[Bug 2323] Two factor authentication with two different SSH keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2323 Damien Miller d...@mindrot.org changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #2 from Damien Miller d...@mindrot.org --- Patch applied. This will be in openssh-6.8 - thanks! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2324] remote port forward w/ empty bind_address via multiplexed connection: doc violation
https://bugzilla.mindrot.org/show_bug.cgi?id=2324 Damien Miller d...@mindrot.org changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Damien Miller d...@mindrot.org --- Patch applied. This will be in openssh-6.8 - thanks! -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2323, which changed state. Bug 2323 Summary: Two factor authentication with two different SSH keys https://bugzilla.mindrot.org/show_bug.cgi?id=2323 What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2324, which changed state. Bug 2324 Summary: remote port forward w/ empty bind_address via multiplexed connection: doc violation https://bugzilla.mindrot.org/show_bug.cgi?id=2324 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2289] arandom(4) as documented in sshd_config(5)’s ChrootDirectory option does not exist on all platforms
https://bugzilla.mindrot.org/show_bug.cgi?id=2289 Damien Miller d...@mindrot.org changed: What|Removed |Added CC||d...@mindrot.org Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Damien Miller d...@mindrot.org --- it's already gone in HEAD (will be openssh-6.8) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2287, which changed state. Bug 2287 Summary: AuthorizedKeysCommandUser should have it's default documented https://bugzilla.mindrot.org/show_bug.cgi?id=2287 What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2287] AuthorizedKeysCommandUser should have it's default documented
https://bugzilla.mindrot.org/show_bug.cgi?id=2287 Damien Miller d...@mindrot.org changed: What|Removed |Added Resolution|--- |FIXED Status|REOPENED|RESOLVED --- Comment #3 from Damien Miller d...@mindrot.org --- tweaked: revision 1.186 date: 2014/12/22 08:04:23; author: djm; state: Exp; lines: +8 -4; commitid: GUvlwbDWDq69eUhh; correct description of what will happen when a AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd will refuse to start) -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Damien Miller d...@mindrot.org changed: What|Removed |Added Depends on||2288 -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2290, which changed state. Bug 2290 Summary: documentation of algorithms https://bugzilla.mindrot.org/show_bug.cgi?id=2290 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Damien Miller d...@mindrot.org changed: What|Removed |Added Depends on||2290 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2288] documentation of options defaulting to none
https://bugzilla.mindrot.org/show_bug.cgi?id=2288 Damien Miller d...@mindrot.org changed: What|Removed |Added Resolution|FIXED |--- Status|RESOLVED|REOPENED --- Comment #2 from Damien Miller d...@mindrot.org --- oops, wrong bug -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2321] please add a symbol to ControlPath, which expands to (a hash of) the identity
https://bugzilla.mindrot.org/show_bug.cgi?id=2321 Damien Miller d...@mindrot.org changed: What|Removed |Added Status|NEW |RESOLVED CC||d...@mindrot.org Resolution|--- |WONTFIX --- Comment #1 from Damien Miller d...@mindrot.org --- I don't think this is particularly useful - you could achieve your goal using Host sections in ssh_config and there are a few corner cases that would make this fiddly and fragile if implemented. E.g. it might have some use if there was only one key supplied, but it is confusing if multiple keys are available. ssh wouldn't know which one would be successful at startup and would need to remember which and pass it through to the mux socket creation later. Worse, it's possible to authenticate using multiple public keys. Which should be included in this case? There are too many caveats and corner cases to justify this change's limited usefulness, sorry. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2270] AuthenticationMethods - partial success is considered as failure
https://bugzilla.mindrot.org/show_bug.cgi?id=2270 Petr Lautrbach plaut...@redhat.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Petr Lautrbach plaut...@redhat.com --- I believe this is fixed in the latest tree. Thanks. commit 058f839fe15c51be8b3a844a76ab9a8db550be4f Author: d...@openbsd.org d...@openbsd.org Date: Thu Dec 18 23:58:04 2014 + upstream commit don't count partial authentication success as a failure against MaxAuthTries; ok deraadt@ -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2270] AuthenticationMethods - partial success is considered as failure
https://bugzilla.mindrot.org/show_bug.cgi?id=2270 Damien Miller d...@mindrot.org changed: What|Removed |Added CC||d...@mindrot.org Blocks||2266 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Damien Miller d...@mindrot.org changed: What|Removed |Added Depends on||2270 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching the reporter of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2328] Per-user certificate revocation list (CRL) in authorized_keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2328 --- Comment #1 from martin f. krafft bugzilla.mindrot@pobox.madduck.net --- It just occured to me that this could probably trivially be enabled giving access to %h and %u like AuthorizedKeysFile to sshd_config's RevokedKeys. It would still mean only one CRL per user, whereas a pointer in the actual authorized_keys file would mean one CRL per CA, which is what it should be. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2328] Per-user certificate revocation list (CRL) in authorized_keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2328 Damien Miller d...@mindrot.org changed: What|Removed |Added CC||d...@mindrot.org --- Comment #2 from Damien Miller d...@mindrot.org --- Having authorized_keys refer to other files is probably too much work (it's tricky because of privilege separation), but it should at least support revoking specific keys. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2287] AuthorizedKeysCommandUser should have it's default documented
https://bugzilla.mindrot.org/show_bug.cgi?id=2287 --- Comment #4 from Christoph Anton Mitterer cales...@scientia.net --- Thanks :-) -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2320] end-of-line comments work in sshd_config but not in ssh_config
https://bugzilla.mindrot.org/show_bug.cgi?id=2320 Damien Miller d...@mindrot.org changed: What|Removed |Added CC||d...@mindrot.org --- Comment #1 from Damien Miller d...@mindrot.org --- Created attachment 2519 -- https://bugzilla.mindrot.org/attachment.cgi?id=2519action=edit Strip comments from ssh config files -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Damien Miller d...@mindrot.org changed: What|Removed |Added Depends on||2296 -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2266] Bugs intended to be fixed in 6.8
https://bugzilla.mindrot.org/show_bug.cgi?id=2266 Bug 2266 depends on bug 2296, which changed state. Bug 2296 Summary: loginrec.c fails to compile when HAVE_ADDR_V6_IN_UTMP is defined https://bugzilla.mindrot.org/show_bug.cgi?id=2296 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2296] loginrec.c fails to compile when HAVE_ADDR_V6_IN_UTMP is defined
https://bugzilla.mindrot.org/show_bug.cgi?id=2296 Damien Miller d...@mindrot.org changed: What|Removed |Added Blocks||2266 CC||d...@mindrot.org Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Damien Miller d...@mindrot.org --- patch applied - will be in openssh-6.8. Thanks! -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs