[Bug 2495] add GSI GSSAPI SSO authentication to OpenSSH

https://bugzilla.mindrot.org/show_bug.cgi?id=2495 --- Comment #4 from Damien Miller --- Hi Andre, I declined it because we barely have the knowledge and environments needed to maintain the existing GSSAPI code, and have no familiarity with GSI nor means to test it. -- You are receiving this ma

[Bug 2588] When no MAC is specified in config the server offers non-existing hmac-sha2* without openssl

https://bugzilla.mindrot.org/show_bug.cgi?id=2588 Darren Tucker changed: What|Removed |Added Resolution|--- |FIXED Status|NEW

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Bug 3079 depends on bug 2588, which changed state. Bug 2588 Summary: When no MAC is specified in config the server offers non-existing hmac-sha2* without openssl https://bugzilla.mindrot.org/show_bug.cgi?id=2588 What|Removed

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Damien Miller changed: What|Removed |Added Depends on||2627 Referenced Bugs: https://bugzilla.

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Bug 3079 depends on bug 2627, which changed state. Bug 2627 Summary: Documentation update: semantic of ClientAliveCountMax 0 unclear https://bugzilla.mindrot.org/show_bug.cgi?id=2627 What|Removed |Added

[Bug 2627] Documentation update: semantic of ClientAliveCountMax 0 unclear

https://bugzilla.mindrot.org/show_bug.cgi?id=2627 Damien Miller changed: What|Removed |Added Blocks||3079 Status|NEW

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Bug 3079 depends on bug 1690, which changed state. Bug 1690 Summary: AllowUsers and DenyGroups directives are not parsed in the order specified https://bugzilla.mindrot.org/show_bug.cgi?id=1690 What|Removed |Add

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Damien Miller changed: What|Removed |Added Depends on||1690 Referenced Bugs: https://bugzilla.

[Bug 1690] AllowUsers and DenyGroups directives are not parsed in the order specified

https://bugzilla.mindrot.org/show_bug.cgi?id=1690 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Blocks|

[Bug 2495] add GSI GSSAPI SSO authentication to OpenSSH

https://bugzilla.mindrot.org/show_bug.cgi?id=2495 --- Comment #3 from Andre Merzky --- Hi Damien, may I ask for the reason of declining the patch? I am asking as a user which frequently has to deploy manually patched versions of GSI-SSH, which is rather painful and not always possible. Is the p

[Bug 1621] [patch] support -oControlMaster=required

https://bugzilla.mindrot.org/show_bug.cgi?id=1621 --- Comment #2 from Colin Walters --- At the time, I was working on a GUI ssh app (for Unix) - that was...a long time ago. I think it still makes sense - the idea with the app is that it heavily used SSH channels, and tries to ensure you only hav

[Bug 1925] IPv6 manuals enhancement

https://bugzilla.mindrot.org/show_bug.cgi?id=1925 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME CC|

[Bug 1873] the X forwarding does not work over IPV6

https://bugzilla.mindrot.org/show_bug.cgi?id=1873 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Bug 3079 depends on bug 1871, which changed state. Bug 1871 Summary: ssh-askpass should be able to distinguish between a prompt for confirmation and a prompt for an actual passphrase https://bugzilla.mindrot.org/show_bug.cgi?id=1871 Wh

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Damien Miller changed: What|Removed |Added Depends on||1871 Referenced Bugs: https://bugzilla.

[Bug 1871] ssh-askpass should be able to distinguish between a prompt for confirmation and a prompt for an actual passphrase

https://bugzilla.mindrot.org/show_bug.cgi?id=1871 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED CC|

[Bug 2091] scp hangs while copying a large file and being executed as a background process ( with nohup )

https://bugzilla.mindrot.org/show_bug.cgi?id=2091 --- Comment #5 from Damien Miller --- Please attach a debug log ("scp -vvv ...") if you're still experiencing this. It's not possible to debug this with the information available. -- You are receiving this mail because: You are watching the assi

[Bug 2104] Windows/win32/mingw support

https://bugzilla.mindrot.org/show_bug.cgi?id=2104 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 2148] failure and crash on non-ASCII characters

https://bugzilla.mindrot.org/show_bug.cgi?id=2148 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME CC|

[Bug 2146] Add ability to have a ~/.ssh/config.d directory with smaller configs

https://bugzilla.mindrot.org/show_bug.cgi?id=2146 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 2322] please let the server enable/disable delayed compression on a per user basis

https://bugzilla.mindrot.org/show_bug.cgi?id=2322 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2326] INFO logging fails for client with mis-configured DNS

https://bugzilla.mindrot.org/show_bug.cgi?id=2326 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEW

[Bug 2924] Order a limited host keys list in client based on the known hosts

https://bugzilla.mindrot.org/show_bug.cgi?id=2924 --- Comment #4 from Damien Miller --- OpenSSH 8.2 will enable UpdateHostKeys by default. IMO this goes some way to avoiding this problem. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone

[Bug 2673] Multiple ssh keys for a given server

https://bugzilla.mindrot.org/show_bug.cgi?id=2673 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX CC|

[Bug 2895] ecdsa key invalid format after upgrade

https://bugzilla.mindrot.org/show_bug.cgi?id=2895 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2919] Quoting of filenames with spaces is inconsistent when downloading/uploading

https://bugzilla.mindrot.org/show_bug.cgi?id=2919 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 2294] parsing known hosts files with tabs doesn't work

https://bugzilla.mindrot.org/show_bug.cgi?id=2294 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 2623] AuthorizedKeysFile split pub key and signature with tab `\t` not work.

https://bugzilla.mindrot.org/show_bug.cgi?id=2623 Damien Miller changed: What|Removed |Added CC||cales...@scientia.net --- Comment #6 from

[Bug 1100] GSSAPI-with-mic doesn't handle empty usernames

https://bugzilla.mindrot.org/show_bug.cgi?id=1100 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 1285] provide fallback options /etc/ssh/ssh_config

https://bugzilla.mindrot.org/show_bug.cgi?id=1285 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED

[Bug 1284] allow sftp when rlogin=false

https://bugzilla.mindrot.org/show_bug.cgi?id=1284 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 1278] CYGWIN controlMaster connections don't work.

https://bugzilla.mindrot.org/show_bug.cgi?id=1278 Damien Miller changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|---

[Bug 1245] Add support for Darwin CCAPI

https://bugzilla.mindrot.org/show_bug.cgi?id=1245 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 1117] Last command shows entries for denied logins

https://bugzilla.mindrot.org/show_bug.cgi?id=1117 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 1116] Solaris 10: mucho remote terminal problems

https://bugzilla.mindrot.org/show_bug.cgi?id=1116 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 1101] terminal allocation hangs ssh at a blocking tcsetattr (-t option)

https://bugzilla.mindrot.org/show_bug.cgi?id=1101 Damien Miller changed: What|Removed |Added Resolution|--- |INVALID CC|

[Bug 1065] password expiration and SSH keys don't go well together

https://bugzilla.mindrot.org/show_bug.cgi?id=1065 Damien Miller changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|---

[Bug 3078] Add bug report tracker URL to the man page

https://bugzilla.mindrot.org/show_bug.cgi?id=3078 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 3077] Add --version

https://bugzilla.mindrot.org/show_bug.cgi?id=3077 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX CC|

[Bug 2298] --server and --client switches to optionally install server or client related files

https://bugzilla.mindrot.org/show_bug.cgi?id=2298 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 3113] StrictHostKeyChecking=no works with changed 1024 bit RSA hostkeys but fails when 2048 RSA

https://bugzilla.mindrot.org/show_bug.cgi?id=3113 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #1 from Dami

[Bug 2360] Bugs intended to be fixed in 6.9

https://bugzilla.mindrot.org/show_bug.cgi?id=2360 Bug 2360 depends on bug 2288, which changed state. Bug 2288 Summary: documentation of options defaulting to "none" https://bugzilla.mindrot.org/show_bug.cgi?id=2288 What|Removed |Added ---

[Bug 2288] documentation of options defaulting to "none"

https://bugzilla.mindrot.org/show_bug.cgi?id=2288 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED Status|REOPENED

[Bug 2297] EDD25519 Signature verification failed on Solaris

https://bugzilla.mindrot.org/show_bug.cgi?id=2297 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME CC|

[Bug 2301] test_sshbuf_misc.c:44 ASSERT_INT_NE(feof(out), 0) failed

https://bugzilla.mindrot.org/show_bug.cgi?id=2301 --- Comment #2 from Damien Miller --- Does the autoconf-generated config.h define BROKEN_SNPRINTF on your platform? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the

[Bug 2300] reexec.sh and login-timeout.sh fail due to a race condition

https://bugzilla.mindrot.org/show_bug.cgi?id=2300 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2374] please make single(!) addresses that cannot be bound to not failing sshd startup

https://bugzilla.mindrot.org/show_bug.cgi?id=2374 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2371] make check fails when using --without-openssl on AIX

https://bugzilla.mindrot.org/show_bug.cgi?id=2371 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED CC|

[Bug 2310] functionality to start process before ssh and/or to "wrap" such command around ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2310 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|REOPENED

[Bug 3001] enable sending OpenPGP-formed certificates for ssh hosts

https://bugzilla.mindrot.org/show_bug.cgi?id=3001 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2983] Add --fix-up-the-mess to fix up Offending key warnings for the user in one quick step!

