https://bugzilla.mindrot.org/show_bug.cgi?id=2511
--- Comment #3 from Damien Miller ---
oh, and you'll need to add sandbox-solaris.c to SSHDOBJS in Makefile.in
too
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bu
https://bugzilla.mindrot.org/show_bug.cgi?id=2451
Damien Miller changed:
What|Removed |Added
Depends on||2511
Referenced Bugs:
https://bugzilla.
https://bugzilla.mindrot.org/show_bug.cgi?id=2512
Damien Miller changed:
What|Removed |Added
CC||d...@mindrot.org
--- Comment #1 from Dami
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Alex Wilson changed:
What|Removed |Added
Attachment #2761|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
--- Comment #5 from Damien Miller ---
(In reply to Alex Wilson from comment #4)
> I did have one other question/comment -- from what I can tell, the
> pledge() call in ssh-agent seems to be broader than it needs to be:
> it's currently allowing "
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Damien Miller changed:
What|Removed |Added
CC||dtuc...@zip.com.au
Attachment #2770|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Alex Wilson changed:
What|Removed |Added
Attachment #2770|ok?(dtuc...@zip.com.au) |
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Alex Wilson changed:
What|Removed |Added
Attachment #2771|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2512
--- Comment #2 from Jakub Jelen ---
The thing is that systemd provides network-online.target [1] and
network.target [2], but the specification what does it mean is quite
vague and it does not tell (for example) which network interface is
ready on
https://bugzilla.mindrot.org/show_bug.cgi?id=2517
Bug ID: 2517
Summary: GitHub version doesn't include ChangeLog
Product: Portable OpenSSH
Version: 6.8p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: en
https://bugzilla.mindrot.org/show_bug.cgi?id=2517
Venkat Yekkirala changed:
What|Removed |Added
Version|6.8p1 |7.1p1
--
You are receiving this mail
https://bugzilla.mindrot.org/show_bug.cgi?id=2518
Bug ID: 2518
Summary: docs: remove redundant lists of algorithms
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhan
https://bugzilla.mindrot.org/show_bug.cgi?id=2517
Damien Miller changed:
What|Removed |Added
CC||d...@mindrot.org
Resolution|---
https://bugzilla.mindrot.org/show_bug.cgi?id=2518
Damien Miller changed:
What|Removed |Added
CC||d...@mindrot.org
--- Comment #1 from Dami
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Damien Miller changed:
What|Removed |Added
Attachment #2772|0 |1
is patch|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Damien Miller changed:
What|Removed |Added
Attachment #2772||ok?(dtuc...@zip.com.au)
Flag
https://bugzilla.mindrot.org/show_bug.cgi?id=2518
--- Comment #2 from Gleb Fotengauer-Malinovskiy ---
(In reply to Damien Miller from comment #1)
> why?
Because entities must not be multiplied beyond necessity. These lists
really are the same KEX_DEFAULT_PK_ALG.
I think it is easier to read and
https://bugzilla.mindrot.org/show_bug.cgi?id=2517
--- Comment #2 from Venkat Yekkirala ---
Thanks for the info. One other newbie question:
In the release tarball, there are some *.0 man pages. I would be
grateful for insight into their generation and how they differ from the
regular man pages th
https://bugzilla.mindrot.org/show_bug.cgi?id=2517
Darren Tucker changed:
What|Removed |Added
CC||dtuc...@zip.com.au
--- Comment #3 from Da
https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Damien Miller changed:
What|Removed |Added
CC||kenneth.schm...@pnnl.gov
--- Comment #8 f
https://bugzilla.mindrot.org/show_bug.cgi?id=2102
Damien Miller changed:
What|Removed |Added
Resolution|--- |DUPLICATE
CC|
https://bugzilla.mindrot.org/show_bug.cgi?id=2518
Darren Tucker changed:
What|Removed |Added
CC||dtuc...@zip.com.au
--- Comment #3 from Da
https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Damien Miller changed:
What|Removed |Added
Attachment #2504|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Damien Miller changed:
What|Removed |Added
Attachment #2441|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Damien Miller changed:
What|Removed |Added
Summary|PAM enhancements for|specify PAM service name,
https://bugzilla.mindrot.org/show_bug.cgi?id=2519
Bug ID: 2519
Summary: Obsolete SSHv1 config options
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Darren Tucker changed:
What|Removed |Added
Attachment #2772|ok?(dtuc...@zip.com.au) |ok+
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
--- Comment #11 from Damien Miller ---
hmm, that latest patch doesn't build:
gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o
sshconnect1.o sshconnect2.o mux.o roaming_common.o roaming_client.o -L.
