[Bug 2319] [PATCH REVIEW] U2F authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2319 mm...@e-motz.com changed: What|Removed |Added CC||mm...@e-motz.com --- Comment #17 from mm...@e-motz.com --- A couple of things to mention here, the patch has failed in two different files, which I manually patched, patching file readconf.c Hunk #1 succeeded at 150 (offset 1 line). Hunk #2 succeeded at 199 (offset 1 line). Hunk #3 succeeded at 927 (offset 29 lines). Hunk #4 succeeded at 1673 (offset 52 lines). Hunk #5 FAILED at 1851. Hunk #6 succeeded at 2345 (offset 55 lines). 1 out of 6 hunks FAILED -- saving rejects to file readconf.c.rej readconf.c.rej: --- readconf.c +++ readconf.c @@ -1851,6 +1869,10 @@ fill_default_options(Options * options) options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; + if (options->u2f_authentication == -1) + options->u2f_authentication = 1; + if (options->u2f_mode == NULL) + options->u2f_mode = strdup("authentication"); if (options->use_roaming == -1) options->use_roaming = 1; if (options->visual_host_key == -1) patching file sshkey.c Hunk #3 FAILED at 117. Hunk #4 succeeded at 515 (offset -3 lines). Hunk #5 succeeded at 797 (offset -3 lines). Hunk #6 succeeded at 1276 (offset -4 lines). Hunk #7 succeeded at 2016 (offset -3 lines). Hunk #8 succeeded at 2158 (offset -3 lines). Hunk #9 succeeded at 2212 (offset -3 lines). 1 out of 9 hunks FAILED -- saving rejects to file sshkey.c.rej sshkey.c.rej: --- sshkey.c +++ sshkey.c @@ -117,6 +122,7 @@ static const struct keytype keytypes[] = { # endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ + { "ssh-u2f", "U2F", KEY_U2F, 0, 0 }, { NULL, NULL, -1, -1, 0 } }; and while trying to make openssh the following errors are produced and am unable to solve qr@vpn:~/openssh $ make (cd openbsd-compat && make) make[1]: Entering directory '/home/qr/openssh/openbsd-compat' make[1]: Nothing to be done for 'all'. make[1]: Leaving directory '/home/qr/openssh/openbsd-compat' gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -I/usr/local/include/u2f-host -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c -o sshkey.o sshkey.c:65:17: fatal error: u2f.h: No such file or directory #include "u2f.h" ^ compilation terminated. Makefile:155: recipe for target 'sshkey.o' failed make: *** [sshkey.o] Error 1 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2319] [PATCH REVIEW] U2F authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2319 Adam Goodechanged: What|Removed |Added CC|a...@spicenitz.org | -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2527] New: default algorithms mismatch between man pages and myproposal.h
https://bugzilla.mindrot.org/show_bug.cgi?id=2527 Bug ID: 2527 Summary: default algorithms mismatch between man pages and myproposal.h Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: Documentation Assignee: unassigned-b...@mindrot.org Reporter: i...@f2light.com DEFAULT ALGORITHMs in man pages of ssh_config(5) and sshd_config(5) differ with what openssh actually take. NOTE: the following diff-style sections have the last algorithm ends with ",". It's only for getting pretty diff result. KEX_SERVER_MAC: sshd_config(5) didn't tell me hmac-sha1-...@openssh.com and hman-sha1 is taken by default. --- DOCUMENT_SERVER_MAC +++ CODE_SERVER_MAC umac-64-...@openssh.com, umac-128-...@openssh.com, hmac-sha2-256-...@openssh.com, hmac-sha2-512-...@openssh.com, +hmac-sha1-...@openssh.com, umac...@openssh.com, umac-...@openssh.com, hmac-sha2-256, hmac-sha2-512, +hmac-sha1, KEX_CLIENT_ENCRYPT: rijndael-...@lysator.liu.se is missing in ssh_config(5). --- DOCUMENT_CLIENT_ENCRYPT +++ CODE_CLIENT_ENCRYPT chacha20-poly1...@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-...@openssh.com, aes256-...@openssh.com, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, +rijndael-...@lysator.liu.se, KEX_CLIENT_MAC: hmac-sha1 series has higher priority than them in ssh_config(5), and hmac-ripemd...@openssh.com is removed. (Probably it's just an alias to hmac-ripemd160?) --- DOCUMENT_CLIENT_MAC +++ CODE_CLIENT_MAC umac-64-...@openssh.com, umac-128-...@openssh.com, hmac-sha2-256-...@openssh.com, hmac-sha2-512-...@openssh.com, +hmac-sha1-...@openssh.com, umac...@openssh.com, umac-...@openssh.com, hmac-sha2-256, hmac-sha2-512, +hmac-sha1, hmac-md5-...@openssh.com, -hmac-sha1-...@openssh.com, hmac-ripemd160-...@openssh.com, hmac-sha1-96-...@openssh.com, hmac-md5-96-...@openssh.com, hmac-md5, -hmac-sha1, hmac-ripemd160, -hmac-ripemd...@openssh.com, hmac-sha1-96, hmac-md5-96, P.S.: KEX_SERVER_KEX, KEX_CLIENT_KEX, KEX_DEFAULT_PK_ALG, KEX_SERVER_ENCRYPT are correct. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1773] PKCS#11 authentication fails with "xmalloc: zero size" for some certificates.
https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #9 from Sergey Ivanov--- Any updates on status of this patch? Will it be included in next release? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs