e are two same update manuals for OpenSSH 9.5 and 9.6[1].
> Link to the tarball and the second shell command should be updated.
>
> Cheers,
> Alex
>
> [1] https://www.openssh.com/openbsd.html
>
Hey,
It seems there are two same update manuals for OpenSSH 9.5 and 9.6[1].
Link to the tarball and the second shell command should be updated.
Cheers,
Alex
[1] https://www.openssh.com/openbsd.html
On 2023-08-29, myml...@gmx.com wrote:
> My question is there any recent documentation / information on setting
> up an openssh server with non-hardware based two factor authentication?
> This does NOT have to be google authenticator, any similar service will
> suffice.
if an ssh
On 2023-08-29, Daniel Jakots wrote:
> You can also want to look at sysutils/login_oath (which I've been using
> for years), but maybe for new setups, the login_totp from base makes
> more sense.
you might be thinking of login_yubikey which is in base, but it has no
way to sync the counter
On Tue, 29 Aug 2023 13:18:53 -0400, Dave Voutila wrote:
> > You can also want to look at sysutils/login_oath (which I've been
> > using for years), but maybe for new setups, the login_totp from
> > base makes more sense.
> >
>
> login_totp is in base?
Wow, I was sure
Daniel Jakots writes:
> On Tue, 29 Aug 2023 10:07:18 -0500, "myml...@gmx.com"
> wrote:
>
>> Hi All,
>>
>> I want to secure an openssh server with two factor authentication and
>> have seen the hardware token methods, most recently i've been seeing
On Tue, 29 Aug 2023 10:07:18 -0500, "myml...@gmx.com"
wrote:
> Hi All,
>
> I want to secure an openssh server with two factor authentication and
> have seen the hardware token methods, most recently i've been seeing
> yubi/FIDO methods.
>
> Ideally I would
Hi All,
I want to secure an openssh server with two factor authentication and
have seen the hardware token methods, most recently i've been seeing
yubi/FIDO methods.
Ideally I would like to avoid having to depend on a usb size device that
could easily be lost.
I looked around and found mention
Since the project is based in Canada I don't know if anyone on this list
would have an ECCN. Unless there's someone on this list from one of the US
companies that exports OpenSSH.
On Fri, Mar 11, 2022 at 12:38 PM wrote:
> Hello,
>
> Our company is exporting a computer with OpenSSH 8.8
Hello,
Our company is exporting a computer with OpenSSH 8.8 software installed.
We would like to confirm the ECCN of this software. Would you please reply
with US ECCN?
Regards,
[Icon Description automatically generated]
Marella Abraham
Import/Export Compliance Analyst
Email
For sure I mean OpenSSH 8.7, so it should be
# tar zxvf .../openssh-8.7.tar.gz
Cheers,
Alex
On Tue, Aug 24, 2021 at 10:29 PM Alex Naumov
wrote:
> Hello,
> update instructions for OpenSSH 6.7 has this line:
>
> # tar zxvf .../openssh-8.6.tar.gz
>
> It should be 6.7
>
> Cheers,
> Alex
>
>
Hello,
update instructions for OpenSSH 6.7 has this line:
# tar zxvf .../openssh-8.6.tar.gz
It should be 6.7
Cheers,
Alex
ling lists.
Christopher Johns wrote:
> Good Evening,
>
> Recently it has been brought to my attention that we may have several Linux
> hosts that may have the same problem ssh-rsa key pairs.
>
> Is it possible if I use a server template to create Linux servers, for
> OpenS
Good Evening,
Recently it has been brought to my attention that we may have several Linux
hosts that may have the same problem ssh-rsa key pairs.
Is it possible if I use a server template to create Linux servers, for
OpenSSH to create the same host keys in /etc/ssh for the servers created by
my
Good Evening,
Recently it has been brought to my attention that we may have several Linux
hosts that may have the same problem ssh-rsa key pairs.
Is it possible if I use a server template to create Linux servers, for
OpenSSH to create the same host keys in /etc/ssh for the servers created by
my
Hello,
The date of OpenSSH 8.5 release on https://www.openssh.com/openbsd.html
page is wrong.
2020 => 2021
Cheers,
Alex
t; but googling for keys: +openbsd +nitrokey
>>
>> does not indicate anything interesting except a few of my own questions on
>> the Nitrokey support forum.
>
> I had to look up "Nitrokey" to verify that it was what I thought it was, but
> that had me
> do
r suggestion,
>>
>> but googling for keys: +openbsd +nitrokey
>>
>> does not indicate anything interesting except a few of my own questions on
>> the Nitrokey support forum.
