[Bug 3162] Tracking bug for 8.4 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Bug 3162 depends on bug 3581, which changed state. Bug 3581 Summary: ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion https://bugzilla.mindrot.org/show_bug.cgi?id=3581 What

[Bug 3581] ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion

https://bugzilla.mindrot.org/show_bug.cgi?id=3581 jan-erik changed: What|Removed |Added Resolution|FIXED |--- Status|RESOLVED

[Bug 3568] ctrl-c causes ssh connection to drop

https://bugzilla.mindrot.org/show_bug.cgi?id=3568 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEW

[Bug 3578] RFE: forward error correction

https://bugzilla.mindrot.org/show_bug.cgi?id=3578 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 3575] wrong usage message: "-Q protocol_feature" is an invalid query type

https://bugzilla.mindrot.org/show_bug.cgi?id=3575 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 3573] sshd service crashes with "error 1067: Service terminated unexpectedly" when I try to start it in Windows 11

https://bugzilla.mindrot.org/show_bug.cgi?id=3573 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Status|NEW

[Bug 3576] The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd.

https://bugzilla.mindrot.org/show_bug.cgi?id=3576 Damien Miller changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW

[Bug 3162] Tracking bug for 8.4 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Bug 3162 depends on bug 3577, which changed state. Bug 3577 Summary: CASignatureAlgorithms supports -cert algorithms when used alongside with other options https://bugzilla.mindrot.org/show_bug.cgi?id=3577 What|Removed

[Bug 3162] Tracking bug for 8.4 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Damien Miller changed: What|Removed |Added Depends on||3577 Referenced Bugs:

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Blocks|

[Bug 3162] Tracking bug for 8.4 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Damien Miller changed: What|Removed |Added Depends on||3581 Referenced Bugs:

[Bug 3162] Tracking bug for 8.4 release

https://bugzilla.mindrot.org/show_bug.cgi?id=3162 Bug 3162 depends on bug 3581, which changed state. Bug 3581 Summary: ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion https://bugzilla.mindrot.org/show_bug.cgi?id=3581 What

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Darren Tucker changed: What|Removed |Added Attachment #3701|ok?(dtuc...@dtucker.net)|ok+ Flags|

[Bug 3581] ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion

https://bugzilla.mindrot.org/show_bug.cgi?id=3581 Darren Tucker changed: What|Removed |Added Attachment #3702|ok?(dtuc...@dtucker.net)|ok+ Flags|

[Bug 3581] ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion

https://bugzilla.mindrot.org/show_bug.cgi?id=3581 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org, |

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Damien Miller changed: What|Removed |Added Attachment #3701||ok?(dtuc...@dtucker.net)

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 --- Comment #4 from xspielinbox+mind...@protonmail.com --- Thank you for the clarification and the patch! The patch indeed fixes the configuration-file behavior. It doesn't fix `ssh -Q CASignatureAlgorithms` still producing the wrong output,

[Bug 3581] New: ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion

https://bugzilla.mindrot.org/show_bug.cgi?id=3581 Bug ID: 3581 Summary: ssh-keyscan fails with `fdlim_get: bad value` with large file descriptor limit due to type confusion Product: Portable OpenSSH Version: 9.3p1

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Darren Tucker changed: What|Removed |Added Attachment #3700|ok?(dtuc...@dtucker.net)|ok+ Flags|

[Bug 3580] ssh-keygen -l: "no comment" never appears again after the first comment

https://bugzilla.mindrot.org/show_bug.cgi?id=3580 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org Status|NEW

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org, |

[Bug 3580] New: ssh-keygen -l: "no comment" never appears again after the first comment

https://bugzilla.mindrot.org/show_bug.cgi?id=3580 Bug ID: 3580 Summary: ssh-keygen -l: "no comment" never appears again after the first comment Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS:

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 --- Comment #2 from xspielinbox+mind...@protonmail.com --- that can be controlled via CASignatureAlgorithms, it does not make sense to me, why these options are valid, if a key using this algorithm cannot be obtained. Moreover: having an option

