Portable OpenSSH
Portable OpenSSH is a Unix/Linux port of OpenBSD's excellent OpenSSH, a full implementation of the SSH1 and SSH2 protocols. It includes sftp client and server support.
| Tags | Security Cryptography Utilities |
|---|---|
| Licenses | BSD Revised BSD Original |
Recent releases
- 22 Jul 2008 07:37
Changes: Many bugs were fixed. Performance and features were improved.
- 30 Mar 2008 22:28
Changes: Execution of ~/.ssh/rc was disabled for sessions where a command has been forced by the sshd_config ForceCommand directive (unsafe default behavior). Chroot support for sshd was added. Internal sftp-server support was added to sshd, to allow chroot operation without support files. A "no-user-rc" option was added to ~/.ssh/authorized_keys to disable execution of ~/.ssh/rc in public key authentication. An sftp protocol extension, "posix-rename@openssh.com", was added to provide a rename operation with POSIX semantics.
- 05 Sep 2007 04:20
Changes: Untrusted X11 forwarding is now prevented from using a trusted authentication cookie in certain situations. The SSH protocol 2 is used by default for new installations. Performance for high-BDP links was improved. Cryptographic speedups and a new, faster MAC algorithm were added. Many bugs were fixed.
- 11 Mar 2007 00:03
Changes: sshd now allows the enabling and disabling of authentication methods on a per user, group, host, and network basis via the Match directive in sshd_config. A number of non-security bugs were fixed, including a hang on exit for ttyful/login sessions.
- 06 Oct 2006 05:52
Changes: This release adds important security fixes. Support for Diffie-Hellman with SHA256 has been added. Several features have been added to sshd_config, including support for conditional directives, forcing use of a specified command, and restrictions on port forwarding. Optional logging has been added to sftp-server. The client may exit if any requested port forwarding cannot be established, and will record any non-standard ports in the known_hosts file. Support for SELinux, Solaris process contracts, and OpenSSL hardware engines can be built in. Various other bugs have been fixed and features added.
- All comments
Recent commentsSecurity Blanket
This is one of the most important apps on my machine. I don't know why everyone doesn't use it. I fear telnet....
Regards,
jake@plutoid.com (http://www.plutoid.com)
http://www.plutoid.com (http://www.plutoid.com)
Re: file format of DSA keys
> Hmmm... Looking at the manpage, neither
> -d or -x exists...
>
>
Hmmm.... But they still work...
Re: file format of DSA keys
Hmmm... Looking at the manpage, neither -d or -x exists...
Re: file format of DSA keys
> OpenSSH uses PEM format for DSA key
> files which is incompatible with the
> SSH2 key file format. So far I couldn't
> get OpenSSH to authenticate with a DSA
> key to an ssh2 server because of this.
> I can't put the public key generated
> with OpenSSH on the ssh2 server and I
> can't get OpenSSH to use a private key
> generated with ssh-keygen2.
>
From my notes here is how I was able to do it:
On the client
1. upgrade the openssh to 2.2.x+
2. ssh-keygen -d -f $HOME/.ssh/id_dsa
3. cd $HOME/.ssh
4. ssh-keygen -x -f $HOME/.ssh/id_dsa > ssh2.pub
On fsecure server
5. copy ssh2.pub to $HOME/.ssh2/ssh2.pub
6. echo "Key ssh2.pub" > authorization
file format of DSA keys
OpenSSH uses PEM format for DSA key files which is incompatible with the SSH2 key file format. So far I couldn't get OpenSSH to authenticate with a DSA key to an ssh2 server because of this. I can't put the public key generated with OpenSSH on the ssh2 server and I can't get OpenSSH to use a private key generated with ssh-keygen2.