>
> I had to look up "Nitrokey" to verify that it was what I thought it was, but
&
uot;Nitrokey" to verify that it was what I thought it was, but
that had me
do a quick search for "OpenSSH FIDO support", which turned up among other
things this
article: https://undeadly.org/cgi?action=article;sid=20191115064850 as well as
a number
of blog posts and HOWTO-ish pieces t
Hello,
there is one broken link on the openssh/legacy.html page:
OSSH -> ftp://ftp.pdc.kth.se/pub/krypto/ossh/
Cheers,
Alex
ldap
Password:
...
authorize
And so is ypbind:
aagico-postgres-nextcloud# getent group | grep dcorbe
_dcorbe:*:2001:dcorbe
aagico-postgres-nextcloud# getent passwd | grep dcorbe
dcorbe:*:2001:2001:Daniel Corbe:/home/dcorbe:/bin/sh
What do I need to change about OpenSSH to get this working?
or RFC-4193 ULA IPv6 address.)
- Is your OpenSSH server behind a router? Is that configured correctly?
- Is your ISP (for the phone or your home computer) perhaps blocking
ports? Try editing /etc/ssh/sshd_config and change the port to
something high, maybe 2?
--
Stuart Longland (aka Redhat
On Sun, Dec 01, 2019 at 07:13:18PM +0530, putridsou...@gmail.com wrote:
> I am not able to ssh into my home computer connected to
> router, the client device (termux on android) is on a
> mobile network. Is there something I am supposed to
> know?. Because I can ssh into my computer easily when
I am not able to ssh into my home computer connected to
router, the client device (termux on android) is on a
mobile network. Is there something I am supposed to
know?. Because I can ssh into my computer easily when
when both devices are on the same router network.
Hello,
it seems like a typo in OpenSSH version number.
Cheers,
Alex
Index: openbsd.html
===
RCS file: /cvs/www/openssh/openbsd.html,v
retrieving revision 1.127
diff -u -p -r1.127 openbsd.html
--- openbsd.html9 Oct 2019 02
Hi,
it seems like a typo in OpenSSH version number: in 7.3 part info about
patch for 7.2.
Cheers,
Alex
Index: openbsd.html
===
RCS file: /cvs/www/openssh/openbsd.html,v
retrieving revision 1.127
diff -u -p -r1.127 openbsd.html
On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/
>
> ESET researchers discovered a set of previously undocumented Linux malware
> families based on OpenSSH. In the white paper, “The Dark Side of th
On Thu, Dec 13, 2018 at 10:02:45AM +0100, Otto Moerbeek wrote:
> On Thu, Dec 13, 2018 at 09:50:31AM +0100, Florian Obser wrote:
>
> > On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> > > Any creative hints to defend against these kind of threats?
> >
> > Your system has been
On Thu, Dec 13, 2018 at 09:50:31AM +0100, Florian Obser wrote:
> On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> > Any creative hints to defend against these kind of threats?
>
> Your system has been compromised. The attacker is able to replace
> binaries, you have lost. If your
On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> Any creative hints to defend against these kind of threats?
Your system has been compromised. The attacker is able to replace
binaries, you have lost. If your package manager can still tell you
that the sshd binary has been replaced
"Kollar Arpad" wrote:
> Hello,
>
> How about blacklisting some often used passwords? ex.:
> https://github.com/eset/malware-ioc/tree/master/sshdoor (either used by
> humans often or by backdoors)
>
> When will "passwd" have option to give/generate passwords from 4 random
> english words
Hello,
just a FYI, maybe you havent seent the study:
https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/
ESET researchers discovered a set of previously undocumented Linux malware
families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”,
they release
Thanks - I just committed a fix (having missed that Otto already
included a patch beyond the bottom of my xterm -- sorry)
On Thu, 5 Apr 2018, Otto Moerbeek wrote:
> On Thu, Apr 05, 2018 at 01:51:51PM +0200, Renaud Allard wrote:
>
> > Hello,
> >
> > The man page for
On Thu, Apr 05, 2018 at 01:51:51PM +0200, Renaud Allard wrote:
> Hello,
>
> The man page for openssh 7.7 for Ciphers specifications mentions:
>
> The default is:
> chacha20-poly1...@openssh.com,
> aes128-ctr,aes192-ctr,aes256-ctr,
> aes128-...@openssh.com,aes256-...@o
Hello,
The man page for openssh 7.7 for Ciphers specifications mentions:
The default is:
chacha20-poly1...@openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-...@openssh.com,aes256-...@openssh.com,
aes128-cbc,aes192-cbc,aes256-cbc
However, ssh doesn't use the last line in that list:
$ ssh
On 7 September 2017 at 16:35, Heiko <bd09c6fmxoq2...@intermezzo.net> wrote:
> Hello,
>
> ./config for Portable OpenSSH 7.5p1 with LibreSSL 2.6.1 fails on Debian
> Linux:
As per https://www.openssh.com/report.html this query would be better
directed to the portable
Hello,
./config for Portable OpenSSH 7.5p1 with LibreSSL 2.6.1 fails on Debian
Linux:
checking OpenSSL header version... not found
configure: error: OpenSSL version header not found.