[Bug 3577] CASignatureAlgorithms supports -cert algorithms when used alongside with other options

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 xspielinbox+mind...@protonmail.com changed: What|Removed |Added Summary|CASignatureAlgorithms |CASignatureAlgorithms

[Bug 3579] New: OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information

https://bugzilla.mindrot.org/show_bug.cgi?id=3579 Bug ID: 3579 Summary: OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information Product: Portable

[Bug 3578] RFE: forward error correction

https://bugzilla.mindrot.org/show_bug.cgi?id=3578 --- Comment #2 from Darren Tucker --- (In reply to Richard Neill from comment #0) [...] > * forward error-correction: preemptively transmit each packet 3x > (both from the client-end and the server-end) without waiting to > find out whether it

[Bug 3578] RFE: forward error correction

https://bugzilla.mindrot.org/show_bug.cgi?id=3578 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #1 from

[Bug 3578] New: RFE: forward error correction

https://bugzilla.mindrot.org/show_bug.cgi?id=3578 Bug ID: 3578 Summary: RFE: forward error correction Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement

[Bug 2347] permitopen doesn't work with unix domain sockets

https://bugzilla.mindrot.org/show_bug.cgi?id=2347 Jernej Jakob changed: What|Removed |Added Version|6.7p1 |9.3p1 CC|

[Bug 3542] Allow to redirect stderr only even with tty

https://bugzilla.mindrot.org/show_bug.cgi?id=3542 --- Comment #4 from cadeaudee...@gmail.com --- Hello, update on our side: Since changing the access management system isn't an option (because of the number of users). I have enough and reversed-engineered the bastion (hopefully in this component

[Bug 3577] New: CASignatureAlgorithms supports -cert alogrithms

https://bugzilla.mindrot.org/show_bug.cgi?id=3577 Bug ID: 3577 Summary: CASignatureAlgorithms supports -cert alogrithms Product: Portable OpenSSH Version: 9.3p1 Hardware: amd64 OS: Linux Status: NEW

[Bug 3418] tracking bug for openssh-9.1

https://bugzilla.mindrot.org/show_bug.cgi?id=3418 Bug 3418 depends on bug 2573, which changed state. Bug 2573 Summary: dead sessions cannot be closed with ~. https://bugzilla.mindrot.org/show_bug.cgi?id=2573 What|Removed |Added

[Bug 2573] dead sessions cannot be closed with ~.

https://bugzilla.mindrot.org/show_bug.cgi?id=2573 Christoph Anton Mitterer changed: What|Removed |Added Status|CLOSED |REOPENED

[Bug 3575] wrong usage message: "-Q protocol_feature" is an invalid query type

https://bugzilla.mindrot.org/show_bug.cgi?id=3575 --- Comment #2 from Max Chinni --- Thank you for your answer, that make sense. I took it literally probably because it was on a separate line. I was wrong. I noticed that it works, too, if specified as long as other parameters. "-h" is the same,

[Bug 3575] wrong usage message: "-Q protocol_feature" is an invalid query type

https://bugzilla.mindrot.org/show_bug.cgi?id=3575 Darren Tucker changed: What|Removed |Added CC||dtuc...@dtucker.net --- Comment #1 from

[Bug 3576] New: The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd.

https://bugzilla.mindrot.org/show_bug.cgi?id=3576 Bug ID: 3576 Summary: The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd. Product: Portable OpenSSH

[Bug 3575] New: wrong usage message: "-Q protocol_feature" is an invalid query type

https://bugzilla.mindrot.org/show_bug.cgi?id=3575 Bug ID: 3575 Summary: wrong usage message: "-Q protocol_feature" is an invalid query type Product: Portable OpenSSH Version: 9.2p1 Hardware: Other OS: Linux

[Bug 3549] Tracking bug for OpenSSH 9.4

https://bugzilla.mindrot.org/show_bug.cgi?id=3549 Damien Miller changed: What|Removed |Added Depends on||3574 Referenced Bugs:

[Bug 3549] Tracking bug for OpenSSH 9.4

https://bugzilla.mindrot.org/show_bug.cgi?id=3549 Bug 3549 depends on bug 3574, which changed state. Bug 3574 Summary: sshd ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set https://bugzilla.mindrot.org/show_bug.cgi?id=3574 What|Removed

