[Bug 2319] [PATCH REVIEW] U2F authentication

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2319

Jakub Jelen  changed:

   What|Removed |Added

   Attachment #2710|0   |1
is obsolete||

--- Comment #18 from Jakub Jelen  ---
Created attachment 2782
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2782=edit
U2F patch @ master

My previous patch was missing few files (that you could get from the
original patch) and therefore few people wrote me. Adding rebased patch
to current master with all the files.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2525] Please add an alias such as -o Insecure for -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2525

Michael J Evans  changed:

   What|Removed |Added

 Resolution|WONTFIX |---
 Status|RESOLVED|REOPENED

--- Comment #4 from Michael J Evans  ---
I disagree with /your/ opinion.  As a user who frequently has temporary
systems up for service I already effectively use -o Insecure, but via
shell scripts which provide an incomplete solution and a clunkier
interface.  I know I am not the only one who makes such connections. 
Just because /your/ use cases are satisfied by providing longer harder
to remember configurations on the command line or by coding in to more
persistent configuration files one time exceptions does not mean that
the use cases of others is satisfied.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2528] New: sftp "put -r ." broken starting with 6.8

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2528

Bug ID: 2528
   Summary: sftp "put -r ." broken starting with 6.8
   Product: Portable OpenSSH
   Version: 6.8p1
  Hardware: All
OS: All
Status: NEW
  Severity: normal
  Priority: P5
 Component: sftp
  Assignee: unassigned-b...@mindrot.org
  Reporter: vap...@gentoo.org

here's the testcase:
  cd ~/
  rm -rf test x
  mkdir -p x/test
  touch x/test/{1,2,3}
  cd x
  sftp localhost <<<'put -r .'

with openssh-6.7 and older, you'd get:
Connected to localhost.
sftp> put -r .
Uploading ./ to /home/vapier/.
Entering ./
Entering ./test
./test/3   100%0 0.0KB/s   00:00
./test/2   100%0 0.0KB/s   00:00
./test/1   100%0 0.0KB/s   00:00

starting with openssh-6.8, you get:
Connected to localhost.
sftp> put -r .
Uploading ./ to /home/vapier/.
Entering ./

and nothing is actually uploaded.  the failure is due to the remote
doing mkdir(/home/vapier/.), getting EEXIST, and then returning an
error to the client which makes it stop.

bisecting the public github repo shows the first bad commit is this
one:
https://github.com/openssh/openssh-portable/commit/7d845f4a0b7ec97887be204c3760e44de8bf1f32
(i had to cherry pick 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b and
83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae to get it to build)

its parent obviously works fine too:
https://github.com/openssh/openssh-portable/commit/139ca81866ec1b219c717d17061e5e7ad1059e2a

it might be that the new one is doing more error checking, but it seems
like the server or client should handle EEXIST correctly.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2319] [PATCH REVIEW] U2F authentication

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2319

--- Comment #19 from mm...@e-motz.com ---
(In reply to Jakub Jelen from comment #18)
> Created attachment 2782 [details]
> U2F patch @ master
> 
> My previous patch was missing few files (that you could get from the
> original patch) and therefore few people wrote me. Adding rebased
> patch to current master with all the files.

This resolved the aforementioned errors for me. 

After completing u2f support on both client and server, however, There
still seems to be problems.

qr@host:~$  ssh -o U2FMode=registration vpn > /tmp/u2f-key.pub
sign_and_send_pubkey: signing failed: unexpected internal error
qr@vpn's password:

The terminal becomes frozen at this point and the tmp file is created,
but is blank. Is there any client side configuration that needs to be
modified for U2F support or could the issue be somewhere else?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs