search for: auth_key

...ject_unix (g : Guestfs.guestfs) user selector = let ssh_dir = sprintf "%s/.ssh" home_dir in if not (g#exists ssh_dir) then ( g#mkdir ssh_dir; - g#chmod 0o755 ssh_dir + g#chmod 0o700 ssh_dir ); (* Create ~user/.ssh/authorized_keys if it doesn't exist. *) let auth_keys = sprintf "%s/authorized_keys" ssh_dir in if not (g#exists auth_keys) then ( g#touch auth_keys; - g#chmod 0o644 auth_keys + g#chmod 0o600 auth_keys ); (* Append the key. *) diff --git a/src/guestfs.pod b/src/guestfs.pod index 75afa9d..366d6f5 100644 --- a/src/guestf...

Connect from Mac OSX 10.4.8 / to Recent Linux .. Sys/Sw Versions in .txt ? Refuses to accept keys in auth_keys .. bad keys "-----BEGIN" ... "-----END" Is this open .. not found in site search ... R/ Everett F Batey II - WA6CRE - http://www.cotdazr.org 800 545-6998 = 805 340-6471 / Office (805) 228-7180

...'t exist. *) let ssh_dir = sprintf "%s/.ssh" home_dir in if not (g#exists ssh_dir) then ( g#mkdir ssh_dir; - g#chmod 0o700 ssh_dir + g#chmod 0o700 ssh_dir; + g#chown uid gid ssh_dir; ); (* Create ~user/.ssh/authorized_keys if it doesn't exist. *) let auth_keys = sprintf "%s/authorized_keys" ssh_dir in if not (g#exists auth_keys) then ( g#touch auth_keys; - g#chmod 0o600 auth_keys + g#chmod 0o600 auth_keys; + g#chown uid gid auth_keys; ); (* Append the key. *) -- 2.5.5

http://bugzilla.mindrot.org/show_bug.cgi?id=78 Summary: Support use of named (krb4, krb5, gsi, x.509) keys in auth_keys entries Product: Portable OpenSSH Version: 3.0.2p1 Platform: All URL: http://marc.theaimsgroup.com/?l=openssh-unix- dev&m=101189381805982&w=2 OS/Version: All Status: NEW Severity: enhancement...

Turn the snippet reading user information from /etc/passwd in a slightly more generic function, so there is no need to copy&paste for other details. Mostly code motion. --- customize/ssh_key.ml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index a4e4a51..7c482e7 100644 --- a/customize/ssh_key.ml +++

...options(pw, options, file, linenum)) + if (!auth_parse_options(pw, optionsp, file, linenum)) continue; /* Perform the challenge-response dialog for this key. */ @@ -251,6 +251,15 @@ * otherwise continue searching. */ authenticated = 1; + if (options.log_fingerprint) { + Key *auth_key = key_new(KEY_RSA1); + auth_key->rsa->n = pk->n; + auth_key->rsa->e = pk->e; + log("Found matching %s key: %s", + key_type(auth_key), + key_fingerprint(auth_key, SSH_FP_MD5, SSH_FP_HEX)); + key_free(auth_key); + } break; } diff -ruN openssh-3.0.2p1....

http://bugzilla.mindrot.org/show_bug.cgi?id=78 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Additional Comments From djm at mindrot.org 2005-04-21 18:57

...Create ~user/.ssh if it doesn't exist. *) + let ssh_dir = sprintf "%s/.ssh" home_dir in + if not (g#exists ssh_dir) then ( + g#mkdir ssh_dir; + g#chmod 0o755 ssh_dir + ); + + (* Create ~user/.ssh/authorized_keys if it doesn't exist. *) + let auth_keys = sprintf "%s/authorized_keys" ssh_dir in + if not (g#exists auth_keys) then ( + g#touch auth_keys; + g#chmod 0o644 auth_keys + ); + + (* Append the key. *) + g#write_append auth_keys key + | typ -> + warning (f_"don't know how to inj...

This one incorporates feedback from mburns to default certain values.

Hey Guys, I am wondering if I am missing something here. I am noticing that after a user installs my app I get a request that not only contains an auth_key but also contains a valid session key. Occasionally I am seeing that Facebook server is occasionally sending a connection reset during the auth key authentication method, this caused me to notice that secure_with_token is given precedence in the code: def set_facebook_session returning...

...nse is +# also available at http://www.gnu.org/copyleft/gpl.html. + +OVIRT_CACHE_DIR ?= $(HOME)/ovirt-cache +OVIRT_LOCAL_REPO ?= file://$(OVIRT_CACHE_DIR)/ovirt +OVIRT_NODE_RECIPE ?= ../recipe/ovirt-node-recipe.ks +SUM ?= sha1sum +PKG_FMT = iso +SRC_FMT ?= tar +AUTH_KEYS ?= ~/.ssh/authorized_keys +PACKAGE = ovirt-node-image + +ARCH = $(shell rpm --eval '%{_arch}') + +NVR = $(PACKAGE)-$(VERSION)-$(ARCH) + +# For Release: 0..., set _ovirt_dev=1 so that we get extra_release.GIT- +# annotated rpm version strings. +...

...n + g#aug_close (); + + (* Create ~user/.ssh if it doesn't exist. *) + let ssh_dir = sprintf "%s/.ssh" home_dir in + if not (g#exists ssh_dir) then ( + g#mkdir ssh_dir; + g#chmod 0o755 ssh_dir + ); + + (* Create ~user/.ssh/authorized_keys if it doesn't exist. *) + let auth_keys = sprintf "%s/authorized_keys" ssh_dir in + if not (g#exists auth_keys) then ( + g#touch auth_keys; + g#chmod 0o644 auth_keys + ); + + (* Append the key. *) + g#write_append auth_keys key diff --git a/customize/ssh_key.mli b/customize/ssh_key.mli new file mode 100644 index 0000...

This supercedes the previous patch by incorporating feedback from pmyers and apevec. The ISO building target is in the recipes Makefile rather than a separate one.

Hi all, I''ve got a Rails app with a ApplicationController that looks like this: class ApplicationController < ActionController::Base before_filter :authorize, :except => :login def authorize unless session[:user] flash[:notice] = "Please log in" session[:jumpto] = request.parameters redirect_to :controller =>

...verKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: LoginGraceTime 1m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile /etc/myssh/ssh/auth_keys/%u #RhostsRSAAuthentication no #HostbasedAuthentication no #IgnoreUserKnownHosts no #IgnoreRhosts yes PasswordAuthentication yes PermitEmptyPasswords no ChallengeResponseAuthentication no #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #Kerber...

...- try key_match() if key_equal() fails - check the result of auth_parse_options() for negative, 0, or positive values. - modified userauth_pubkey() to check for a positive return from user_key_allowed() - sshd.8 - added documentation for new key types and the new auth_keys option - auth-krb4.c - modified auth_krb4() to build a Key struct and call user_key_allowed() - auth-krb5.c - modified auth_krb5() to build a Key struct and call user_key_allowed() - gss-serv.c - modified ssh_gssapi_krb5_userok() to build a Key struct and call user_key_all...

The following two patches fixes / reimplements the oVirt appliance project, installing the entire oVirt stack including all server and node components on one machine. These patches are intended to be checked out and used to build the appliance rpm, after which it is installed provides the /usr/sbin/ovirt-appliance-ctrl script to install/uninstall the appliance. The first patch merely removes

I want to set my app up to prevent multiple simultaneous logins by the same user. What strategies are people using? Is it worth going to database session storage just for this? martin

I spent some time debugging a failing Scp that turned out to be caused by the remote shell producing messages on Standard Output that aren't part of the SCP protocol. Scp from a remote system works by running another Scp on the remote system. The remote Scp writes SCP protocol messages (and file data) to its Standard Output, which the local Scp sees as Standard Input. But it's

Hi, The main (and probably the only) use case of this PAM module is to let sudo authenticate users via their ssh-agent, therefore without having to type any password and without being tempted to use the NOPASSWD sudo option for such convenience. The principle is originally implemented by an existing module [0][1] and many pages that explain how to use it for such purpose can be found online.