[Bug 3574] sshd ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED Blocks|

[Bug 3574] sshd ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 Darren Tucker changed: What|Removed |Added Attachment #3699|ok?(dtuc...@dtucker.net)|ok+ Flags|

[Bug 3574] sshd ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 John Meyers changed: What|Removed |Added Summary|ssh ignores |sshd ignores

[Bug 3574] ssh ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 John Meyers changed: What|Removed |Added CC||c...@themeyers.us -- You are receiving

[Bug 3574] ssh ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 --- Comment #1 from John Meyers --- Created attachment 3698 --> https://bugzilla.mindrot.org/attachment.cgi?id=3698=edit Suggested fix -- You are receiving this mail because: You are watching the assignee of the bug.

[Bug 3574] New: ssh ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set

https://bugzilla.mindrot.org/show_bug.cgi?id=3574 Bug ID: 3574 Summary: ssh ignores AuthorizedPrincipalsCommand if AuthorizedKeysCommand is also set Product: Portable OpenSSH Version: 9.3p1 Hardware: All

[Bug 2876] PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication

https://bugzilla.mindrot.org/show_bug.cgi?id=2876 bill.laze...@gmail.com changed: What|Removed |Added CC||bill.laze...@gmail.com ---

[Bug 3573] New: sshd service crashes with "error 1067: Service terminated unexpectedly" when I try to start it in Windows 11

https://bugzilla.mindrot.org/show_bug.cgi?id=3573 Bug ID: 3573 Summary: sshd service crashes with "error 1067: Service terminated unexpectedly" when I try to start it in Windows 11 Product: Portable OpenSSH

[Bug 3017] ExitOnForwardFailure=yes doesn't work for local forwards (-L)

https://bugzilla.mindrot.org/show_bug.cgi?id=3017 Darren Tucker changed: What|Removed |Added CC||dtuc...@dtucker.net --- Comment #6 from

[Bug 3017] ExitOnForwardFailure=yes doesn't work for local forwards (-L)

https://bugzilla.mindrot.org/show_bug.cgi?id=3017 --- Comment #5 from Pavel Sidlo --- I've faced probably the same behavior for RemoteForward. I seems sshd by default allocates both tcp and tcp6 sockets. ExitOnForwardFailure fails to reject connection if tcp is already in use but tcp6 is not

[Bug 3017] ExitOnForwardFailure=yes doesn't work for local forwards (-L)

https://bugzilla.mindrot.org/show_bug.cgi?id=3017 Pavel Sidlo changed: What|Removed |Added CC||pavel.si...@linuxbox.cz -- You are

[Bug 3572] New: ssh-agent refused operation when using FIDO2 with -O verify-required

https://bugzilla.mindrot.org/show_bug.cgi?id=3572 Bug ID: 3572 Summary: ssh-agent refused operation when using FIDO2 with -O verify-required Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS:

[Bug 3571] New: Canceling SSH_ASKPASS actually sends an empty string

https://bugzilla.mindrot.org/show_bug.cgi?id=3571 Bug ID: 3571 Summary: Canceling SSH_ASKPASS actually sends an empty string Product: Portable OpenSSH Version: 8.8p1 Hardware: Other OS: Linux Status: NEW

[Bug 3570] New: Add substitution token for explicitly selected IdentityFile for ControlPath selection

https://bugzilla.mindrot.org/show_bug.cgi?id=3570 Bug ID: 3570 Summary: Add substitution token for explicitly selected IdentityFile for ControlPath selection Product: Portable OpenSSH Version: 9.3p1 Hardware: All

[Bug 3153] Prefer user specified keys to avoid the agent overloading MaxAuthTries before even trying the key that was specified

https://bugzilla.mindrot.org/show_bug.cgi?id=3153 Ben changed: What|Removed |Added CC||b...@smokingkangaroo.com --- Comment #6 from Ben

