keyword (in addition to the suggestion below).
Regards
Tilo
Am 28.01.21 um 14:32 schrieb Tilo Eckert:
Hi,
~/.ssh/config can contain multiple lines with the "IdentityFile" keyword
to add multiple keys to try in public key authentication.
The libssh config parser ignores all but the first
Hi,
~/.ssh/config can contain multiple lines with the "IdentityFile" keyword
to add multiple keys to try in public key authentication.
The libssh config parser ignores all but the first IdentityFile line,
resulting in failed authentication if the key that is accepted by the
server is not
Hi Carlos
I already implemented a basic API some time ago, which is used in
production. Maybe it can serve you as a starting point. The API is very
raw, but it works. It allows you to trigger an arbitrary number of
concurrent async SFTP reads and writes and to fetch the results later
using
Am 14.02.2020 um 14:19 schrieb Anderson Sasaki:
> The values in the local configuration have priority over the values in the
> global configuration.
>
> In the client values set through configuration files will follow OpenSSH's
> way, where the first value seen is kept, independently on that
e overriding behavior of the
ssh_connect() function.
TL;DR
Is it intentional that libssh options priority is the exact opposite of
what OpenSSH does? If yes, why?
Wouldn't it be more reasonable if options from autoloaded config files
are only applied if not already set?
Regards,
Tilo Eckert
Am 23.01.2020 um 10:00 schrieb Andreas Schneider:
> On Wednesday, 22 January 2020 17:40:04 CET Tilo Eckert wrote:
>> Am 22.01.2020 um 13:56 schrieb g4-l...@tonarchiv.ch:
>>> For Windows I can find documentation of "z" as supported spezifier:
>>> https://d
Am 22.01.2020 um 13:56 schrieb g4-l...@tonarchiv.ch:
> For Windows I can find documentation of "z" as supported spezifier:
>
Am 22.01.2020 um 08:49 schrieb Andreas Schneider:
> On Thursday, 16 January 2020 12:55:07 CET g4-l...@tonarchiv.ch wrote:
According to that you need to compile with:
cmake -DCMAKE_C_FLAGS="-D__USE_MINGW_ANSI_STDIO=1" ..
>>>
>>> Alternative seems to be:
>>>
>>>
Am 23.04.2019 um 20:44 schrieb Paul Beerkens:
> From an example I copy pasted:
>
> rc = ssh_userauth_publickey_auto(my_ssh_session, NULL,NULL);
> if (rc == SSH_AUTH_ERROR)
>
>
> But that does not cover SS_SSH_AUTH_DENIED.
>
>
> I simply need to change it to cover SSH_AUTH_DENIED.
>
>
>
Am 09.04.2019 um 12:39 schrieb g4-l...@tonarchiv.ch:
>> check whether you already sent it before: channel->local_eof != 0
> BTW channel properties are not exposed to client code. So maybe this
> check should be added directly to channel_send_eof()?
Yes, I think so, too. It does not really make
Am 08.04.2019 um 20:54 schrieb g4-l...@tonarchiv.ch:
>> I'm using connectors for a direct-tcp client. So this creates two
>> connectors FD in --> channel out and vice versa.
>>
>> Now when the socket forwarding peer (not the ssh server) closes the
>> connection, i.e. reading on the socket returns
to create a channel for each
command because the channel is closed when the command ends. Channel
reuse is not possible when running single commands. SFTP channels can be
reused.
Regards
Tilo Eckert
Am 30.03.2019 um 10:51 schrieb Stefano Mtangoo:
> Until now I have been using libssh on the main thr
polled. So, you need to regularly call
any libssh function that reads from or writes to the socket and check if
that fails.
Best regards
Tilo Eckert
Am 14.03.2019 um 07:57 schrieb Stefano Mtangoo:
> Hi,
> This library have made my life simpler and would like to thank everyone
> involded.
> I
Am 25.02.2019 um 11:51 schrieb g4-l...@tonarchiv.ch:
> On 25.02.19 11:18, Tilo Eckert wrote:
>
>> 3) My data callback is executed exactly once for every received channel
>> data packet. I think this should be changed to be more user-friendly:
>> The data callback shoul
re is not enough
data to process). That would make it easier to implement custom protocol
handlers via callbacks. For example, a data callback that processes a
single line of text per call would no longer require a loop in the
callback function, leading to code that is easier to read.
Regards,
Tilo Eckert
gt; Hello Tilo,
> Thank you for the valuable comments. See the comments inline.
>
> On Mon, 2018-11-26 at 10:58 +0100, Tilo Eckert wrote:
>> Hello Jakub,
>>
>> I explored a similar solution to yours as an alternative, but
>> encountered the same ECDSA issue you men
omething (I hope) is simpler, but
> should do the same thing:
>
> https://gitlab.com/jjelen/libssh-mirror/commits/rsa-sha2-bug
>
> Could you check if this looks good and works for you?
