search for: attests

I was recently looking at verifying the attestation data (ssh-sk-attest-v00) for a SK key, but I believe the data saved in this structure is insufficient for completing verification of the attestation. While the structure has enough information for U2F devices, FIDO2 devices sign their attestation over a richer "authData" blob [1] (concatenated with the challenge hash). The authData blob

https://bugzilla.mindrot.org/show_bug.cgi?id=3815 Bug ID: 3815 Summary: ssh-verify-attestation fails to check attestation Product: Portable OpenSSH Version: 10.0p1 Hardware: amd64 OS: Linux Status: NEW Severity: trivial Priority: P5 Component: Miscellaneous Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3761 Bug ID: 3761 Summary: ssh-keygen fails for security keys without attestation Product: Portable OpenSSH Version: 9.9p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee:

Hello everyone, The "R (programming language)" article in Wikipedia was nominated as a "Engineering and technology good article" but did *not* meet the good article criteria at the time (2010). The reviewer at the time made two interesting comments about the article: - Sources are almost all (except for one NYT article) online wiki-type sources. These may be

...liver.log > mail_plugins = > postmaster_address = postmaster at sklc.co.jp > sendmail_path = /usr/lib/sendmail > } > protocol lmtp { > mail_plugins = > } > protocol pop3 { > mail_plugins = > pop3_save_uidl = yes > pop3_uidl_format = %v-%u > } If it attests by connecting by POP3 or IMAPv4, the following messages will be displayed and attestation will go wrong. > Nov 07 23:12:40 auth: Debug: auth client connected (pid=20018) > Nov 07 23:12:40 auth: Debug: client in: AUTH 1 CRAM-MD5 service=pop3 secured no-penalty lip=192...

In a few weeks, no SIP call is going to terminate unless they are signed properly, as mandated by law. We are in the business of Stir-Shaken, signing calls, as an FCC-approved provider. A big differentiator between our service and the rest: we are the only ones who don't need to receive the calls in our servers to sign them. We do this over a MySQL call, easily connectable to Asterisk via

Hi Damien, On Nov 14, 2019, at 3:26 PM, Damien Miller <djm at mindrot.org> wrote: > On Fri, 1 Nov 2019, Damien Miller wrote: >> As of this morning, OpenSSH now has experimental U2F/FIDO support, with >> U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" >> or "ecdsa-sk" for short (the "sk" stands for "security

Hi folks, Since Docker can bind-mount every .ssh directory I am looking for some way to forbid unprotected private keys. AFAICS it is currently not possible on the sshd to verify that the peer's private key was protected by a passphrase. Can you confirm? Regards Harri

Guys. I know there are wifi sip phones out there but I have a question, are any of these phones "anti explosive"? By that I mean, there are certain regulations about phones or cel phones that are not recommended to operate in environments like gas stations due to sparks and the chance of ingiting gas fumes. Are there any wifi sip phones out here that have complaince with regulations to

Hi, We are pleased to announce the call for presentations for this years Confidential Computing MC at the Linux Plumbers Conference. In this microconference we want to discuss ongoing developments around Linux support for memory encryption and support for confidential computing in general. Topics of interest include: * Support for unaccepted memory * Attestation workflows * Confidential

Hi, The server that hosts Portable OpenSSH's bugzilla, anoncvs and mailing lists is reaching the end of its life and is in need of replacement. Anyone who uses our bugzilla frequently can attest to how annoyingly slow it is. So I am soliciting donations towards a replacement server with a target of AUD$3750. If there are any leftover funds they will be used to defray colo costs that I

> From: David Hopwood <david@bl...> > [image removed] Re: trusted computing > 2004-10-18 19:24 > Tim Freeman wrote: > > > not about Xen in particular, but as a side note, because I think some > > people are interested in trusted computing and virtualization? If > > you"re not, sorry for the intrusion! > > > >

On 29/07/16 11:47, Jim Seymour wrote: > On Thu, 28 Jul 2016 22:55:55 +0200 > Léon van der Kaap <leonkaap at gmail.com> wrote: > >> Hello, >> >> I am looking for good installation instructions for an active >> directory domain controller installation of samba4. The only source I >> have reliably found is >>

Hi, I added these lines to smb.conf: kernel op locks = false op locks = false strict locking = true so I could see some locks from the unix level. It worked sorta, I see the locks for big files (but not the locks I was expecting), but for little files it shows nothing: # ./lock_list /opt/testsambashare/mattest.doc # ./lock_list /opt/testsambashare/contents.doc 0 22086 W

In article <1485416344.2047.1.camel at biggs.org.uk>, Pete Biggs <pete at biggs.org.uk> wrote: > > > > > If you are using RAID 1 kernel mirroring, you can do that with /boot too, > > and Grub finds the kernel just fine. I've done it many times: > > > > > Hmm, OK. I wonder why anaconda doesn't do it then. > > Reading various

I tested building the openSUSE Tumbleweed package locally with the 20250403 snapshot and doing a live test and it works fine. I then also did try "make tests" on the vanilla snapshot sources and at first they failed to even build but after a quick fix that I've submitted at https://bugzilla.mindrot.org/show_bug.cgi?id=3806 the tests run fine too. Thanks! El mi?, 2 abr 2025 a las

Hi, Has anyone here ever used a Polycom IP 4000 Soundstation SIP Conference Phone with asterisk? If so, how well does it work and how does it sound?

On Thu, Apr 3, 2014 at 11:50 AM, Jevin Sweval <jevinsweval at gmail.com> wrote: > On Wed, Apr 2, 2014 at 1:57 AM, "C. Bergström" <cbergstrom at pathscale.com> wrote: >> Hi - >> >> Not sure if anyone else saw this or cares about a decompiler (not personally >> tested) >> https://github.com/draperlaboratory/fracture >> >> I wonder if

Hello! I''ve been trying to use facts from Facter in a custom function. I''ve been following Matthew''s entry in the wiki (http://www.reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions). What i''m seeing is that Facter[''fqdn''].value is always returning the fqdn of the puppetmaster host. I was expecting the fqdn of the client host.

Hi Samba Users, I forgot to send this mail to the samba ML, too. The question is whether anyone is using the idmap alloc config options for idmap_ldap. I would like to remove them for Samba 3.6. Details below. Thanks - Michael ----- Forwarded message from Michael Adam <obnox at samba.org> ----- Date: Wed, 10 Nov 2010 11:19:56 +0100 From: Michael Adam <obnox at samba.org> To: