search for: daethnir

Displaying 4 results from an estimated 4 matches for "daethnir".

2020 Aug 03
6
Deprecation of scp protocol and improving sftp client
I hear you - but it seems that the choice is between (a) limiting "scp" functionality to address the security vulnerability, and (b) killing "scp" altogether. I'd much prefer (a), even if it means I lose "scp remotehost:foo\* .". Especially, since (almost always) I have equal privileges on both local and remote hosts, so in that case I just originate that
2020 Feb 11
0
[draft PATCH] whitelist support for refuse options
...commands based on observed behaviour during training mode): sshdo - controls which commands may be executed via incoming ssh http://raf.org/sshdo https://github.com/raforg/sshdo And another (less easy to use) generic alternative: authprogs - SSH Command Authenticator https://github.com/daethnir/authprogs I don't know if any of the above commands would give you what you want but they might. Suggestion: If the above won't do what you need, I'd suggest different syntax. I don't like a directive that starts with "refuse options" and then is mostly followed by the o...
2020 Oct 21
6
"Semi-Trusted" SSH-Keys that also require PAM login
Hello all, in order to connect to my SSH servers from untrusted devices like company computers or my smartphone, I set up 2FA with google-authenticator hooked into PAM. However, this is not really 2FA at least for the smartphone, since I use the same device for generating the TANs and it is also at least inconvenient to always require a new TAN for each connection. I do not want to solely rely
2020 Feb 09
3
[draft PATCH] whitelist support for refuse options
This adds support for whitelisting the acceptable options in the "refuse options" setting in rsyncd.conf. It introduces "!" as a special option string that refuses most options and interprets any following strings as patterns of options to allow. For example, to allow only verbose and archive: refuse options = ! verbose archive The "!" does't refuse no-iconv,