>
> Thanks,
> Jakub
>
>
> On Wed, 2018-11-21 at 12:03 +0100, Tilo Eckert w
more issues like
> this throughout the code.
>
> Would you like to submit a patch for these two issues?
>
> Thanks,
>
From 463e7cd33561ccbf59570da662ba02fd7279731c Mon Sep 17 00:00:00 2001
From: Tilo Eckert
Date: Tue, 13 Nov 2018 15:45:47 +0100
Subject: [PATCH 1/7] pki: Ad
rom: Tilo Eckert
Date: Thu, 15 Nov 2018 10:37:30 +0100
Subject: [PATCH 7/8] socket: Add missing braces
Signed-off-by: Tilo Eckert
---
src/socket.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/socket.c b/src/socket.c
index 6012c46e..20831185 100644
--- a/src/socket.c
UFFIX})
to
> set(CHROOT_WRAPPER_LIBRARY
> ${CMAKE_CURRENT_BINARY_DIR}/../lib/${CMAKE_SHARED_LIBRARY_PREFIX}chroot_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
to get client tests to work. Any idea why I had to make that change and
why Gitlab CI tests work without it?
Regards,
Tilo
From 21d6f4d22f8bc914a
expansion for glob().
So, unless someone is willing to make that function portable, I propose
to revert commits 99c5160, b8e301a and a82e24f.
Regards
Tilo Eckert
gt;
> Adres: ul. Lutycka 6/116A, 44-100 Gliwice
> Strona: www.forca.pl
> NIP: 6351648511
> REGON: 240621874
>
> -Original Message-
> From: Tilo Eckert
> Sent: Thursday, October 4, 2018 11:57 AM
> To: libssh@libssh.org
> Subject: Re: libssh windows problem
>
That is most likely a webserver misconfiguration. Opening
https://red.libssh.org yields SSL_ERROR_BAD_CERT_DOMAIN. The site
returns the certificate and content of milliways.cryptomilk.org instead
of red.libssh.org.
You can only wait for Andreas to fix it or compile libssh yourself.
Am 03.10.2018
Am 16.08.2018 um 18:51 schrieb Andreas Schneider:
> On Thursday, 16 August 2018 18:11:46 CEST Tilo Eckert wrote:
>> Hi,
>>
>> today I compiled the examples shipped with libssh (current master) for
>> the first time and tried to use the "ssh-client" example, but
Hi,
today I compiled the examples shipped with libssh (current master) for
the first time and tried to use the "ssh-client" example, but it seems
to be broken.
When I connect to an OpenSSH server in interactive shell mode (i.e.
ssh-client user@host), the client successfully connects and
Neither SCP nor SFTP have inherent support for (FXP-like) direct file
transfers between two remote hosts. You always have to SSH into one of
the boxes and initiate the transfer from the remote box by running the
necessary command.
scp nick0@x.x.x.x:file nick1@y.y.y.y:newfile
is equivalent to
ssh
Hi Arul,
you can simply adjust the PATH environment variable by prepending the
path to your libcrypto.so before calling cmake, e.g.:
PATH=${OPENSSLDIR}/lib/:$PATH
Regards
Tilo
Am 01.08.2018 um 11:14 schrieb Arul Prakash Selvakumar:
> Hi,
>
>
>
> I’m trying to build the libssh library
This kex is not supported, only those listed in your log output.
Am 27.06.2018 um 08:57 schrieb Antenore Gatta:
> Hi all,
>
> I'm trying to connect to a host using the Kex
> diffie-hellman-group-exchange-sha256 , but even if I force the Kex, I
> got this trace:
>
>> [SSH]
256 as an alias and add a
> test in torture_algorithms for that?
From 76256475f27e6435fcd2b3d11ca0d39c60755459 Mon Sep 17 00:00:00 2001
From: Tilo Eckert
Date: Mon, 25 Jun 2018 13:01:57 +0200
Subject: [PATCH 1/6] kex: add curve25519-sha256 as alias for
curve25519-sha...@libssh.org
see: https://tools.ie
Am 20.06.2018 um 15:12 schrieb Andreas Schneider:
> On Tuesday, 19 June 2018 16:35:49 CEST Jakub Jelen wrote:
>> On Thu, 2018-06-14 at 16:03 +0200, Andreas Schneider wrote:
>>> [...]
>>>
>>> Looks like openssh removed support for ssh-dss. At least my openssh
>>> 7.7
>>> doesn't know about it at
Hi
We discovered a compiler-dependent bug in the ed25519 implementation
that took us two days to find, but is trivial to fix. With one of our
compilers, if the server provided an ed25519 key, signature verification
failed.
The issue is the global variable at include/libssh/ge25519.h:31
> const
Hi Yanis
the server obviously disconnects you after two failed login attempts
(ssh_userauth_none and ssh_userauth_password). Since you do not perform
any kind of error checking, you blindly continue with
ssh_userauth_kbdint which also fails because you are already
disconnected at this point
This post explains it better than I could:
https://opensource.stackexchange.com/questions/4804/modifying-an-lgpl-library-and-using-it-in-a-commercial-product/4806#4806
Regards
Tilo
Am 11.09.2017 um 11:23 schrieb 312:
> Hi All,
>
> It seems that https://red.libssh.org/issues/223 is pending for
Hi,
your error is somewhere in Microsoft's C Runtime. Since you did not
provide a stack trace, it is impossible to tell what goes wrong. Fire up
your debugger to find out where you get stuck.
PS: Most people on the mailing list are not fluent in Chinese. ;)
Regards
Tilo
Am 30.07.2017 um 12:18
Am 29.06.2017 um 12:46 schrieb Andreas Schneider:
> On Thursday, 29 June 2017 10:54:12 CEST Tilo Eckert wrote:
>> Am 28.06.2017 um 18:05 schrieb Andreas Schneider:
>>> On Wednesday, 28 June 2017 15:40:00 CEST Tilo Eckert wrote:
>>>> Am 28.06.2017 um 1
Am 28.06.2017 um 18:05 schrieb Andreas Schneider:
> On Wednesday, 28 June 2017 15:40:00 CEST Tilo Eckert wrote:
>> Am 28.06.2017 um 13:42 schrieb Andreas Schneider:
>>> On Wednesday, 28 June 2017 12:43:14 CEST Tilo Eckert wrote:
>>>> Hi,
>>>
>>> H
Am 28.06.2017 um 13:42 schrieb Andreas Schneider:
> On Wednesday, 28 June 2017 12:43:14 CEST Tilo Eckert wrote:
>> Hi,
>
> Hi Tilo,
>
>> I am experiencing a re-occuring issue when accessing
>> https://git.libssh.org with Firefox. When requesting a page for the
>&
Hi Mike,
the message is set in ssh_socket_exception_callback() in session.c. The
"Unknown error" is the output of strerror(). It is probably easiest to
fire up your debugger as there are multiple callback functions involved
in handling socket events. Your exception is probably fired in
Am 20.05.2017 um 17:29 schrieb Jason Curl:
>
> On 20/05/2017 14:19, Jason Curl wrote:
>> Hello,
>>
>> My .NET wrapper (prototype) of libssh is crashing on
>> ssh_channel_free() with
>> a SIGSEGV. I've compiled abbd6e3 with MSYS2 32-bit with GCC 6.3.0 (see
>> attachment for cmake output). I'm
p and try again
> ssh_userauth_none ?
>
> Am 05.05.2017 um 10:32 schrieb Tilo Eckert:
>> You did not check the return code "rc".
>>
>> You could already be logged in after the ssh_userauth_none() call (e.g.
>> IP based auth). An error could occur (S
http://api.libssh.org/stable/group__libssh__auth.html#ga35d44897a44b4bb3b7c01108c1812a37
You either did not call ssh_userauth_none() before or the server does
not allow any of the supported auth methods.
Regards
Tilo
Am 05.05.2017 um 09:26 schrieb Daniel Kroker:
> Hi,
>
> we have the problem
Hi Nitesh,
you don't have the OpenSSL development headers installed. They should be
in package openssl-devel, or whatever it is named in RHEL.
Best regards
Tilo
Am 27.03.2017 um 06:25 schrieb Nitesh Srivastava:
>
>
> Hi All,
>
>
>
> We are getting below error while compiling the libssh
Hi Alex
why don't you generate host keys without a password? If you put the
password of the keys into your code instead of entering it manually, it
is as good as having no password at all. Private SSH host keys should
never leave the machine they were generated on anyway and should only be
Hi Claudio,
you can use sftp_setstat() or sftp_utimes() to set the file timestamps.
I recommend the first one as it allows you to decide which timestamps to
set. The time is passed as seconds and nanoseconds since 1970. The 64
bit fields in the sftp_attributes structure are not really used. Just
> For me, make and make install are not working.
Can you elaborate on that? Does it give you an error message or do you
simply not have GNU make in your MinGW install? On Windows, you might
need MSYS (http://www.mingw.org/wiki/msys) for the GNU tools.
Also make.exe could have a different name in
de.be>
>> Date: Wed, 20 Jul 2016 12:58:20 +0200
>>
>> Hi,
>>
>> I'm sorry, it's Andreas who's the only one with access to the failed
>> server, and he's unfortunately unreachable (I tried a few times already
>> on different mediums). W
http://comments.gmane.org/gmane.network.ssh.libssh.general/2479
Libssh maintainers aren't very active, unfortunately...