$ openssl version
LibreSSL 2.6.1
I did it with this options:
./configure --without-openssl
If a client (openssh, putty) insists on nistp521 as openssh offers in
the debug dialogue then the connection fails or falls back to nistp256.
If you create a nistp521 host key and add it to sshd_config then
nistp521 is used successfully.
Not sure if nistp256 could use a nistp521 key
Hi,
there seems to be a version info discrepancy
in the OpenBSD 6.1 ANNOUNCEMENT.
It states OpenSSH 7.4 and LibreSSL 2.5.3.
However, in 6.1(/amd64) release fresh install, i have
OpenSSH 7.5 and LibreSSL 2.5.2:
$ ssh -V; openssl version
OpenSSH_7.5, LibreSSL 2.5.2
LibreSSL 2.5.2
On 3/20/17, Darren Tucker :
> On Sun, Mar 19, 2017 at 11:47 PM, Lars Noodén wrote:
>> Looking at a recent snapshot, see dmesg at the bottom, I have two
>> questions about OpenSSH logging.
>>
>> 1) The entry in sshd_config(5) for MaxAuthTries states the fol
Sorry. That previous message got mangled.
> $ ssh-add -l
> The agent has no identities.
On the server it looks like it says the client is asking for
'keyboard-interactive' first of all things:
> debug1: userauth-request for user fred service ssh-connection method
> none [preauth]
> debug1:
>> 2) The client gets disconnected before MaxAuthTries is reached. If I
>> have it set to 6, I get 5 only tries:
>
> Your log level isn't high enough to see it, but I suspect you have a
> failed pubkey attempt before the password attempts. You should be
> able to see it if you add "-vvv" to the
On Sun, Mar 19, 2017 at 11:47 PM, Lars Noodén <lars.noo...@gmail.com> wrote:
> Looking at a recent snapshot, see dmesg at the bottom, I have two
> questions about OpenSSH logging.
>
> 1) The entry in sshd_config(5) for MaxAuthTries states the following
&
Looking at a recent snapshot, see dmesg at the bottom, I have two
questions about OpenSSH logging.
1) The entry in sshd_config(5) for MaxAuthTries states the following
about log entries:
... Once the number of failures reaches half this
value, additional failures
Exactly. Probably ps -l (or maybe install and use pstree). Do you get
new processes with sshd as a parent?
I never get that. When ssh-ing into another machine I just get a single ssh
process that's a direct child of the bash for that tty, there's never an
sshd anywhere.
When you use ps -l you
On Sun, Aug 2, 2015 at 7:02 AM, Quartz qua...@sneakertech.com wrote:
I know how ps works :)
Ok, good, then the problem lies elsewhere...
On OSX, an outbound ssh connection spawns a single 'ssh' process, which is a
child of bash. bash is a child of login. login is a child of Terminal.
Perhaps
The point was to use ps on the *server* not on the client.
So I was thinking you should use ps *on that server* to
see if you could see signs of another connection attempt reaching it
and then for some reason failing to give you an interactive shell.
Ah ok. Yes I totally misunderstood you- I
ktrace and tcpdump.
I should have mentioned that the laptop is using OpenSSH but it's OSX
not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
so I'll have to look into how to get that set up.
As for tcpdump, I'm not sure what I'd be looking for there. Most
If you have one connection established to that server which is
functioning (perhaps with -v on the client ssh) can you get the
problem to occur with a second connection to that server?
That's a good question, I'm not actually sure if I've ever opened two
connections to it at once. For better
If you have one connection established to that server which is
functioning (perhaps with -v on the client ssh) can you get the
problem to occur with a second connection to that server?
If so, can you take a look at whether you are getting any fresh
processes from your second connection attempts
That's a good question, I'm not actually sure if I've ever opened two
connections to it at once. For better or worse today is a good day so I'll
have to wait to test this.
If you are only creating one ssh connection, does good day mean you
have succeeded just once?
No, I mean that I can ssh
On Sat, Aug 1, 2015 at 6:53 PM, Quartz qua...@sneakertech.com wrote:
Exactly. Probably ps -l (or maybe install and use pstree). Do you get
new processes with sshd as a parent?
I never get that. When ssh-ing into another machine I just get a single ssh
process that's a direct child of the
Quartz wrote:
Searching the web for info is worthless because the first thing
everybody tells you to do when debugging a connection issue is enable
verbose, which obviously doesn't help me here. Likewise, I can't even
confirm if anyone else has even experienced this sort of failure before
On Sat, Aug 1, 2015 at 10:58 AM, Quartz qua...@sneakertech.com wrote:
That's a good question, I'm not actually sure if I've ever opened two
connections to it at once. For better or worse today is a good day so I'll
have to wait to test this.
If you are only creating one ssh connection, does
good day:
ssh user@server = works just like it should
What about ssh -v user@server on a good day?
That works exactly as expected. ssh-ing in right now
And more specifically, if
you run ssh -v on both a good day and a bad day, what does diff between
the two outputs show?
IIRC, not
If you are only creating one ssh connection, does good day mean you
have succeeded just once?
No, I mean that I can ssh in without having to pass -v on the command
line. In other words, it works the way it normally should.
More specifically:
good day:
ssh user@server = works just like it
Thus said Quartz on Sat, 01 Aug 2015 19:00:56 -0400:
good day:
ssh user@server = works just like it should
What about ssh -v user@server on a good day? And more specifically, if
you run ssh -v on both a good day and a bad day, what does diff between
the two outputs show?
Andy
--
TAI64
Quartz wrote:
ktrace and tcpdump.
I should have mentioned that the laptop is using OpenSSH but it's OSX
not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
so I'll have to look into how to get that set up.
As for tcpdump, I'm not sure what I'd be looking
ktrace and tcpdump.
I should have mentioned that the laptop is using OpenSSH but it's OSX
not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
so I'll have to look into how to get that set up.
As for tcpdump, I'm not sure what I'd be looking for there. Most
I'm not sure if this is the right place to ask about this, but I can't
seem to find an ssh-specific mailing list or web forum anywhere.
I have a bog standard setup between a laptop and a local university that
uses a bog standard id_rsa key for password-less access; to the best of
my
://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authe
ntication-brute-force-vulnerability-maxauthtries-bypass/
It is a real issue. Your servers might not see the issue depending
on what options have been set for sshd_config. My freebsd boxes do
*not* have the problem
There's one obvious thing I totally forgot to mention, but the initial spin
put on this issue is *all wrong*.
Calling that an OpenSSH bug is, pure and simple, slander.
If anything, it is a PAM bug.
Or you can say it's a system integration bug on FreeBSD.
Calling that an OpenSSH bug just
On Thu, 23 Jul 2015 18:12:28 -0400
Garance A Drosehn wrote:
to write software defensively if you want PAM to not fuck you over.
It happens that I'm setting up some new (to me) RHEL 7 systems right
now,
and way too much time has been spent fighting with PAM (and I'm not done
yet). So
Em 24-07-2015 14:27, Kevin Chadwick escreveu:
The guidance is to use pubkey or long passwords in which case you
should either have no problem or notice the cpu cycles if your an admin
worth any salt.
There are tons of info regarding OpenSSH best practices. The link bellow
[1] is one of them. I
Em 23-07-2015 18:10, Ted Unangst escreveu:
Come on. Calling it an oversight is not condescending. I think it's perfectly
reasonable to say it was an oversight. He did't say it was the hole of the
century. There's no need to be so defensive.
Yep. Others also told me this off list. I already
On 23 Jul 2015, at 17:38, Marc Espie wrote:
Not surprisingly, as the patch clearly shows, the problem is right
smack
in the middle of USE_PAM code.
I wouldn't call that an OpenSSH bug. I would call it a systemic design
flaw
in PAM. As usual. LOTS of security holes in authentication systems
(and first) remote exploit against openssh *was* in the
last century, IIRC, he could still be correct to call it the hole of the
century... :)
Heh.
(apologies for the previous blank email :( )
also told that there is a patch for the oversight in OpenSSH's code
There was no oversight. There were people using the OpenSSH code in
unintended ways. The OpenSSH portable is only provided by the OpenSSH
project because there are developers that care for it. People should
stop being lazy and use
is configured
on their systems.
You were condescending, admit it. Quoting you:
I'm also told that there is a patch for the oversight in OpenSSH's code
There was no oversight. There were people using the OpenSSH code in
unintended ways. The OpenSSH portable is only provided
On Thu, Jul 23, 2015 at 12:29:37PM -0400, Garance A Drosehn wrote:
On 23 Jul 2015, at 10:06, Emilio Perea wrote:
To me it looks like a mistimed April Fools' joke, but hope somebody more
knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive
On 23 Jul 2015, at 13:33, Theo de Raadt wrote:
My freebsd boxes do *not* have the problem, but that's because I have
set 'ChallengeResponseAuthentication no'.
I don't even remember why I set that on my freebsd boxes. I change very
few settings, but for some reason I decided to change that
you:
I'm also told that there is a patch for the oversight in OpenSSH's code
There was no oversight. There were people using the OpenSSH code in
unintended ways. The OpenSSH portable is only provided by the OpenSSH
project because there are developers that care for it. People should
Come
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/23/15 16:06, Emilio Perea wrote:
To me it looks like a mistimed April Fools' joke, but hope somebody
more knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force
To me it looks like a mistimed April Fools' joke, but hope somebody more
knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
available to test it. But it seems to be the only OS
affected. I'm betting that they have some bad interaction between the
openssh configuration and their PAM configuration.
Cheers,
Giancarlo Razzolini
It seems to affect only FreeBSD. But it's bad, and affect a lot of
versions, dating back to 2007. And also, as I guessed, interaction with
PAM is the culprit.
That's why Dr. House doesn't allow exotic things to be ported to OpenBSD.
You Can't Always Get What You Want.
Seriously, dlopen
On 23 Jul 2015, at 10:06, Emilio Perea wrote:
To me it looks like a mistimed April Fools' joke, but hope somebody
more
knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass
remember why I set that on my freebsd boxes. I change very
few settings, but for some reason I decided to change that one.
Yes, it seems so. Going through the source code and the openssh-unix-dev
mail list, I see that it's indeed an issue that could affect a lot of
machines. But it depends
some back at you for
fun. It seems too easy for FreeBSD folk to throw accusations at
OpenSSH and the greater OpenBSD dev community, when the rich
commercial sphere surrounding FreeBSD has never given a penny and gets
all this for free.
Why does FreeBSD PAM not have a counter in it to prevent
But it depends on the right (wrong) combination of factors
which, unfortunately, FreeBSD has.
Exactly.
On 7/23/2015 12:29 PM, Garance A Drosehn wrote:
On 23 Jul 2015, at 10:06, Emilio Perea wrote:
[snip]
It is a real issue. Your servers might not see the issue depending on
what
options have been set for sshd_config. My freebsd boxes do *not* have
the
problem, but that's because I have
On 23 July 2015 at 09:15, Giancarlo Razzolini grazzol...@gmail.com wrote:
Em 23-07-2015 11:16, Peter N. M. Hansteen escreveu:
However, running that command pinting at a FreeBSD 10.1 box in my care
gave more than three tries. I aborted well before reaching 1 for
obvious reasons.
Digging
Em 23-07-2015 11:16, Peter N. M. Hansteen escreveu:
However, running that command pinting at a FreeBSD 10.1 box in my care
gave more than three tries. I aborted well before reaching 1 for
obvious reasons.
Digging some more, I've found this:
http://seclists.org/oss-sec/2015/q3/156
It seems
It seems to affect only FreeBSD. But it's bad, and affect a lot of
versions, dating back to 2007. And also, as I guessed, interaction with
PAM is the culprit.
That's why Dr. House doesn't allow exotic things to be ported to OpenBSD.
You Can't Always Get What You Want.
On Sat, Jun 27, 2015 at 05:10:54PM -0700, jungle Boogie wrote:
Hello All,
I know fewer defaults the better for all, but if there a reason
TCPKeepAlive in openssh is disabled along with the clientalive option?
Is it just too risky and/or unneeded?
Well, Mr. Boogie, TCPKeepAlive is enabled
Hello All,
I know fewer defaults the better for all, but if there a reason
TCPKeepAlive in openssh is disabled along with the clientalive option?
Is it just too risky and/or unneeded?
