good work on developing such a usable peace of software. Nice job. As you may know, we have som 12 Jan 2012 10:58:21 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53240 scp should not report 100% until the last byte is transferred Hello, just my opinion, but yesterday I run into a case, where after 7 hours of transferring a file (a little bit greater than 1 GB) the scp reporte 12 Jan 2012 00:46:16 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53236 Full replay logs of OpenSSH sessions Hi all, I am not 100% sure if this is a -dev or a -user topic, but I am leaning towards the former. Feel free to cuss at me and tell me to ask -user, 11 Jan 2012 04:02:39 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53231 Configuration file TCPKeepAlive option does not work reliably Hi! There are configuration knobs (TCPKeepAlive) to enable/disable the use of TCP keepalives both in the ssh client and server. Unfortunately some UN 10 Jan 2012 07:34:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53228 Interop problem with IPSSH-6.6.0, CR/NL? I have a curious problem connecting with OpenSSH (5.1p1 on FreeBSD, 6.0-beta on OpenBSD) to some managed switches running "IPSSH-6.6.0". When I conne 04 Jan 2012 13:59:08 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53219 ECDSA, SSHFP, and "Error calculating host key fingerprint." When connecting to a host that provides an ECDSA host key and the client has "VerifyHostKeyDNS" set to 'yes' or 'ask' SSH outputs a mysterious and und 03 Jan 2012 16:56:52 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53216 A probable useful feature Hi, As I mentioned in the following post : http://www.linuxquestions.org/questions/linux-security-4/exclude-a-from-being-logged-in-var-log-wtmp-9208 31 Dec 2011 01:40:54 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53211 sshd: Allow more directives in Match-Block Hi, I think, there are some more directives, which could be allowed in the Match block in the sshd_config. For myself, i needed PrintMotd, PrintLast 20 Dec 2011 07:23:19 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53199 ssh-copy-id -p port option Hi. I would like to add an option [-p port] to ssh-copy-id. If this option is given then ssh-copy-id calls ssh with -p port to connect to non-standa 20 Dec 2011 06:31:41 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53198 Retrieving authorized_keys via remote script Here's a simple patch which retrieves authorized_keys via exec'ing a program, rather than reading a flat file. I added a simple option, AuthorizedKe 14 Dec 2011 16:23:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53175 ssh-agent and IdentityFile I've noticed that the ssh-agent applies any keys it already has passwords for (via ssh-add) first, overriding the ssh config files for preferred ident 13 Dec 2011 14:52:38 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53171 ssh-keygen -K option Hi there, I'm in the process of generating a moduli file under Linux with 5.9p1 version which in fact takes quite some time for the big primes t 10 Dec 2011 04:18:42 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53155 Proposal for SFTP extension to include user name and group name in file attributes Hello, I've gathered from searching Bugzilla[1][2] that a patch to update OpenSSH's SFTP implementation to support version 4 or above of the protocol 09 Dec 2011 11:53:29 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53151 Converting SSH2 keys for use in OpenSSH I have a couple of keys generated using the F-Secure SSH2 client. I have converted those keys using "ssh-keygen -i -f samplekey.txt >> ~/.ssh/authoriz 07 Dec 2011 16:54:45 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53148 AllowUsers Hi guys, i think, that we have found an issue in the config "sshd_config". The correct way is, to set AllowUsers in the config like this: > AllowU 05 Dec 2011 11:38:03 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53141 Bad protocol version identification from UNKNOWN (patch) I was just helping someone track down why they were getting a "Bad protocol version identification" error for sshd, and I noticed that it was logging 01 Dec 2011 08:17:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53096 Server moved Hi, The server move was completed over the weekend. Please let me know if anything is broken. -d _______________________________________________ ope 27 Nov 2011 15:23:58 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53082 Feature request: LDAP public keys Hello, Are there any plans to include this feature in future releases? There's a project running for this, patches are available. http://code.google. 