oss-sec mailing list archives
Re: OpenSSH key blacklisting
From: "Dmitry V. Levin" <ldv () altlinux org>
Date: Tue, 27 May 2008 19:59:03 +0400
On Tue, May 27, 2008 at 07:44:35PM +0400, Solar Designer wrote:
On Sat, May 17, 2008 at 04:46:30PM +0200, Robert Buchholz wrote:Do you have a patch to propose, implementing your idea?Dmitry V. Levin and I have completed design of the encoding scheme, and Dmitry implemented it. Now we have: blacklist-encode.c - the encoder program; blacklist-check.c - the "checker" program, used for testing only; openssh-3.6.1p2-owl-blacklist.diff - the patch to sshd. The patch is against an older version that we still have in Owl (with lots of other patches), but it is trivial to forward-port. In fact, I expect that Dmitry will port it to the newer version in ALT Linux's distributions very soon (if not already). Dmitry - please announce your forward-port in here when you have it.
These changes for ALT Linux's openssh package can be found at http://git.altlinux.org/people/ldv/packages/?p=openssh.git It should apply to vanilla openssh-5.0p1 with trivial modifications to auth2-pubkey.c and servconf.c hunks. -- ldv
Attachment:
_bin
Description:
Current thread:
- Re: OpenSSH key blacklisting, (continued)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Solar Designer (May 18)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Matthias Andree (May 20)
- Re: OpenSSH key blacklisting Solar Designer (May 27)
- Re: OpenSSH key blacklisting Dmitry V. Levin (May 27)
- Re: OpenSSH key blacklisting Tim Brown (May 28)
- Re: OpenSSH key blacklisting Sebastian Krahmer (May 28)
- Re: OpenSSH key blacklisting Tim Brown (Jun 02)
- Re: OpenSSH key blacklisting Sebastian Krahmer (Jun 02)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting The Fungi (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting Jonathan Smith (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (May 28)
- Re: OpenSSH key blacklisting Florian Weimer (May 28)