-Lopenbsd-compat/ -Wl,-z,relro -W
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
--- Comment #12 from Damien Miller ---
actually, it would pull in a bit of stuff - it calls into the PAM code.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
--- Comment #13 from Darren Tucker ---
(In reply to Damien Miller from comment #12)
> actually, it would pull in a bit of stuff - it calls into the PAM
> code.
maybe move it to platform-pledge.c or platform-privdrop.c or something?
Adding all th
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Alex Wilson changed:
What|Removed |Added
Attachment #2772|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2512
--- Comment #3 from Jakub Jelen ---
(In reply to Damien Miller from comment #1)
> Why can't systemd start sshd after the interfaces have been brought
> up?
It is the default behaviour to depend on network.target, which waits
before interface is u
https://bugzilla.mindrot.org/show_bug.cgi?id=2512
--- Comment #4 from Damien Miller ---
(In reply to Jakub Jelen from comment #3)
> You can set the dependency on network-online.target, but it brings
> other dependencies in the boot sequence and slows down the boot.
Doesn't this only affect user
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
Georg Sauthoff changed:
What|Removed |Added
CC||mind...@georg.so
--
You are receiving t
https://bugzilla.mindrot.org/show_bug.cgi?id=2480
--- Comment #4 from Fabiano FidĂȘncio ---
As asked by Damien, let me summarize why I do need this change on this
bug report.
Here is the rationale:
As usually I am doing a considerable amount of development on Virtual
Machines and usually I don't
https://bugzilla.mindrot.org/show_bug.cgi?id=2520
Bug ID: 2520
Summary: ssh-keygen: sanitize ANSI escape sequences in key
comment
Product: Portable OpenSSH
Version: 7.1p1
Hardware: amd64
OS: Linux
https://bugzilla.mindrot.org/show_bug.cgi?id=2520
--- Comment #1 from Roland Hieber ---
Created attachment 2776
--> https://bugzilla.mindrot.org/attachment.cgi?id=2776&action=edit
screenshot showing the output from ssh-keygen on the public key
--
You are receiving this mail because:
You are w
https://bugzilla.mindrot.org/show_bug.cgi?id=2520
--- Comment #2 from Roland Hieber ---
Created attachment 2777
--> https://bugzilla.mindrot.org/attachment.cgi?id=2777&action=edit
proposed patch
--
You are receiving this mail because:
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Bug ID: 2521
Summary: subtract buffer size from computed rekey limit to
avoid exceeding it
Product: Portable OpenSSH
Version: 6.8p1
Hardware: amd64
OS: Linux
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
--- Comment #1 from Aleksander Adamowski ---
BTW, this seems to rebase cleanly against today's master branch head:
https://github.com/aadamowski/openssh-portable/commit/60245fa4daec43aba8bde860fa2afab983270cc5
It does compile and sshd starts up.
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Damien Miller changed:
What|Removed |Added
Attachment #2778|application/octet-stream|text/plain
mime type|
https://bugzilla.mindrot.org/show_bug.cgi?id=2520
Damien Miller changed:
What|Removed |Added
CC||d...@mindrot.org
--- Comment #3 from Dami
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Damien Miller changed:
What|Removed |Added
CC||d...@mindrot.org,
|
https://bugzilla.mindrot.org/show_bug.cgi?id=2512
--- Comment #5 from Jakub Jelen ---
(In reply to Damien Miller from comment #4)
> (In reply to Jakub Jelen from comment #3)
>
> > You can set the dependency on network-online.target, but it brings
> > other dependencies in the boot sequence and s
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
--- Comment #3 from Aleksander Adamowski ---
Yeah, I've noticed commit e91346d (we don't use Github for
issues/pull-requests). That's why I came here, to Bugzilla.
--
You are receiving this mail because:
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
Les Aker changed:
What|Removed |Added
CC||m...@lesaker.org
--
You are receiving this ma
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Darren Tucker changed:
What|Removed |Added
Attachment #2774|ok?(dtuc...@zip.com.au) |ok+
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Darren Tucker changed:
What|Removed |Added
Attachment #2778|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Darren Tucker changed:
What|Removed |Added
Attachment #2780||ok?(d...@mindrot.org)
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Darren Tucker changed:
What|Removed |Added
Status|NEW |ASSIGNED
Assignee|unassigned-b.
https://bugzilla.mindrot.org/show_bug.cgi?id=2515
Darren Tucker changed:
What|Removed |Added
Attachment #2767|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Damien Miller changed:
What|Removed |Added
Resolution|--- |FIXED
Status|NEW
https://bugzilla.mindrot.org/show_bug.cgi?id=2451
Bug 2451 depends on bug 2511, which changed state.