23 Nov 2011 03:52:22 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53075 user creation before authentication Hi, I am working on the following SSH solution and I need some help: 1. User ssh against my node where he/she does not have an account 2. Firstly the 22 Nov 2011 06:57:53 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53072 ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure) hi folks: it looks like ssh-keygen -r can't export SSHFP records for ECDSA keys: 0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -f foobar -t ecdsa -q -P ' 21 Nov 2011 07:29:17 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53070 list/bugzilla downtime Hi, The mailing lists and bugzilla are going to be down for a bit while I move the server to a new, better connected and cheaper to operate home. I' 20 Nov 2011 20:16:20 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53067 Wrong permissions for $HOME Hi, today me and a friend of mine spent several hours figuring out why ssh still asked for a password after we set up public key authentication. We h 18 Nov 2011 10:02:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53060 Is there a documentation of the key file formats? Hello, part of a usual OpenSSH installation are quite some files containing key material, like private keys (id_rsa, id_dsa, id_ecdsa) and the corres 14 Nov 2011 09:40:43 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53056 SCP fails to locate remote file: '-- <filename>' I am not sure if many people have run into this, but recently working with some non-standard SSH capable devices, Routers, Firewalls and Switches, 11 Nov 2011 08:57:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53051 Strange behaviour of ssh Hello together! I've Debian 6.0.3 with OpenSSH_5.5p1 and problem with the execution of remote commands via ssh. It seems as if the first command isn' 07 Nov 2011 03:28:33 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53042 PermitOpen none option diff Hi, After reading the previous thread. I decided to give it a try. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543683 Here's the diff (written 06 Nov 2011 05:03:36 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53041 FW: Help with CA Certificates for user authentication? My apologies to the list for inadvertently taking this offline. As info: -----Original Message----- From: Iain Morgan [mailto:Iain.Morgan@nasa.gov] 05 Nov 2011 04:42:28 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53039 Help with CA Certificates for user authentication? As background, I read: http://therowes.net/~greg/2011/03/23/ssh-trusted-ca-key/ http://www.ibm.com/developerworks/aix/library/au-sshsecurity/ http:// 02 Nov 2011 23:50:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/53012 ssh-agent use in different security domains Consider this topology domain1-server1 domain2-server2 | | laptop - 25 Oct 2011 00:57:18 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52980 problem using sshd inside a LXC container Currently I have a RH6.1 host with selinux enabled On this I am running a LXC container with ubuntu (without selinux) with OpenSSH_5.3p1 Debian-3ubunt 24 Oct 2011 04:38:51 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52973 [patch/cygwin] don't require doc files Hi, could somebody with checkin rights please apply the below patch? It only changes the Cygwin specific installation so that it doesn't bail out if 24 Oct 2011 03:40:11 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52974 problem with a tty hello everyone I'm writing an application which execute ssh, I communicate with a ssh process by stdin/stdout. Everything works fine, but lately I've 24 Oct 2011 01:11:18 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52972 Creating a reverse socket often (not always) fails. Hi, I'm a little stuck on getting reverse connection working reliably from embedded devices running dropbear 0.51 to Ubuntu 8.x openssh. Connecting t 21 Oct 2011 20:39:30 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52968 Handing connection depending on the client computer public key fingerprint Hello, I try to find a way to handle SSH connections differently depending if it comes from a 'trusted" computer or from an unknown computer (for in 21 Oct 2011 13:40:30 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52966 Determining the port assigned by -R 0 It's difficult to programmatically determine the port dynamically assigned by -R 0. The port is output in plain (and presumably localized) text, but 14 Oct 2011 13:55:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52931 [PATCH] Fix control persist and stdio forward interaction As reported earlier at https://lists.mindrot.org/pipermail/openssh-unix-dev/2011-March/029441.html there is some strange interaction between Control 13 Oct 2011 02:18:43 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52924 scp with different users This may be a dumb question, but is there any reason why scp a@b:c d: fails, where scp a@b:c . scp c d: succeeds? I get "Host key verification 10 Oct 2011 12:36:27 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52914 Channel life span -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Basic context for my questions: Client (ssh) and server side (sshd) where the client use -L optio 10 Oct 2011 09:38:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52912 Restricting users using one port I have ssh running on port 22 and (say) port 33333. Port 22 is restricted at layer 3 so not much can get to it. Port 33333 is open to the world. I on 09 Oct 2011 01:15:24 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52909 [PATCH] add log= directive to authorized_hosts Attached is a patch which adds a log= directive to authorized_keys. The text in the log="text" directive is appended to the log line, so you can easil 08 Oct 2011 07:05:28 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52904 Detect PID of sshd processes used by one public key; detect -R allocated port on the server I have a situation where a number of potentially hostile clients ssh to a host I control, each ssh'ing in as the same user, and each forwarding a remo 08 Oct 2011 02:01:38 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52898 OpenSSH hanging Hi there, I'm having some strange behaviour from OpenSSH It presents itself when using the "ssh -t" / pseudo terminal. We are using this feat 06 Oct 2011 15:58:16 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52896 Information on command execution in sshd Hi, I was going through the code of open ssh server part ( code for sshd ). My query is when user gives any command ( for example unix command "ls") 02 Oct 2011 05:22:23 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52878 Interop problem with old dropbear and new openssh Hi, I have a router running an old version of OpenWRT with an old version of dropbear (Dropbear sshd v0.44test3). It has been working for many year 30 Sep 2011 14:45:03 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52869 openssh remote port forwarding and permitopen I have an application where a lot of end user CPE devices ssh in automatically to a central server, and are authenticated by public key, to do remote 30 Sep 2011 08:22:04 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52862 sizeof(char) I was scanning through my config.h and noticed something that startled me a bit. The configure script actually checks what sizeof(char) is, and defin 28 Sep 2011 17:32:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52858 Fingerprint mismatch upon cvs update Hello, a moment ago i got this: : @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ : @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED 28 Sep 2011 04:29:31 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52856 Support for ecc Hi All, I think I know the answer. However, I would like to confirm my understanding. Does openssh support the usage of ecc keys? Any plan for suppo 25 Sep 2011 22:23:47 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52849 sshd 5.6p1 does not accept connections in fips mode Hi, I was trying to run sshd after applying the fips patches mentioned in http://www.gossamer-threads.com/lists/engine?do=post_attachment;postatt_ 25 Sep 2011 15:10:26 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52848 which sftp protocol is openssh or sftp-server using or support? Hi, After reading the source code of openssh and man page of sftp. In sftp.h it define 27 /* 28 * draft-ietf-secsh-filexfer-01.txt 29 */ 30 31 /* 21 Sep 2011 18:34:40 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52782 Different HostKeys for different hostnames or IPs in the same sshd?.. Hello! Like many organizations, we have "disaster-recovery" location, where separate servers are running ready to take up important services should 20 Sep 2011 13:12:08 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52768 weird make errors on portable snapshots When doing a make with the portable developer version, I came across this error: ssh/ssh_host_ecdsa_key|/opt/etc/ssh_host_ecdsa_key|g' -e 's|/etc/s 16 Sep 2011 09:42:13 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52746 sftp memory leak patch Hi, I was wondering if there were issues with this diff: https://bugzilla.mindrot.org/show_bug.cgi?id=1921 -- `` Real men run current !'' ________ 11 Sep 2011 02:04:15 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52703 SSH Compression - Block Deduplication Hello, I did a search against the list archive and didn't see any comments on the topic of using deduplication as a compression algorithm. This is 09 Sep 2011 10:03:23 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52692 Announce: X.509 certificates support v7.0 for OpenSSH version 5.9p1 Hi All, Version 7.0 of "X.509 certificates support in OpenSSH" is ready for immediate download. This version allow client to use certificates and k 08 Sep 2011 09:39:03 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52678 Dynamic port remote listener - a BUG? Hello, Today I tried using "dynamically assigned" port for remote listener, by requesting listener on port 0. This is supposed to create a listener o 08 Sep 2011 08:24:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52687 ssh_SSLeay_add_all_algorithms() I am confused on how ssh_SSLeay_add_all_algorithms() get used in the ssh applications for openssh-5.7p1 and later releases. I don't see any of the app 08 Sep 2011 06:33:24 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52674 cipher_get_keycontext() and cipher_set_keycontext() copying OpenSSL RC4 cryptographic state These two functions in cipher.c (I have looked at openssh5.8p1 & openssh5.9p1) copy the internal cryptographic state of an OpenSSL RC4 encryption/decr 07 Sep 2011 07:34:46 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52673 mac_int() does not call HMAC_CTX_init() Last year I sent the email below describing a bug in openssh 5.6p1. I just noticed this bug still exists in 5.9p1. Probably my earlier email was trea 06 Sep 2011 07:36:51 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52652 error in openssh-5.9p1 release Hi, Some of the more observant of you have noticed that the just-released OpenSSH-5.9p1 identifies itself as OpenSSH-5.9p2. Don't be worried - it is 06 Sep 2011 05:16:00 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52649 Announce: OpenSSH 5.9 released OpenSSH 5.