similar to: Encrypted daemon socket communication

Hey all, on the distcc mailing list, a thread about load balancing got a bit out of hand, and we started thinking about moving fsh-like connection caching into ssh itself to get rid of the overhead of starting up the python interpreter to run rsh. (Interestingly, mit's "rex", described at http://www.lcs.mit.edu/publications/pubs/pdf/MIT-LCS-TR-884.pdf, considers connection caching

Jefferson Ogata's patch http://marc.info/?l=openssh-unix-dev&m=108134938701018&w=2 adds a multiple authentication methods option to sshd. I updated the patch to 4.7p1 and added logic to allow it to work with privilege separation. https://bugzilla.mindrot.org/show_bug.cgi?id=1435 -------------- next part -------------- A non-text attachment was scrubbed... Name:

Hi :-) We use ssh-agent for batch jobs. The jobs get the key from the ssh-agent over the envoirment variables. When we start many jobs at the same time, the agent dont give the key to the job. We have tracet the our script an see the follow: ... 26918: 0.0004 so_socket(PF_UNIX, SOCK_STREAM, 0, "", 1) = 13 26918: 0.0001 fcntl(13, F_SETFD, 0x00000001) = 0 26918: 0.0003 connect(13,

Hello, Attached is a patch to add support for an "include" file in ssh configs. It is written against openssh-5.2p1. ## ~/.ssh/config Include ~/.ssh/config.contrib ## end - Leading ~/ expands to $HOME according to getpwuid_r?. - Leading ~username expands to $HOME for username according to getpwnam_r. - Fallbacks to /home/$USER are implemented for when struct passwd.pw_dir is NULL?

>> I understand that that is not how scp works today.>And it will likely never change. Why not? Just because "That's how we've always not done it" doesn't sound like a very good reason to me. >> I'm suggesting that we make a minor change to how it works.>scp is maintained for compatibility reasons only, as I've understood>things. That's still

Hi, I'm looking for a way to force users to use a pty and their login shell. They have a .profile that forces them to use a specific application. They are currently logging in with telnetd, so this is effective. I want to move to openssh, but this would allow "ssh user at host /bin/sh" and any other commands they can think of to bypass this restriction. Is there a way to

Hi all, Today, I was tasked at work with setting up a chroot SFTP server on a 64bit Arch Linux server. I naturally turned to Arch Linux's wiki article on the subject (http://wiki.archlinux.org/index.php/SFTP-chroot) and the directions were very clear. However, the directions did not work. I kept getting a "Write failed: Broken pipe" error after attempting to connect. Upon digging

Hi, This is sort of a strange issue. But I am experimenting with ways to have a user log in and be presented with a perl script to interact with. When I do either or both of the following: 1) set the user's shell to /usr/bin/myperlscript 2) specify ForceCommand /usr/bin/myperlscript, applied to my user ...I get strange behavior when a command is appended to the client connect

Hey everyone, I hope this isn't an old issue; I wasn't able to locate it in the archives. I have a number of scripts which make use of ssh -i and scp -i, where the target host has the specified key in its authorized_keys file with a command= override to do immediate processing of the received data. This works extremely well, as we are able to establish single-function, triggered-action

Hi I have written a small introduction to newbies in Danish on ssh and friends. Now some people are questioning my advice and I think they have a point. I am advocating people to use DSA-keys and a config file with this: Protocol 2 ForwardAgent yes ForwardX11 yes Compression yes CompressionLevel 9 and running ssh-agent and ssh-add, and then loggin in without giving keys. One

Hi, many people are having problems using SFTP with ChrootDirectory when the jail directory (or the path above) is not owned by root. The question is if chroot'ing to usual home directories can be allowed, even though they are owned by regular users. I know that this topic has been discussed on the list several times now, so I searched the list archives for posts that invalidate the

The native authentication methods of openssh are (not counting insecure RhostsRSAAuthentication) 1) public key 2) password For users with home dirs in AFS space, method 1) does not work. Except with (non foolproof) fiddling on the access controls within the home directory. This might lead to security issues when done by inexperienced users. Without some work, only 2) remains. Being forced to send

Hi, please find a patch against openssh-4.7p1 This patch: 1) Allows for an optional configuration file 2) Allows a user to be restricted to a directory and it's children. Enjoy -- Alain Williams Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information:

I am running asterisk at home but have a strange phenomena that is going on with my flash panel I am using two ips an internal and an external public ip address on my box. If I go to the page on my asterisk external ip address the displays the flash panel everything is fine, but on the internal ip wich used to display the page correctly all the names of my panel users is there but the panel just

My google search for Plackett's Algorithm didn't return too much except that Plackett's algorithm appears to be useful in Control Theory - it is elaborated as "Plackett's algorithm for on-line recursive least squares estimation". Sounds something like what I want. I am looking at developing a user modelling type app (new data points coming in and wanting to dynamically

Hi im using asterisk@home with 30 phones and 50 users, I want the users to utilize pins when making external calls asterisk supports this, but I want to take this one step further I want each user to have his /her own pin that is connected to the mysql databases so in the monitoring system I know which user used which phone and what number they have dialled, and if they don't have apin they

Hello everyone, I just wanted to see if anyone has experience running Xen on: Dell 2950 III 2 x Quad 2.0 Ghz 1333Mhz FSB 32 GB DDR2 (8x4GB) 2 Disk Perc RAID 1 (7200 RPM SAS) Broadcom Dual Gigabit Ethernet LOM & TOE The requirements of each VM are not that high (and are all identical). I just want to run remote desktop and 1 other application at any given time (either a web based IE

I have the following models: class MainService < ActiveRecord::Base has_one :travel_service end class TravelService < ActiveRecord::Base belongs_to :main_service end I can use the following: @main_service.travel_service = TravelService.new But I can''t use the following: @main_service.send("travel_service") = TravelService.new It says " unexpected

On 11/12/20 7:50 AM, Jonathan Billings wrote: > On Thu, Nov 12, 2020 at 12:56:15PM +0000, Bernstein, Noam CIV USN NRL (6393) Washington DC (USA) via CentOS wrote: >> If the point is to access a specific web site only the remote >> machine can get to, you can also do it with port forwarding: >> ssh -L 8000:ip_of_web_site_to_access_from_remote:443 remote_machine >> and

This morning a handful of workstations got upgraded from 6.3 to 6.4 and things seemed to be functional, until we tried to log in to one of our instrument accounts that for various reasons uses olvwm/openwin as the desktop (and no, I don't have the option of changing that at this time). The desktop appears to load correctly, and mouse-focus and clicking appears to work, but the