search for: authorizedkeysfiles

OpenSSH 3.1 Not really a bug, but an "undocumented feature". The default sshd_config file show the default setting for AuthorizedKeysFile as being: AuthorizedKeysFile .ssh/authorized_keys If you uncomment that default, it changes the "undocumented" setting for "AuthorizedKeysFile2", which is by default: AuthorizedKeysFile2 .ssh/authorized_keys2

https://bugzilla.mindrot.org/show_bug.cgi?id=1747 Summary: AuthorizedKeysFile not working as advertised Product: Portable OpenSSH Version: 5.4p1 Platform: Other OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=2490 Bug ID: 2490 Summary: allow to set AuthorizedKeysFile none Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

OpenSSH 5.6p1 will attempt to free static storage and seg. fault if AuthorizedKeysFile is used within a Match block without any global specification of that option. A simple fix is to xstrdup the defined pathnames as in the attached patch. -- Rein Tollevik Basefarm AS -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh.patch Type: text/x-patch Size: 1102

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

https://bugzilla.mindrot.org/show_bug.cgi?id=1764 Summary: Allow AuthorizedKeysFile in Match Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: djm at

http://bugzilla.mindrot.org/show_bug.cgi?id=412 Summary: AuthorizedKeysFile assumes home directory access upon authentication Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hello all, There are some scenarios where is useful to storage one key per authorized_keys in an OpenSSH server. This is particularly true in gitosis cases. It manages multiple repositories under the same user account and it may have escalation problems. In our case, the keys are stored in a MySQL database and queried by a fuse application when the authorized file is requested by OpenSSH. Of

Hi devs, recently I had to replace authorized_keys on several systems to enforce an access policy change. I was badly surprised that authorized_keys2(!) was still processed, which allowed some old keys to enter the systems again, because I wasn't aware of the file's existance on the server and use by sshd, since this "backward compatibility" isn't documented, not even a

https://bugzilla.mindrot.org/show_bug.cgi?id=1684 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Status|NEW |RESOLVED Resolution|---

https://bugzilla.mindrot.org/show_bug.cgi?id=2623 Bug ID: 2623 Summary: AuthorizedKeysFile split pub key and signature with tab `\t` not work. Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:

http://bugzilla.mindrot.org/show_bug.cgi?id=412 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From markus at openbsd.org 2002-10-12

https://bugzilla.mindrot.org/show_bug.cgi?id=2755 Bug ID: 2755 Summary: [PATCH] sshd_config: allow directories in AuthorizedKeysFile= Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

Hi, We will probably do an openssh-5.5p1 release soon, mainly for the sshd_config:AuthorizedKeysFile bug, but containing a few other small patches too. If you have any portability fixes that need to go in then

https://bugzilla.mindrot.org/show_bug.cgi?id=1684 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #4 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release

http://bugzilla.mindrot.org/show_bug.cgi?id=172 Summary: Add multiple AuthorizedKeyFiles options Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

Hi, We'd like to run sshd with a configuration morally equivilent to: # stuff ... AuthorizedKeysFile /var/db/keys-distributed-by-security-team/%u AuthorizedKeysFile %h/.ssh/authorized_keys # be backwards compatable for a bit longer yet AuthorizedKeysFile %h/.ssh/authorized_keys2 # more stuff ... The following patch (against the cvs source) turns the authorizedkeysfile statement in sshd.conf

On Thu, Jan 30, 2020 at 7:11 AM Christian, Mark <mark.christian at intel.com> wrote: > > On Thu, 2020-01-30 at 12:27 +0000, Brian Candler wrote: > > As a concrete example: I want Alice to be able to login as "alice" > > and > > "www" to machines in group "webserver" (only). Also, I want Bob to > > be > > able to login as

http://bugzilla.mindrot.org/show_bug.cgi?id=165 ------- Additional Comments From markus at openbsd.org 2002-03-17 04:31 ------- never seen this. what does sshd -ddd say? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On Thu, Jul 7, 2016 at 10:00 AM, Bruce F Bading <badingb at us.ibm.com> wrote: > > Hi Gentlemen, > > Thank you both for your valued opinion. I do however agree that public key > authentication cannot be fully considered MFA as have 2 PCI QSAs I have > spoken with. This is because it is not enforceable server side. Many > things can affect client side security. >