search for: demiobenour

...in EBUSY Product: nftables Version: unspecified Hardware: All OS: other Status: NEW Severity: major Priority: P5 Component: kernel Assignee: pablo at netfilter.org Reporter: demiobenour at gmail.com If I am using a flowtable to accelerate forwarding and try to use conntrack to delete the offloaded flows, conntrack fails with EBUSY. This is a problem if the purpose of deleting the flows is to enforce changed firewall rules. This was found while investigating https://github.com/Q...

There have been many cases where I have found myself in need of a pure forwarding tool that can forward sockets over a single stream. In my use cases, this stream is already secure, so there is no need for the tool to do any encryption or authentication. One specific use-case was forwarding a Docker socket to another VM over QubesOS qrexec qrexec, which uses Xen shared memory, but there are

On 2019-10-15 20:00, asymptosis wrote: > On Tue, Oct 15, 2019 at 07:43:00PM -0400, Demi M. Obenour wrote: >> On 2019-10-15 19:11, Job Snijders wrote: >>> The S in SSH stands for secure. You are asking the wrong group of people. >>> You?ll have to resolve your issue in some other way. >>> >> This tool would only support running on stdin/stdout. Indeed,

On Sat, Feb 25, 2023 at 12:14?PM Demi Marie Obenour <demiobenour at gmail.com> wrote: > > On 2/25/23 07:50, Nico Kadel-Garcia wrote: > > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: > >> > >> On 24.02.23 12:58, Keine Eile wrote: > >>> does any one of you have a best practice on...

On 4/18/23 05:05, Norbert Pocs wrote: > Hi OpenSSH mailing list, > > I would like to announce the newly introduced patch in Fedora rawhide [0] > for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 > version. Why does Fedora care about FIPS 140? To me, this seems like it should be specific to RHEL and maybe CentOS Stream, not Fedora. My understanding

...h target systems without subsecond timestamps?] seems impractical to me. or at least "... [sry, didnt have internet to send, incomplete but readable imho.] . la tero brulas! #VerdajDezertoj Saluton, Daja / Dahya unua NovaUNPrezident Am 21. Mai 2023 21:45:07 MESZ schrieb Demi Marie Obenour <demiobenour at gmail.com>: >On 5/10/23 08:50, Lucas Holt wrote: >> On 5/10/23 4:36 AM, Antonio Larrosa wrote: >>> Hello, >>> >>> This is probably a long email, but please bear with me. I plan to >>> submit a patch and would like to explain what I will do before d...

On 5/10/23 08:50, Lucas Holt wrote: > On 5/10/23 4:36 AM, Antonio Larrosa wrote: >> Hello, >> >> This is probably a long email, but please bear with me. I plan to >> submit a patch and would like to explain what I will do before doing >> it so I don't lose time if there's some flaw in my plan. >> >> I currently use sshfs to mount directories

On 2/25/23 07:50, Nico Kadel-Garcia wrote: > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: >> >> On 24.02.23 12:58, Keine Eile wrote: >>> does any one of you have a best practice on renewing ssh host keys on >>> cloned machines? >>> I have a customer who never thought about that, while cloning all VMs >>>

On 2019-10-16 08:07, Nico Kadel-Garcia wrote: > > stunnel? https://www.stunnel.org/static/stunnel.html ? > stunnel doesn?t support multiplexing. As I mentioned in another email, my connection may not be over a network at all ? it may be over a serial line, Xen vchan, or other such stream. Using a full VPN is overkill here. The HPN patches for OpenSSH are the closest to a solution I

On 6/19/23 20:20, Damien Miller wrote: > > On Fri, 16 Jun 2023, Ronan Pigott wrote: > >> This adds support for systemd socket-based activation in the ssh-agent. >> When using socket activation, the -a flag value must match the socket >> path provided by systemd, as a sanity check. Support for this feature is >> enabled by the --with-systemd configure flag.

I have not been able to get scp(1) to download a file with a newline in its name. I know that scp(1) requires that remote filenames be escaped for the shell, but that leads to protocol errors. I am also unable to get sftp(1) to handle such files. It fails with an ?unterminated quoted argument? error, no matter how I try to quote the newline. Furthermore, the SFTP CLI is not well-suited to

On 2019-10-15 19:11, Job Snijders wrote: > The S in SSH stands for secure. You are asking the wrong group of people. > You?ll have to resolve your issue in some other way. > This tool would only support running on stdin/stdout. Indeed, an idiomatic use-case would be to use it as the command argument to ssh(1). The assumption I am making is that anyone that can pass arbitrary data to