Skip to content

OpenSSH config parser borked in MacOS X?

Sometimes I like to use certain ciphers for different hosts (for performance reasons). But the OpenSSH version (v5.1p1, OpenSSL 0.9.7l 28 Sep 2006) in MacOS 10.4.11 seems to read the config only halfway:
alice$ cat .ssh/config.test 
Host *
        Ciphers                 arcfour128
Host bob
        Ciphers                 arcfour

alice$ ssh -F .ssh/config.test bob
no matching cipher found: client arcfour128 server aes128-cbc,3des-cbc,[...]
cbc,arcfour
It should've used 'arcfour', since the SSH.com ssh2d does not understand all OpenSSH ciphers. When changing the global cipher preferences to something else, everything works as expected:
alice$ cat .ssh/config.test 
Host *
        Ciphers                 aes128-cbc
Host bob
        Ciphers                 arcfour

alice$ ssh -F .ssh/config.test bob
Password:

md5sum b0rked in Fink?

As MacOS X still doesn't ship with some md5sum equivalent, I gabbed the Fink version. Strange, that it got installed along with the dpkg package, as there's the coreutils package too. Anyway, in most cases I'd like to *verify* checksums, not generate them. The manpage says:
-c  Check md5sum of all files listed in file against the checksum listed
    in the same file. The actual format of that file is the same as output
    of md5sum.
...and then it goes on to tell us how to *generate* a checksum, oh well. But -c doesn't even work:
$ md5sum -c MD5SUM.txt
usage: md5sum [-bv] [-c [file]] | [file...]
Generates or checks MD5 Message Digests
    -c  check message digests (default is generate)
[...]
The input for -c should be the list of message digests and file names
that is printed on stdout by this program when it generates digests.
$ tail -1 MD5SUM.txt
677ecebf8ca5c5135dc1c951a34d42b5  cd_diags.iso
What's wrong here? Is md5sum really b0rked? Or is it just PEBKAC? So, here goes a quick 'n dirty workaround for verifying lots of files:
$ FILE=/path/to/md5sum.txt
$ for i in `awk '{print $2}' "$FILE"`; do \
   test -f "$i" || continue && C=`openssl md5 $i | awk '{print $2}'` && \
   egrep -q "$C  $i" "$FILE" && echo "FILE: $i OK" || echo "FILE: $i FAILED"
done