[Bug 3549] Tracking bug for OpenSSH 9.4

https://bugzilla.mindrot.org/show_bug.cgi?id=3549 Bug 3549 depends on bug 3548, which changed state. Bug 3548 Summary: Upgrading from openssl-3.0.8 to openssl-3.1.0 leads to version mismatch error https://bugzilla.mindrot.org/show_bug.cgi?id=3548 What|Removed

[Bug 3548] Upgrading from openssl-3.0.8 to openssl-3.1.0 leads to version mismatch error

https://bugzilla.mindrot.org/show_bug.cgi?id=3548 Darren Tucker changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 3548] Upgrading from openssl-3.0.8 to openssl-3.1.0 leads to version mismatch error

https://bugzilla.mindrot.org/show_bug.cgi?id=3548 --- Comment #10 from Damien Miller --- I withdraw my version of the diff. Darren, do you want to commit yours? IMO we should keep the status check that is in yours but not in the post to the mailing list. -- You are receiving this mail because:

[Bug 3548] Upgrading from openssl-3.0.8 to openssl-3.1.0 leads to version mismatch error

https://bugzilla.mindrot.org/show_bug.cgi?id=3548 Damien Miller changed: What|Removed |Added Attachment #3685||ok- Flags|

[Bug 3548] Upgrading from openssl-3.0.8 to openssl-3.1.0 leads to version mismatch error

https://bugzilla.mindrot.org/show_bug.cgi?id=3548 --- Comment #9 from Sam James --- See also https://marc.info/?l=openssh-unix-dev=168348988530204=2. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.

[Bug 3569] Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 Alex Smith changed: What|Removed |Added Attachment #3697|Adds a command to execute |3) Adds a command to

[Bug 3569] Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 Alex Smith changed: What|Removed |Added Attachment #3696|Adds an option to enter |2) Adds an option to enter

[Bug 3569] Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 Alex Smith changed: What|Removed |Added Attachment #3695|Adds an option to allow |1) Adds an option to allow

[Bug 3569] Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 --- Comment #2 from Alex Smith --- Created attachment 3697 --> https://bugzilla.mindrot.org/attachment.cgi?id=3697=edit Adds a command to execute commands from a local file -- You are receiving this mail because: You are watching the assignee

[Bug 3569] Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 --- Comment #1 from Alex Smith --- Created attachment 3696 --> https://bugzilla.mindrot.org/attachment.cgi?id=3696=edit Adds an option to enter interactive mode after a batch or single transfer -- You are receiving this mail because: You are

[Bug 3569] New: Semi-interactive sftp batch mode

https://bugzilla.mindrot.org/show_bug.cgi?id=3569 Bug ID: 3569 Summary: Semi-interactive sftp batch mode Product: Portable OpenSSH Version: 9.3p1 Hardware: All OS: All Status: NEW Severity: enhancement

[Bug 3568] ctrl-c causes ssh connection to drop

https://bugzilla.mindrot.org/show_bug.cgi?id=3568 --- Comment #3 from Blake D --- (In reply to Blake D from comment #2) > I can't say WHERE the problem is - that's why I'm alerting both > teams. I also posted https://github.com/PowerShell/Win32-OpenSSH/discussions/2064 -- You are receiving

[Bug 3568] ctrl-c causes ssh connection to drop

https://bugzilla.mindrot.org/show_bug.cgi?id=3568 --- Comment #2 from Blake D --- I can't say WHERE the problem is - that's why I'm alerting both teams. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.

[Bug 3568] ctrl-c causes ssh connection to drop

https://bugzilla.mindrot.org/show_bug.cgi?id=3568 Darren Tucker changed: What|Removed |Added CC||dtuc...@dtucker.net --- Comment #1 from

[Bug 3568] New: ctrl-c causes ssh connection to drop

https://bugzilla.mindrot.org/show_bug.cgi?id=3568 Bug ID: 3568 Summary: ctrl-c causes ssh connection to drop Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Windows 10 Status: NEW Severity:

[Bug 3567] CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none

https://bugzilla.mindrot.org/show_bug.cgi?id=3567 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 3567] CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none

https://bugzilla.mindrot.org/show_bug.cgi?id=3567 Darren Tucker changed: What|Removed |Added Attachment #3694|ok?(dtuc...@dtucker.net)|ok+ Flags|