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH p 05 Sep 2011 22:29:50 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52645 scp fails after sending command: scp -v -t I encounter a strange problem with scp / sftp: I travel quite a bit. Normally I never have had any problems using ssh / scp / sftp to connect from my 03 Sep 2011 08:43:06 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52470 problems building openssh-5.8p1 on qnx I am having trouble figuring out how to build openssh-5.8p1 for QNX 6.5. I am trying to build on linux, cross-compiling for armv7. If I configure like 02 Sep 2011 04:33:39 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52462 pkcs and host keys Hi Damien, I see in your asia bsdcon presentation you mentioned the possibility of storing host keys in PKCS #11. I'm interested in using a usb rsa 01 Sep 2011 20:22:49 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52460 Auth forwarding socket for single auth Hi all, authentication forwarding depends much on the environment it is used in, but generally on shared hosts it is considered insecure, as this doc 29 Aug 2011 08:50:01 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52452 Unable to execute the commands at remote machine after RSA handshake HI, I am succeeded to do the password less authonitication but unable to execute the command and get the command OUTPUT/ERROR message. Below 26 Aug 2011 05:45:45 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52437 Add missing -o options in ssh(1) manual A few options appear to be missing from the list in ssh's manual. The one I didn't add is EnableSSHKeysign, whose description implies it is only effec 25 Aug 2011 12:31:40 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52434 Fwd: PAM module: To analyse if user is using password or passwordless authentication I am writing a PAM module for ssh service. I would like to know how can I determine within the PAM module if user is using password or password-less ( 25 Aug 2011 03:52:07 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52432 OpenSSH on ULTRIX Hi, not sure if this is considered news, but I have been able to build OpenSSH 5.8p2 on mips-dec-ultrix4.5. On my system I have ULTRIX 4.5 with the l 22 Aug 2011 04:17:23 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52427 authorized_credentials patch. Gives GSSAPI-MIC the same options capability currently provided for public key logins by the AuthorizedKeysFile. Uses krb5_principal_match() to supp 20 Aug 2011 12:52:57 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52420 secureshell@securityfocus.com list dead? Hello, anybody knows what happened to the ssh user mailing list on secureshell@securityfocus.com? it seems to be dead for more than two months now. I 18 Aug 2011 12:17:25 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52417 RSA_public_decrypt and FIPS Does anyone knows if there is a patch for OpenSSH in order to make it work with 0.9.8r OpenSSL in FIPS Mode ? I'm having problem with the RSA_public_d 18 Aug 2011 09:47:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52416 Re: openssh-unix-dev Digest, Vol 100, Issue 3 Works on my netbsd tinkerbox. NetBSD 5.0.2 NetBSD 5.0.2 (GENERIC) It uses rlimit. Privsep sandbox style: rlimit I also get warnings during make. 17 Aug 2011 04:11:05 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52404 MaxSessions option in sshd_config Hi, I need information regarding MaxSessions option in sshd_config. As i understand, it defines the maximum number of channels that can be opened at 16 Aug 2011 08:51:55 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52391 Call for testing: OpenSSH-5.9 Hi, OpenSSH 5.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a cou 13 Aug 2011 17:30:10 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52382 configure bug for HAVE_RES_EXTERN check The code used in configure.ac to check for struct __res_state _res is an extern, can fail. I'm porting the code to UWIN, (Unix on Windows, available a 08 Aug 2011 11:17:37 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52357 Typo in sftp.1 manpage Hello, Just found a typo in sftp.1 manpage: s/ether/either/ Regards -- ^L. _______________________________________________ openssh-unix-dev mailin 07 Aug 2011 05:39:53 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52346 How does one download SSHredder? Hi, In doing some google search on SSH security verification came across mention of program called SSHredder. ( http://developers.slashdot.org/story/ 05 Aug 2011 11:56:37 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52331 Typo in a manpage Hello, There's a typo in moduli.5 manpage. I'm not quite sure it needs a patch. Anyway, the fix is: s/primaility/primality/ Regards -- ^L. ______ 05 Aug 2011 10:03:45 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52332 Anti-MITMA method of Samy Kamkar Hi, I wonder if OpenSSH has the following method against MITMA already implemented or not: " Anti-MITMA: Preventing Man in the Middle Attacks Code a 03 Aug 2011 16:05:15 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52326 OpenSSH and FIPS 140-2 Does anyone knows why in some OpenSSH patches for FIPS we have something like: SSLeay_add_all_algorithms(); if (FIPS_mode() && !FIPSCHECK_verify(NULL 03 Aug 2011 09:31:00 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52325 Adding fflush() to ssh-agent so its output can be redirected to a file Without this patch "ssh-agent -d > ~/ssh-agent.sh" will produce a zero byte file. Obviously a corner case, but for what I'm doing it's a show-stopper, 01 Aug 2011 21:36:24 -0800 http://www.gossamer-threads.com/lists/openssh/dev/52319