https://bugzilla.mindrot.org/show_bug.cgi?id=2983 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 2986] Add codepoints for LE PHB draft

https://bugzilla.mindrot.org/show_bug.cgi?id=2986 Damien Miller changed: What|Removed |Added Status|NEW |ASSIGNED CC|

[Bug 3005] Use high-level EVP PKEY API instead of low-level algorithm specific calls + separate digesting in the every backend

https://bugzilla.mindrot.org/show_bug.cgi?id=3005 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 1674] Log ~/.ssh/authorized_keys comments when using LogLevel=VERBOSE

https://bugzilla.mindrot.org/show_bug.cgi?id=1674 Damien Miller changed: What|Removed |Added CC||mind...@dstoecker.de --- Comment #1 from

[Bug 3019] Journal log for incoming public key connect not helpful to know origin

https://bugzilla.mindrot.org/show_bug.cgi?id=3019 Damien Miller changed: What|Removed |Added Resolution|--- |DUPLICATE CC|

[Bug 2546] --without-openssl is broken

https://bugzilla.mindrot.org/show_bug.cgi?id=2546 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2533] do not check if HostKeyAgent is available on ssdh startup

https://bugzilla.mindrot.org/show_bug.cgi?id=2533 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX CC|

[Bug 2513] Do not mention rsa1 key type in ssh-keygen usage & in manual pages

https://bugzilla.mindrot.org/show_bug.cgi?id=2513 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 2512] Use IP_FREEBIND if available for sshd listening socket

https://bugzilla.mindrot.org/show_bug.cgi?id=2512 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 2495] add GSI GSSAPI SSO authentication to OpenSSH

https://bugzilla.mindrot.org/show_bug.cgi?id=2495 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Resolution|---

[Bug 1402] Support auditing through Linux Audit subsystem

https://bugzilla.mindrot.org/show_bug.cgi?id=1402 --- Comment #82 from Laurent Bigonville --- (In reply to Damien Miller from comment #81) > Is this patch still used by anyone? It seems a bunch of stuff that > is very obsolete... Red Hat and Fedora are still carrying it I believe See: https://s

[Bug 2493] Accept host key fingerprint as the same as 'yes'

https://bugzilla.mindrot.org/show_bug.cgi?id=2493 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 1413] Add support for launching ssh-agent from Mac OS X's launchd.

https://bugzilla.mindrot.org/show_bug.cgi?id=1413 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #2 from Dami

[Bug 1409] Mac OS X support for Extended Attributes with scp

https://bugzilla.mindrot.org/show_bug.cgi?id=1409 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 1406] Mac OS X Keychain support

https://bugzilla.mindrot.org/show_bug.cgi?id=1406 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX CC|

[Bug 3079] Tracking bug for 8.2 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3079 Damien Miller changed: What|Removed |Added Depends on|1402| Referenced Bugs: https://bugzilla.mind

[Bug 1402] Support auditing through Linux Audit subsystem

https://bugzilla.mindrot.org/show_bug.cgi?id=1402 Damien Miller changed: What|Removed |Added Blocks|3079| --- Comment #81 from Damien Miller ---

[Bug 1393] patch modifies gnome-ssh-askpass to optionally use one-time password

https://bugzilla.mindrot.org/show_bug.cgi?id=1393 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 1328] Support multiple X11 forwarding in multiplexing

https://bugzilla.mindrot.org/show_bug.cgi?id=1328 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 1215] sshd requires entry from getpwnam for PAM accounts

https://bugzilla.mindrot.org/show_bug.cgi?id=1215 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 2483] use AI_ADDRCONFIG flag for getaddrinfo() hints on Solaris

https://bugzilla.mindrot.org/show_bug.cgi?id=2483 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 2611] Add support for $2b$ prefixed hashes

https://bugzilla.mindrot.org/show_bug.cgi?id=2611 Damien Miller changed: What|Removed |Added Resolution|--- |INVALID Status|ASSIGNED

[Bug 2608] Signed overflow in openbsd-compat/strlcpy.c

https://bugzilla.mindrot.org/show_bug.cgi?id=2608 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX CC|

[Bug 2482] SELinux integration

https://bugzilla.mindrot.org/show_bug.cgi?id=2482 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 1602] ssh: doesn't handle IPv6 addresses with brackets

https://bugzilla.mindrot.org/show_bug.cgi?id=1602 Damien Miller changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|---

[Bug 1644] Allow ip options except source routing

https://bugzilla.mindrot.org/show_bug.cgi?id=1644 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 1613] Add the ability to store configuration in various configuration files like in a conf-sub-dir

https://bugzilla.mindrot.org/show_bug.cgi?id=1613 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED CC|