[Bug 3461] New: General observations

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jul 13 22:27:21 AEST 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3461

            Bug ID: 3461
           Summary: General observations
           Product: Portable OpenSSH
           Version: v9.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Keywords: help-wanted
          Severity: enhancement
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ricky.tigg at gmail.com

**General information**

```
$ cat /etc/redhat-release
Fedora release 36 (Thirty Six)
$ uname -ro
5.18.10-200.fc36.x86_64 GNU/Linux
```

Hello. Having noticed, somehow lately, the version of component OpenSSH
ported on my system, which is served via the main repository of my
current distribution, not being up-to-date, as this state has been
lasting long enough,i get at last motivated to decide to start the
project to get installed by my own an up-to-date stable component.
Prior to the required removal of the actually installed OpenSSH
component, i felt wiser to investigate the possibilities made available
to user while compiling an installation, for instance in respect to the
allowance of the public-key authentication alone, thus excluding
password and host-based authentications.

```
$ ssh -V
OpenSSH_8.8p1, OpenSSL 3.0.5 5 Jul 2022
```

Source | https://github.com/openssh/openssh-portable

"libcrypto from either LibreSSL or OpenSSL may also be used, but
OpenSSH may be built without it supporting a subset of crypto
algorithms.

**Installed components**

```
$ dnf --installed list '*crypto*' | sed 1d
crypto-policies.noarch               20220428-1.gitdfb10ea.fc36       
@updates 
crypto-policies-scripts.noarch       20220428-1.gitdfb10ea.fc36       
@updates 
libblockdev-crypto.x86_64            2.27-1.fc36                      
@updates 
python3-crypto.x86_64                2.6.1-39.fc36                    
@anaconda
python3-cryptography.x86_64          36.0.0-3.fc36                    
@anaconda
$ dnf --available list '*libcrypto*' | sed 1d
Error: No matching Packages to list
```

Above outputs indicate LibreSSL and OpenSSL as being not installed
which is attested as well. Unknown is the object "supporting a subset
of crypto algorithms" refers to.

_Note_: In `configure --help`,as we can notice it, the syntax of the
command is invalid; I guess that the correct syntax was intended
instead, as it is elsewhere there, which is then `./configure --help`,
otherwise as expected the following would be produced:

```
$ configure --help
bash: configure: command not found...
```

In `./configure --disable-FEATURE` the obvious is noticeable; the lack
of mention of such features or link to them. No mentions at
https://www.openssh.com/features.html neither.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list