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 3567] CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none

https://bugzilla.mindrot.org/show_bug.cgi?id=3567 Damien Miller changed: What|Removed |Added Attachment #3693|ok?(dtuc...@dtucker.net)| Flags|

[Bug 3567] CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none

https://bugzilla.mindrot.org/show_bug.cgi?id=3567 Damien Miller changed: What|Removed |Added Assignee|unassigned-b...@mindrot.org |d...@mindrot.org CC|

[Bug 3567] New: CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none

https://bugzilla.mindrot.org/show_bug.cgi?id=3567 Bug ID: 3567 Summary: CanonicalizeHostname yes doesn't canonicalize the Hostname with ProxyJump none Product: Portable OpenSSH Version: 9.3p1 Hardware: All

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 --- Comment #5 from RickyDoug --- I totally agree with you that there are few, if any that even build-time support it and none that release binaries packed, at least that I have found. The real issue is someone copied a header file without

[Bug 3566] New: Password expiry warning is printed multiple times when UsePAM is set to yes

https://bugzilla.mindrot.org/show_bug.cgi?id=3566 Bug ID: 3566 Summary: Password expiry warning is printed multiple times when UsePAM is set to yes Product: Portable OpenSSH Version: 8.8p1 Hardware: All OS:

[Bug 3565] keygen do_download_sk() incorrect return value

https://bugzilla.mindrot.org/show_bug.cgi?id=3565 --- Comment #2 from Markus Schmidt --- I'm embarrased and sorry that this happened (this was a major SNAFU on my side that led to seeing this in old code). Sorry for the time wasted on your side, I'll be more careful next time. -- You are

[Bug 3564] When downloading sk keys from a fido token, applications with multiple keys overwrite each other

https://bugzilla.mindrot.org/show_bug.cgi?id=3564 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED Status|NEW

[Bug 3565] keygen do_download_sk() incorrect return value

https://bugzilla.mindrot.org/show_bug.cgi?id=3565 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC|

[Bug 3565] New: keygen do_download_sk() incorrect return value

https://bugzilla.mindrot.org/show_bug.cgi?id=3565 Bug ID: 3565 Summary: keygen do_download_sk() incorrect return value Product: Portable OpenSSH Version: 8.5p1 Hardware: Other OS: Windows 10 Status: NEW

[Bug 3564] New: When downloading sk keys from a fido token, applications with multiple keys overwrite each other

https://bugzilla.mindrot.org/show_bug.cgi?id=3564 Bug ID: 3564 Summary: When downloading sk keys from a fido token, applications with multiple keys overwrite each other Product: Portable OpenSSH Version: 8.5p1 Hardware:

[Bug 3563] New: Connection terminated just after authentication successful when SFTP Server running inside Azure.

https://bugzilla.mindrot.org/show_bug.cgi?id=3563 Bug ID: 3563 Summary: Connection terminated just after authentication successful when SFTP Server running inside Azure. Product: Portable OpenSSH Version: 8.4p1 Hardware:

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 --- Comment #4 from Damien Miller --- The spec might say use 1-byte packing, but I can't find a Unix/Linux implementation that actually does this. OpenSC doesn't: https://github.com/OpenSC/libp11/blob/master/src/pkcs11.h WolfSSL doesn't:

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 --- Comment #3 from RickyDoug --- My apologies. Please ignore the reference to CK_ULONG...that is another issue. Perhaps a re-state is in order: The PKCS11 specification is very clear on byte packing (1 byte), but openssh does not even attempt

[Bug 3562] New: make SSH_ASKPASS and SSH_ASKPASS_REQUIRE available as config options

https://bugzilla.mindrot.org/show_bug.cgi?id=3562 Bug ID: 3562 Summary: make SSH_ASKPASS and SSH_ASKPASS_REQUIRE available as config options Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: All

