search for: comprom

...entropy required for generating unpredicatable keys. In fact it appearss that the only source for entropy was the process ID of the process generating a key, which is chosen from a very small range and is predictable. As such, all keys generated using the Debian OpenSSL library should be considered compromized. Programs that use OpenSSL include OpenSSH and OpenVPN. Note that GnuPG and GNU TLS do not use OpenSSL, so they are not affected. This vulnerability can affect CentOS machines through the use of keys that were generated with the OpenSSL package from Debian. For instance, if a user uses OpenSSH...

Hello, I would like to run other services like messaging services on my firewall machine too. Does it make sense to run shorewall, openvpn and the pppoe package in a chroot jail? And is it possible to run these programs as an other user? Ciao Hugo

...entropy required for generating unpredicatable keys. In fact it appearss that the only source for entropy was the process ID of the process generating a key, which is chosen from a very small range and is predictable. As such, all keys generated using the Debian OpenSSL library should be considered compromized. Programs that use OpenSSL include OpenSSH and OpenVPN. Note that GnuPG and GNU TLS do not use OpenSSL, so they are not affected. This vulnerability can affect CentOS machines through the use of keys that were generated with the OpenSSL package from Debian. For instance, if a user uses OpenSSH...

...'t change the fact that this information is critical (my opinion) to the directory. I think if you make a directory without any metrics such as listener counts (or something that represents listener counts) or current song titles, then well,it really loses alot of appeal (my opinion) perhaps a compromize of both time-dependent and non-time-dependent information ? I also don't like the idea of a client sending out 100 requests to all listed servers to say, "Hey, what are you playing". Flashbacks from RadioSpy... oddsock --- >8 ---- List archives: http://www.xiph.org/archives...

I have a drive being shared with smb (it's a vfat drive, btw) and whenever I go to create a new folder from any of the clients to that shared drive, it gives me a message that the folder allready exists, but it still does create a new folder, and then i have to rename "new folder" to whatever I want, same goes with copying/moving folders, it says the folder allready exists (when it

> Again, it would be nice to be able to make this reasonably free form > name/value pairs - one extra that has occurred to me is... > > icon_url - to let directoy listings jazz up their displays by permitting > station logos (For speed reasons it's probably nicer for the directory > server to manage teh icons locally...) I'm trying to think of a good way to map

...k (or certificates backed by ed25519-sk), but falling back to encrypting the key with a random passphrase when some combination or sk keys or certs is contra-indicated (eg old systems which don't yet understand sk.) On your own LAN, where you presumably control everything and don't need to compromize with anyone, you could consider my favorite approach, which is configure everything to accept certificate authentication, and only permit certificates which have been signed by an sk key. This gives you seamless time-limited access that is backed by 2FA. It does, however, require buying at least...

...than 10 plugins added, syntax coloring for R code added to GeSHI, MathML rendering of LaTeX equations added) is the one to use, there seems to be little alternative proposed (after disucssions, Trac and TWiki were considered as valid alternatives, but they do now overcompete DokuWiki as a good compromize between simplicity and performance for documentation writting). To feed the Wiki with high-quality material (more than "just" the few thousands of .Rd man pages of R and additional packages in CRAN and Bioconductor, sic!), I proposed to several authors of Web sites dedicated to R...

Hi folks, we'd like to provision new Samba servers (file sharing only) with the system keytab. It will precreated by some other process (msktutil) because we don't have direct access to a domain admin account. Is there any degragation in functionality by not using "secrets and keytab" and not doing "net ads join"? This is somewhat similiar to my question from

I have a small LAN at home with nine or ten systems on it running various varieties of Linux. I 'do things' on the LAN either from my dekstop machine or from my laptop, both run Xubuntu 24.04 at the moment. There's a couple of headless systems on the LAN where login security is important to me and I've been thinking about the relative merits of password and public-key