Bug 2511 Summary: Drop fine-grained privileges on Illumos/Solaris
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
What|Removed |Added
-
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Damien Miller changed:
What|Removed |Added
Attachment #2779|ok?(d...@mindrot.org)|ok+
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Damien Miller changed:
What|Removed |Added
Attachment #2780|ok?(d...@mindrot.org)|ok+
Flags|
https://bugzilla.mindrot.org/show_bug.cgi?id=2522
Bug ID: 2522
Summary: Key parser should reflect errors from OpenSSL
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Keywords
https://bugzilla.mindrot.org/show_bug.cgi?id=2523
Bug ID: 2523
Summary: An RSA private key file consistently gives "Badd
Passphrase" errors, but worked before
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
https://bugzilla.mindrot.org/show_bug.cgi?id=2523
Jakub Jelen changed:
What|Removed |Added
CC||jje...@redhat.com
--- Comment #1 from Jakub
https://bugzilla.mindrot.org/show_bug.cgi?id=2523
--- Comment #2 from Tom Horsley ---
A more descriptive error than "bad passphrase" would make this more
obvious :-).
--
You are receiving this mail because:
You are watching the assignee of the bug.
__
https://bugzilla.mindrot.org/show_bug.cgi?id=2038
Peter Tripp changed:
What|Removed |Added
CC||pe...@chartio.com
--
You are receiving thi
https://bugzilla.mindrot.org/show_bug.cgi?id=2524
Bug ID: 2524
Summary: config file option to limit the lifetime of added keys
Product: Portable OpenSSH
Version: 7.1p1
Hardware: 68k
OS: Mac OS X
Status: NEW
https://bugzilla.mindrot.org/show_bug.cgi?id=2524
Martin HĂ€cker changed:
What|Removed |Added
Hardware|68k |ix86
--
You are receiving this mail beca
https://bugzilla.mindrot.org/show_bug.cgi?id=2524
Robert changed:
What|Removed |Added
CC||rhb...@rbu.sh
--
You are receiving this mail be
https://bugzilla.mindrot.org/show_bug.cgi?id=2524
Robert changed:
What|Removed |Added
CC||rhb...@rbu.sh
--
You are receiving this mail be
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
Bug ID: 2525
Summary: Please add an alias such as -o Insecure for -o
UserKnownHostsFile=/dev/null -o
StrictHostKeyChecking=no
Product: Portable OpenSSH
Version: 6.
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
bugme...@mailinator.com changed:
What|Removed |Added
CC||bugme...@mailinator.com
--- Comm
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
Darren Tucker changed:
What|Removed |Added
CC||dtuc...@zip.com.au
--- Comment #1 from Da
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
--- Comment #2 from Michael J Evans ---
The intended use is /precisely for/ //non-permanent// systems.
I've already included example use cases:
* Systems running a rescue shell (which might normally host an SSH
server or which might even normall
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
Darren Tucker changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bugzilla.mindrot.org/show_bug.cgi?id=2526
Bug ID: 2526
Summary: Support for transparent proxying
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
https://bugzilla.mindrot.org/show_bug.cgi?id=2526
Joel Lehtonen changed:
What|Removed |Added
CC||joel.lehto...@iki.fi
--
You are receivin
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
mm...@e-motz.com changed:
What|Removed |Added
CC||mm...@e-motz.com
--- Comment #17 from m
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
Adam Goode changed:
What|Removed |Added
CC|a...@spicenitz.org |
--
You are receiving this mail because:
Yo
https://bugzilla.mindrot.org/show_bug.cgi?id=1773
--- Comment #9 from Sergey Ivanov ---
Any updates on status of this patch?
Will it be included in next release?
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=2527
Bug ID: 2527
Summary: default algorithms mismatch between man pages and
myproposal.h
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
Jakub Jelen changed:
What|Removed |Added
Attachment #2710|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2319
--- Comment #19 from mm...@e-motz.com ---
(In reply to Jakub Jelen from comment #18)
> Created attachment 2782 [details]
> U2F patch @ master
>
> My previous patch was missing few files (that you could get from the
> original patch) and therefore
https://bugzilla.mindrot.org/show_bug.cgi?id=2528
Bug ID: 2528
Summary: sftp "put -r ." broken starting with 6.8
Product: Portable OpenSSH
Version: 6.8p1
Hardware: All
OS: All
Status: NEW
Severity: normal
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
Michael J Evans changed:
What|Removed |Added
Resolution|WONTFIX |---
Status|RESOLVED
https://bugzilla.mindrot.org/show_bug.cgi?id=2525
Darren Tucker changed:
What|Removed |Added
Resolution|--- |WONTFIX
Status|REOPENED
https://bugzilla.mindrot.org/show_bug.cgi?id=2529
Bug ID: 2529
Summary: direct-streamlocal channel open doesn't match PROTOCOL
documentation
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
https://bugzilla.mindrot.org/show_bug.cgi?id=2530
Bug ID: 2530
Summary: Client does not differentiate between more keys on
Smart card, signs always with first one
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
https://bugzilla.mindrot.org/show_bug.cgi?id=2531
Bug ID: 2531
Summary: MaxSessions config parameter name is highly ambigious
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: Linux
Status: NEW
Se
https://bugzilla.mindrot.org/show_bug.cgi?id=2532
Bug ID: 2532
Summary: MaxSessions config parameter name is highly ambigious
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: Linux
Status: NEW
Se
https://bugzilla.mindrot.org/show_bug.cgi?id=2532
Jakub Jelen changed:
What|Removed |Added
Resolution|--- |DUPLICATE
Status|NEW
https://bugzilla.mindrot.org/show_bug.cgi?id=2531
--- Comment #1 from Jakub Jelen ---
*** Bug 2532 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs maili
https://bugzilla.mindrot.org/show_bug.cgi?id=2531
Jakub Jelen changed:
What|Removed |Added
CC||jje...@redhat.com
--- Comment #2 from Jakub
https://bugzilla.mindrot.org/show_bug.cgi?id=2531
--- Comment #3 from DarkTrick ---
ow, I didn't know, that it was added 8 years ago. Never checked the
date. So renaming of cause is not an option.
I would suggest to make it clear, that this is about multiplexing of
*one* connection and not about
https://bugzilla.mindrot.org/show_bug.cgi?id=2150
Ammon changed:
What|Removed |Added
CC||i589kvp...@kraqer.e4ward.co
|
https://bugzilla.mindrot.org/show_bug.cgi?id=2150
Ammon changed:
What|Removed |Added
Hardware|Other |amd64
OS|All
https://bugzilla.mindrot.org/show_bug.cgi?id=2150
Iain Morgan changed:
What|Removed |Added
Version|6.9p1 |-current
Hardware|amd64
https://bugzilla.mindrot.org/show_bug.cgi?id=2150
--- Comment #5 from Ammon ---
Please forgive the various mistakes I made. In my defence, if the
information on this page was not meant to be edited by the public then
it should not be able to be edited by the public. I will not waste time
with rea
https://bugzilla.mindrot.org/show_bug.cgi?id=2533
Bug ID: 2533
Summary: do not check if HostKeyAgent is available on ssdh
startup
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
St
https://bugzilla.mindrot.org/show_bug.cgi?id=2534
Bug ID: 2534
Summary: option to get host key list from HostKeyAgent
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: en
https://bugzilla.mindrot.org/show_bug.cgi?id=2252
Roland Friedwagner changed:
What|Removed |Added
CC||r.friedwag...@gmail.com
--
You are
https://bugzilla.mindrot.org/show_bug.cgi?id=2501
--- Comment #1 from Thordur Bjornsson ---
Worth keeping this open ?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Darren Tucker changed:
What|Removed |Added
Attachment #2779|0 |1
is obsolete|
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
Damien Miller changed:
What|Removed |Added
Assignee|dtuc...@zip.com.au |d...@mindrot.org
--- Comment #7 from Dami
https://bugzilla.mindrot.org/show_bug.cgi?id=2535
Bug ID: 2535
Summary: Undefined behaviour of *printf in DISPLAY handling
code
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
https://bugzilla.mindrot.org/show_bug.cgi?id=2521
--- Comment #8 from Aleksander Adamowski ---
Hi djm,
TL;DR: Good news, I've retested your refactor patch (attachment 2783
applied on top of current OpenSSH git master head) on CentOS 6 with
downgraded OpenSSL (that enforces AES-GCM 64G limit) and
1 - 100 of 18112 matches
Mail list logo