[Bug 3564] When downloading sk keys from a fido token, applications with multiple keys overwrite each other
https://bugzilla.mindrot.org/show_bug.cgi?id=3564 Damien Miller changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED CC||d...@mindrot.org --- Comment #1 from Damien Miller --- Please check the current version before reporting bugs. This was fixed in OpenSSH 8.9. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3565] keygen do_download_sk() incorrect return value
https://bugzilla.mindrot.org/show_bug.cgi?id=3565 Damien Miller changed: What|Removed |Added Status|NEW |RESOLVED CC||d...@mindrot.org Resolution|--- |INVALID --- Comment #1 from Damien Miller --- This was fixed before openssh-8.5 and the code has looked like this for the almost the last three years: 3034 if (i >= nkeys) 3035 ret = 0; /* success */ 3036 if (pass != NULL) 3037 freezero(pass, strlen(pass)); 3038 for (i = 0; i < nkeys; i++) 3039 sshkey_free(keys[i]); 3040 free(keys); 3041 return ret; 3042 } -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3565] New: keygen do_download_sk() incorrect return value
https://bugzilla.mindrot.org/show_bug.cgi?id=3565 Bug ID: 3565 Summary: keygen do_download_sk() incorrect return value Product: Portable OpenSSH Version: 8.5p1 Hardware: Other OS: Windows 10 Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassigned-b...@mindrot.org Reporter: m.schm...@emtec.com do_download_sk(const char *skprovider, const char *device) in ssh-keygen.c returns an incorrect value, causing the ssh-keygen -K to exit with error when all is ok and vice versa. The end of function looks like this: if (i >= nkeys) ret = 0; /* success */ if (pass != NULL) freezero(pass, strlen(pass)); for (i = 0; i < nkeys; i++) sshkey_free(keys[i]); free(keys); return ret ? 0 : -1; Since ret = 0 is marked as success (see comment above and usual convention in openssh), just ret should be returned (the return value makes its way to the program as the exit code). -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3564] New: When downloading sk keys from a fido token, applications with multiple keys overwrite each other
https://bugzilla.mindrot.org/show_bug.cgi?id=3564 Bug ID: 3564 Summary: When downloading sk keys from a fido token, applications with multiple keys overwrite each other Product: Portable OpenSSH Version: 8.5p1 Hardware: Other OS: Windows 10 Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: unassigned-b...@mindrot.org Reporter: m.schm...@emtec.com Static function do_download_sk(const char *skprovider, const char *device) in ssh-keygen has a loop that goes over the returned keys for the given sk-application. However, if an application has more than one keys, the name of the output file will be the same for all keys (e.g. id_ecdsa_sk_rk_mydomain), prompting the user to overwrite the first key with the 2nd, etc. I believe it would be useful (or more correct) to give subsequent keys a numbering scheme, e.g. id_ecdsa_sk_rk_mydomain, id_ecdsa_sk_rk_mydomain2, id_ecdsa_sk_rk_mydomain3, etc. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3563] New: Connection terminated just after authentication successful when SFTP Server running inside Azure.
https://bugzilla.mindrot.org/show_bug.cgi?id=3563 Bug ID: 3563 Summary: Connection terminated just after authentication successful when SFTP Server running inside Azure. Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: major Priority: P5 Component: ssh Assignee: unassigned-b...@mindrot.org Reporter: neeraj.g.gu...@ericsson.com Created attachment 3691 --> https://bugzilla.mindrot.org/attachment.cgi?id=3691&action=edit Strace and Tcpdump SFTP Server : Azure Blob Storage SFTP Client : openssh 8.4p1 Command using which tried to make the connection : When ssh binary using sftp subsystem running on linux machine is trying to connect to SFTP Server running inside MS Azure. ./ssh -oForwardX11=no -oForwardAgent=no -oProtocol=2 -l steisevadevsan1.emm -oIdentityFile=/dev/null -oNumberOfPasswordPrompts=1 -oPreferredAuthentications=password -oPubkeyAuthentication=no -oRhostsAuthentication=no -oRhostsRSAAuthentication=no -oRSAAuthentication=no -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no -s -oport=22 -vvv 10.250.0.37 sftp” Connection fails with following error : Transferred: sent 1936, received 1160 bytes, in 0.1 seconds Bytes per second: sent 35879.4, received 21498.0 debug1: Exit status 5000 Complete strace and tcpdump are attached. -- You are receiving this mail because: You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
