Mailinglist Archive: opensuse-bugs (7528 mails)

[bugzilla_noreply@xxxxxxxxxx]

https://bugzilla.novell.com/show_bug.cgi?id=393186

User meissner@xxxxxxxxxx added comment
https://bugzilla.novell.com/show_bug.cgi?id=393186#c37





--- Comment #37 from Marcus Meissner <meissner@xxxxxxxxxx>  2008-08-01 06:30:40 
MDT ---
Date: Tue, 27 May 2008 19:59:03 +0400
From: "Dmitry V. Levin" <ldv@xxxxxxxxxxxx>
To: oss-security@xxxxxxxxxxxxxxxxxx
Subject: Re: [oss-security] OpenSSH key blacklisting

On Tue, May 27, 2008 at 07:44:35PM +0400, Solar Designer wrote:
> On Sat, May 17, 2008 at 04:46:30PM +0200, Robert Buchholz wrote:
> > Do you have a patch to propose, implementing your idea?
>
> Dmitry V. Levin and I have completed design of the encoding scheme, and
> Dmitry implemented it.  Now we have:
>
> blacklist-encode.c - the encoder program;
> blacklist-check.c - the "checker" program, used for testing only;
> openssh-3.6.1p2-owl-blacklist.diff - the patch to sshd.
>
> The patch is against an older version that we still have in Owl (with
> lots of other patches), but it is trivial to forward-port.  In fact, I
> expect that Dmitry will port it to the newer version in ALT Linux's
> distributions very soon (if not already).  Dmitry - please announce your
> forward-port in here when you have it.

These changes for ALT Linux's openssh package can be found at
http://git.altlinux.org/people/ldv/packages/?p=openssh.git
It should apply to vanilla openssh-5.0p1 with trivial modifications to
auth2-pubkey.c and servconf.c hunks.


-- 
ldv


-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.