Am 19.07.2016 um 21:51 schrieb Hitesh Sharma:
> Hello,
>
> The download link for libssh seems to be broken. Why is that?
>
> https://red.libssh.org/projects/libssh/files
>
>
questing on
> Github would make libssh development much more responsive.
>
> Best wishes,
>
> Yang
>
>> On Jul 11, 2016, at 17:08, Tilo Eckert <tilo.eck...@flam.de
>> <mailto:tilo.eck...@flam.de>> wrote:
>>
>> Check the
Hello Nagaraj
1. libssh should be compilable on any platform where you have a recent
enough cmake version and OpenSSL/gcrypt available. We currently have it
working on Windows, Linux, z/Linux, and even z/OS. For the mainframe
compile we had to create a custom makefile (no cmake available) and
mode non-atomic.
- The current master was not compilable on Windows since November.
Regards
Tilo
From d47a6b435a37bc811a77651891b768c41ee1afb4 Mon Sep 17 00:00:00 2001
From: Tilo Eckert <tilo.eck...@flam.de>
Date: Thu, 30 Jun 2016 12:27:43 +0200
Subject: [PATCH 1/3] bug fix: SFTP flag SSH_FX
Hi Stéphane
If I'm not mistaken, attributes->name contains only the file/directory
name. When you call your function recursively, you need to build the
full path and pass it to the recursive call. Currently, you attempt to
delete the directories from your working directory.
Regards
Tilo
Am
For SSH2, you must set the username before connecting via
ssh_options_set(session, SSH_OPTIONS_USER, username);
The username parameter of ssh_userauth_try_publickey() and all other
functions must be NULL.
ssh_userauth_none() will never return SSH_AUTH_SUCCESS unless the SSH
server does not
Hi,
when reading files through the asynchronous SFTP methods, I see that you
update the file offset in sftp_async_read_begin(). Is there any specific
reason why you do it here and not in sftp_async_read()?
Due to this behavior, I am unable to use sftp_tell() in my read-ahead
implementation.
ssh_channel_read() does not guarantee. In
the split length field situation, less than 4 bytes are read which
results in the aforementioned error.
A patch is attached which reads the length field in a loop until 4 bytes
are read.
Tilo
Am 08.06.2015 um 13:09 schrieb Tilo Eckert:
I used libssh
Hi
if the server requires multiple authentication steps, the authentication
functions return SSH_AUTH_PARTIAL for any partial authentication step.
Only after the last step, SSH_AUTH_SUCCESS is returned, indicating
successful login.
Some notes on your implementation:
- You should set the username
is a
good idea.
Patches for both are attached. Note that I only checked the SFTP module
for flags issues. Someone might want to look for other similar places.
Tilo
From 1a0b6de1b7e544b123132343e59e79028a4b7391 Mon Sep 17 00:00:00 2001
From: Tilo Eckert tilo.eck...@flam.de
Date: Wed, 22 Jul 2015 15:26:56
Hi,
as requested, here is a resubmit of my properly signed patches (original
mails quoted below).
Certificate of Origin was sent separately to contribut...@libssh.org.
Regards
Tilo
Am 11.06.2015 um 16:50 schrieb Tilo Eckert:
Hi,
I found two related bugs when trying to authenticate
Any idea what might cause this strange behavior when doing read-ahead?
Am 08.06.2015 um 13:09 schrieb Tilo Eckert:
I used libssh 0.7.0 for my tests. The 0.6 branch from git has the same
issue. Of the 0.6.x source tarballs none of them compiles here (ArchLinux).
Here is a verbose log where
Hi,
when calling ssh_userauth_list() after a successful partial
authentication (e.g. public key) and another authentication method (e.g.
password) is required next by the server, only the
SSH_AUTH_METHOD_PASSWORD flag should be set. However, the
SSH_AUTH_METHOD_PUBLICKEY flag is also set, even
Hi,
I found two related bugs when trying to authenticate with
ssh_userauth_publickey_auto() against an OpenSSH server that is
configured to require public key authentication followed by password
authentication, i.e. sshd_config contains the line:
AuthenticationMethods publickey,password
Bug #1:
Hi,
I am trying to implement a simple read-ahead mechanism for reading large
files via SFTP using sftp_async_read_begin() and sftp_async_read(). On
the first attempt to read a 4096 bytes block, I request N times 4K, and
read the first 4K block. On successive reads, for each block read
another one
11:46, Tilo Eckert a écrit :
Hi,
I am trying to implement a simple read-ahead mechanism for reading large
files via SFTP using sftp_async_read_begin() and sftp_async_read(). On
the first attempt to read a 4096 bytes block, I request N times 4K, and
read the first 4K block. On successive reads
62 matches
Mail list logo