search for: authorizedkeysfil

Displaying 20 results from an estimated 175 matches for "authorizedkeysfil".

Did you mean: authorizedkeysfile
2002 Apr 18
2
AuthorizedKeysFile
OpenSSH 3.1 Not really a bug, but an "undocumented feature". The default sshd_config file show the default setting for AuthorizedKeysFile as being: AuthorizedKeysFile .ssh/authorized_keys If you uncomment that default, it changes the "undocumented" setting for "AuthorizedKeysFile2", which is by default: AuthorizedKeysFile2 .ssh/authorized_keys2 Suggestions for change: 1 - Add AuthorizedKeys...
2010 Mar 30
3
[Bug 1747] New: AuthorizedKeysFile not working as advertised
https://bugzilla.mindrot.org/show_bug.cgi?id=1747 Summary: AuthorizedKeysFile not working as advertised Product: Portable OpenSSH Version: 5.4p1 Platform: Other OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org...
2010 Apr 02
2
AuthorizedKeysFile with default value prevents Public/Private key authentication
Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin...
2015 Nov 03
2
[Bug 2490] New: allow to set AuthorizedKeysFile none
https://bugzilla.mindrot.org/show_bug.cgi?id=2490 Bug ID: 2490 Summary: allow to set AuthorizedKeysFile none Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: cale...
2010 Sep 29
2
AuthorizedKeysFile in Match block causes seg. fault
OpenSSH 5.6p1 will attempt to free static storage and seg. fault if AuthorizedKeysFile is used within a Match block without any global specification of that option. A simple fix is to xstrdup the defined pathnames as in the attached patch. -- Rein Tollevik Basefarm AS -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh.patch Type: text/x...
2010 Apr 28
9
[Bug 1764] New: Allow AuthorizedKeysFile in Match
https://bugzilla.mindrot.org/show_bug.cgi?id=1764 Summary: Allow AuthorizedKeysFile in Match Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org Reported...
2016 Oct 08
6
[Bug 2623] New: AuthorizedKeysFile split pub key and signature with tab `\t` not work.
https://bugzilla.mindrot.org/show_bug.cgi?id=2623 Bug ID: 2623 Summary: AuthorizedKeysFile split pub key and signature with tab `\t` not work. Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd...
2017 Aug 07
14
[Bug 2755] New: [PATCH] sshd_config: allow directories in AuthorizedKeysFile=
https://bugzilla.mindrot.org/show_bug.cgi?id=2755 Bug ID: 2755 Summary: [PATCH] sshd_config: allow directories in AuthorizedKeysFile= Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: lucab at d...
2002 Oct 10
0
[Bug 412] New: AuthorizedKeysFile assumes home directory access upon authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=412 Summary: AuthorizedKeysFile assumes home directory access upon authentication Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd Assi...
2010 Apr 11
0
[PATCH] AuthorizedKeysFile: tokens for type and fingerprint
...problems. In our case, the keys are stored in a MySQL database and queried by a fuse application when the authorized file is requested by OpenSSH. Of course we wanted to minimized the size of the query response. That's why we wrote the attached patch. It allows to use two new tokens in the AuthorizedKeysFile sshd_config option: * %t, user pubkey type * %f, user pubkey fingerprint So, "AuthorizedKeysFile ~/%t-%f.pubkey" will look for the key at ~/RSA-e9:6e:a0:72:c6:a3:29:f6:bd:79:f2:f8:e0:08:b4:14.pubkey. Maybe you have your own scenario where this may be useful. It wou...
2011 May 09
2
backdoor by authorized_keys2 leftovers
Hi devs, recently I had to replace authorized_keys on several systems to enforce an access policy change. I was badly surprised that authorized_keys2(!) was still processed, which allowed some old keys to enter the systems again, because I wasn't aware of the file's existance on the server and use by sshd, since this "backward compatibility" isn't documented, not even a
2013 Oct 10
0
[Bug 1684] Support multiple AuthorizedKeysFile entries
...|djm at mindrot.org Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #3 from Damien Miller <djm at mindrot.org> --- This has been supported since openssh-5.9: > * sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, > separated by space. The undocumented AuthorizedKeysFile2 option is > deprecated (though the default for AuthorizedKeysFile includes > .ssh/authorized_keys2) *** This bug has been marked as a duplicate of bug 172 *** -- You are receiving this mail...
2002 Oct 11
3
[Bug 412] AuthorizedKeysFile assumes home directory access upon authentication
...|Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From markus at openbsd.org 2002-10-12 00:59 ------- AuthorizedKeysFile /etc/ssh/keys/%u does not access $HOME for me. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2010 Mar 16
9
openssh-5.5p1
Hi, We will probably do an openssh-5.5p1 release soon, mainly for the sshd_config:AuthorizedKeysFile bug, but containing a few other small patches too. If you have any portability fixes that need to go in then please send them through at once. -d
2016 Aug 02
0
[Bug 1684] Support multiple AuthorizedKeysFile entries
https://bugzilla.mindrot.org/show_bug.cgi?id=1684 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #4 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after
2002 Mar 18
0
[Bug 172] New: Add multiple AuthorizedKeyFiles options
...;Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: alex.kiernan at thus.net We'd like to run sshd with a configuration morally equivilent to: # stuff ... AuthorizedKeysFile /var/db/keys-distributed-by-security-team/%u AuthorizedKeysFile %h/.ssh/authorized_keys # be backwards compatable for a bit longer yet AuthorizedKeysFile %h/.ssh/authorized_keys2 # more stuff ... The following patch (against the cvs source) turns the authorizedkeys...
2002 Jan 23
0
[PATCH] Add multiple AuthorizedKeyFiles options
Hi, We'd like to run sshd with a configuration morally equivilent to: # stuff ... AuthorizedKeysFile /var/db/keys-distributed-by-security-team/%u AuthorizedKeysFile %h/.ssh/authorized_keys # be backwards compatable for a bit longer yet AuthorizedKeysFile %h/.ssh/authorized_keys2 # more stuff ... The following patch (against the cvs source) turns the authorizedkeys...
2020 Jan 30
3
SSH certificates - restricting to host groups
...le (or AuthorizedPrincipalsCommand if your authz information needs to change on a quicker cadence than your config pushes) on the machines. you'd have something like $ cat /etc/ssh/sshd_config <snip> TrustedUserCAKeys /etc/ssh/TrustedUserCAKeys Match User www AuthorizedKeysFile /etc/ssh/empty AuthorizedPrincipalsFile /etc/ssh/www_authorizedPrincipals <snip> $ cat /etc/ssh/www_authorized_principals alice bob and alice and bob just have regular user certificates with 'alice' or 'bob' in the princpals
2002 Mar 16
4
[Bug 165] Problem with SSH1 Keys on RedHat7.2
http://bugzilla.mindrot.org/show_bug.cgi?id=165 ------- Additional Comments From markus at openbsd.org 2002-03-17 04:31 ------- never seen this. what does sshd -ddd say? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2016 Jul 09
2
SSH multi factor authentication
On Thu, Jul 7, 2016 at 10:00 AM, Bruce F Bading <badingb at us.ibm.com> wrote: > > Hi Gentlemen, > > Thank you both for your valued opinion. I do however agree that public key > authentication cannot be fully considered MFA as have 2 PCI QSAs I have > spoken with. This is because it is not enforceable server side. Many > things can affect client side security. >