On Fri, 2 Jun 2000, Hajimu UMEMOTO wrote:
Thank you. It's working fine with wdm here.
Good to know.
BTW, I believe this version of pam_ssh.so doesn't support DSA key yet.
Does someone working on it?
Perhaps the author could tell us (CCed) :-)
I'm on it.
--
Andrew J. Korty,
On Fri, 2 Jun 2000, Hajimu UMEMOTO wrote:
BTW, I believe this version of pam_ssh.so doesn't support DSA key yet.
Does someone working on it?
Oops ... it looks like ssh-agent doesn't support DSA keys yet. Am
I missing something? I suppose I could just add DSA support for the
PAM
On Sun, 4 Jun 2000 12:30:42 -0500 (EST)
"Andrew J. Korty" [EMAIL PROTECTED] said:
On Fri, 2 Jun 2000, Hajimu UMEMOTO wrote:
BTW, I believe this version of pam_ssh.so doesn't support DSA key yet.
Does someone working on it?
ajk Oops ... it looks like ssh-agent doesn't support DSA keys
On Tue, 30 May 2000 12:30:41 -0700 (PDT)
Kris Kennaway [EMAIL PROTECTED] said:
kris On Tue, 30 May 2000, Alexander Leidinger wrote:
I've just committed the version from ports to the source tree - could you
verify it works?
I have to wait until internat catches up, but I'm using
On Sun, 21 May 2000, Hajimu UMEMOTO wrote:
I also met this with wdm here.
To avoid this problem, I replaced pam_ssh.c with
ports/security/opessh/pam_ssh.c with changing PATH_SSH_AGENT to
/usr/bin/ssh-agent. It seems working.
I've just committed the version from ports to the source tree -
On 30 May, Kris Kennaway wrote:
I also met this with wdm here.
To avoid this problem, I replaced pam_ssh.c with
ports/security/opessh/pam_ssh.c with changing PATH_SSH_AGENT to
/usr/bin/ssh-agent. It seems working.
I've just committed the version from ports to the source tree - could you
On Tue, 30 May 2000, Alexander Leidinger wrote:
I've just committed the version from ports to the source tree - could you
verify it works?
I have to wait until internat catches up, but I'm using pam_ssh.c from
ports for a while and it didn't kill xdm.
Oops, this is now committed to
On 21 May, Hajimu UMEMOTO wrote:
[kris CCed, I think hi knows how to handle this]
Alexander after a new build{world,kernel} after the import of OpenSSH 2.1 to
Alexander internat (cvsupped 2517, around 14:00 CEST), xdm gets a signal
Alexander 11 if I use pam_ssh.so (after entering
On Thu, 18 May 2000 16:19:25 +0200 (CEST)
Alexander Leidinger [EMAIL PROTECTED] said:
Alexander after a new build{world,kernel} after the import of OpenSSH 2.1 to
Alexander internat (cvsupped 2517, around 14:00 CEST), xdm gets a signal
Alexander 11 if I use pam_ssh.so (after entering
But I'm suddenly confused what you're actually talking about
here: OpenSSH, OpenSSL, or RSAREF.
OpenSSH has never included crypto code, but it's useless without OpenSSL
which quite certainly does. OpenSSH no longer requires RSAREF to operate
(if you've got clients/servers willing to do DSA
speaking of which, I presume that OpenSSH 2.1 is being
merged into Internat by kindly overworked developer types
at the moment?
On Tue, May 16, 2000 at 10:06:09AM -0700, David O'Brien wrote:
Even so, moving SSH into the bindist would be one less thing that has to
be merged into Internat all
On Wed, 17 May 2000, Jordan K. Hubbard wrote:
OK, if OpenSSL still contains crypto then "never mind"; I thought
OpenSSL used *only* RSA and it used it through the RSAstubs code,
making it "OK."
OpenSSL is a general-purpose cryptography toolkit which includes such
goodies as Blowfish, CAST,
On Wed, 17 May 2000, Mark Blackman wrote:
speaking of which, I presume that OpenSSH 2.1 is being
merged into Internat by kindly overworked developer types
at the moment?
I think Peter Wemm has already finished.
Kris
In God we Trust -- all others must submit an X.509 certificate
Err, well it still requires openssl, which I think is firmly rooted in the
crypto distribution as long as we have one.
Is it? I thought the RSAref code being pluggable gave it some
protection, or is merely "pluggability" also classified as crypto?
I do recall someone saying something to that
On Mon, May 15, 2000 at 09:54:52PM -0700, Kris Kennaway wrote:
Err, well it still requires openssl, which I think is firmly rooted in the
crypto distribution as long as we have one.
Even so, moving SSH into the bindist would be one less thing that has to
be merged into Internat all the time.
On Mon, 15 May 2000, Jordan K. Hubbard wrote:
Err, well it still requires openssl, which I think is firmly rooted in the
crypto distribution as long as we have one.
Is it? I thought the RSAref code being pluggable gave it some
protection, or is merely "pluggability" also classified as
* No longer a dependency on RSA (and therefore rsaref for US folks): SSH2
can handle DSA keys which have no patent or usage restrictions. This means
we could now enable SSH2 out of the box in a crypto installation, with no
post-installation configuration requirements. We now have a truly free
On Mon, 15 May 2000, Jordan K. Hubbard wrote:
I wonder if we even have to have it be part of the crypto distribution
in such an event. I always thought it would have been nice if it
could have come with the bindist, and if it doesn't have any "crypto"
dependencies or bits which explicitly
On Sun, 14 May 2000 22:52:11 MST, Kris Kennaway wrote:
* Kerberos support is also limited to SSH1.
Presumably this is still Heimdal Kerberos support, without MIT
interoperability?
Ciao,
Sheldon.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body
Okay, I've just committed OpenSSH 2.1 to -current. It was a difficult
merge because the OpenSSH guys basically ripped apart the source code when
they were rearranging it for SSH2 support, so I hope I put all of our
local changes back in the right places. I've tested this as much as I
could
20 matches
Mail list logo