[Bug 3439] identify password prompts

https://bugzilla.mindrot.org/show_bug.cgi?id=3439 --- Comment #4 from tar.ancalime.nume...@gmail.com --- Hey Darren. Just one question on this: In both cases, the prompt with password and the prefix with keyboard-interactive, are these generated by the ssh client? Cause if e.g. the server

[Bug 3438] env var that is SetEnv'ed multiple times in the same SetEnv directive, is sent/printed several times

https://bugzilla.mindrot.org/show_bug.cgi?id=3438 --- Comment #3 from Christoph Anton Mitterer --- Shall I provide a patch that adds a line like: "If the same variable is give multiple times, only it's first occurrence is considered." to SetEnv / SendEnv? However, for SendEnv it would be

[Bug 3449] LocalForward doesn't support ~/path syntax for UNIX sockets

https://bugzilla.mindrot.org/show_bug.cgi?id=3449 --- Comment #3 from Christoph Anton Mitterer --- Thinking of it again: A ~ in the remote path would IMO *only* make sense to be expanded in the remote context (or not at all, if that's not possible). Cause the remote path if course to be taken

[Bug 3456] provide a way to have forwardings killed, when the remote command/shell finishes

https://bugzilla.mindrot.org/show_bug.cgi?id=3456 --- Comment #6 from Christoph Anton Mitterer --- Thanks Daimen... but still not particularly "user-friendly" in the sense that one still has to write a special command (2x ssh with special options) and cannot simply "ssh host" as usual. Wouldn't

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #2 from

[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 --- Comment #1 from RickyDoug --- This is actually a confused report, mixing two different issues. One is the lack of byte packing. The second is depending on the compiler to set the size of CK_ULONG instead of using stdint.h to specifically set

[Bug 3561] New: Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11

https://bugzilla.mindrot.org/show_bug.cgi?id=3561 Bug ID: 3561 Summary: Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11 Product: Portable OpenSSH Version: 9.3p1 Hardware: Other

[Bug 3559] Mini memory leak and needless(?) const/static qualifier.

https://bugzilla.mindrot.org/show_bug.cgi?id=3559 --- Comment #2 from Markus Schmidt --- On further thought, the function could be abandoned alltogether and the two callers could simply call pkalgs = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key); themselves and free the result. --

[Bug 3560] Memory leak in channels.c

https://bugzilla.mindrot.org/show_bug.cgi?id=3560 Markus Schmidt changed: What|Removed |Added Severity|enhancement |trivial --- Comment #1 from Markus

[Bug 3559] Mini memory leak and needless(?) const/static qualifier.

https://bugzilla.mindrot.org/show_bug.cgi?id=3559 Markus Schmidt changed: What|Removed |Added Severity|enhancement |trivial --- Comment #1 from Markus

[Bug 3560] New: Memory leak in channels.c

https://bugzilla.mindrot.org/show_bug.cgi?id=3560 Bug ID: 3560 Summary: Memory leak in channels.c Product: Portable OpenSSH Version: 8.5p1 Hardware: Other OS: All Status: NEW Severity: enhancement

[Bug 3559] New: Mini memory leak and needless(?) const/static qualifier.

https://bugzilla.mindrot.org/show_bug.cgi?id=3559 Bug ID: 3559 Summary: Mini memory leak and needless(?) const/static qualifier. Product: Portable OpenSSH Version: 8.5p1 Hardware: Other OS: All

[Bug 3558] Spelling "yes" as "Yes" in sshd_config has a fatal result

https://bugzilla.mindrot.org/show_bug.cgi?id=3558 --- Comment #12 from Darren Tucker --- (In reply to Damien Miller from comment #11) > Maybe we could provide a "visudo" like tool to wrap config editing > in sshd -T? I like that even less than leaving it as is. -- You are receiving this mail

[Bug 3558] Spelling "yes" as "Yes" in sshd_config has a fatal result

https://bugzilla.mindrot.org/show_bug.cgi?id=3558 --- Comment #11 from Damien Miller --- Sure, but the current behaviour has the benefit of being obvious and we do provide hooks to verify the config before reloading. Maybe we could provide a "visudo" like tool to wrap config editing in sshd

<    5   6   7   8   9   10   11   12   13   14   >