How do you folks manage ssh sessions not dying? Do you enable these
options every time you install openssh
On 2015-06-28 02:59, Josh Grosse wrote:
How do you folks manage ssh sessions not dying? Do you enable these
options every time you install openssh on a new machine? Is there a
better option?
The man page continues with, The client alive mechanism
is valuable when the client or server depend
Hi Josh,
On 27 June 2015 at 17:59, Josh Grosse j...@jggimi.homeip.net wrote:
On Sat, Jun 27, 2015 at 05:10:54PM -0700, jungle Boogie wrote:
Hello All,
I know fewer defaults the better for all, but if there a reason
TCPKeepAlive in openssh is disabled along with the clientalive option
On 27 June 2015 at 18:17, Benny Lofgren bl-li...@lofgren.biz wrote:
Let's say you have an open, but idle, ssh session to your remote server
and there's a short outage in the network somewhere between the two
endpoints. If there are no keep-alive packets trying to get through and
the actual
http://blogs.msdn.com/b/looking_forward_microsoft__support_for_secure_shell_ssh1/archive/2015/06/02/managing-looking-forward-microsoft-support-for-secure-shell-ssh.aspx
I’m pleased to announce that the PowerShell team will support and contribute
to the OpenSSH community - Very excited to work
to the OpenSSH community - Very excited to work with the OpenSSH community to
deliver the PowerShell and Windows SSH solution!
\o/
unix ssh windoze.domain.loc
Администратор@windoze.domain.loc's password:
PowerShell
Profit?
constant
# define mblen(x, y) 1
The obvious thing to try would be to change that to:
# define mblen(x, y) (1)
Didn't change the output at all
In case your interested, I've attached the config.logs for the openssh
compile fail with openssl and openssh configure fail with libressl.
(BTW
Hi,
I've a smallish system which does a lot of SFTP work, and CPU seems to be the
bottleneck constantly (this was discussed on a previous thread over a year
ago).
I've finally decided to replace that CPU, but I'm wondering: Does OpenSSH
support/use the AESNI instruction set if available
On 2015-05-07 10:57, Christian Weisgerber wrote:
On 2015-05-07, Hugo Osvaldo Barrera h...@barrera.io wrote:
I've finally decided to replace that CPU, but I'm wondering: Does OpenSSH
support/use the AESNI instruction set if available?
Yes, by way of OpenSSL/LibreSSL, which make use of AESNI
constant
# define mblen(x, y) 1
The obvious thing to try would be to change that to:
# define mblen(x, y) (1)
(BTW openssh-unix-...@mindrot.org is the best place to get help with
portable OpenSSH. See http://www.openssh.com/report.html for details.)
--
Darren Tucker (dtucker at zip.com.au)
GPG
I got Can't find recent OpenSSL libcrypto
/usr/bin/env PATH=$PATH:/home/kc/lib/andtool/bin ./configure
--prefix=/home/kc/AndroX/install --host=arm-linux-androideabi
--with-ssl-dir=/home/kc/AndroX/install
I got the same issue as here for trying to cross build OpenSSH with
OpenSSL
http
On 2015-05-07, Hugo Osvaldo Barrera h...@barrera.io wrote:
I've finally decided to replace that CPU, but I'm wondering: Does OpenSSH
support/use the AESNI instruction set if available?
Yes, by way of OpenSSL/LibreSSL, which make use of AESNI if available.
if AESNI access is done via crypto(9
On 2015-05-05, Bertrand Caplet bertrand.cap...@chunkz.net wrote:
Hey,
I'm using JuiceSSH it's pretty good and free, but I don't know about
ciphers...
JuiceSSH uses http://www.jcraft.com/jsch/ for its SSH implementation,
which itself relies on JCE for crypto, so there are a couple of layers
/philosophy/no-word-attachments.html
On Tue, May 5, 2015 at 8:26 PM, Bertrand Caplet bertrand.cap...@chunkz.net
wrote:
Hey,
I'm using JuiceSSH it's pretty good and free, but I don't know about
ciphers...
I'm after an openssh client with all it's goodies such as poly cipher (I
don't need sshd
Hey,
I'm using JuiceSSH it's pretty good and free, but I don't know about
ciphers...
I'm after an openssh client with all it's goodies such as poly cipher (I
don't need sshd) for Android rather than dropbear.
So I'm looking at the following with Androids NDK.
http://kevinboone.net/kbox3
1 - 100 of 398 matches
Mail list logo
