Displaying 20 results from an estimated 152 matches for "dkg".
Did you mean:
dbg
2009 Mar 26
0
Processed: updating submitter e-mail address
Processing commands for control at bugs.debian.org:
> # changing bug submitter e-mail address from
> # dkg-debian.org at fifthhorsemannet to
> # dkg at fifthhorseman.net for consolidation
> submitter 318123 !
Bug#318123: [CVE-2006-0061] xlockmore: xlock segfaults with libpam-opensc, returns to user session
Changed Bug submitter from Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net> t...
2008 Aug 20
1
using ssh-add unattended on dubious files -- how can i avoid a hang?
...e).
* i've tried running ssh-add under /usr/bin/nohup
However, even with all that, if i feed ssh-add a garbage key as a
subprocess of anything that as a controlling terminal, it opens
/dev/tty and prompts for a passphrase for the key directly there.
You can see what it's doing here:
[0 dkg at squeak]$ umask 077
[0 dkg at squeak]$ rm -f x
[0 dkg at squeak]$ touch x
[0 dkg at squeak]$ unset DISPLAY
[0 dkg at squeak]$ unset SSH_ASKPASS
[0 dkg at squeak]$ ssh-add x </dev/null >/dev/null 2>/dev/null
Enter passphrase for x:
...
and at that point it hangs until a carriage retu...
2007 Jan 31
2
Patch to fix the 255 status code problem
Hi,
Currently using openssh-4.5p1 on Solaris 8 in conjunction with Oracle 8i
dataguard. Is there a patch available to prevent ssh returning status
code 255 for a successful execution of a remote connection/command.
Many Thanks,
Tim Mann
2011 Nov 21
3
ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
hi folks:
it looks like ssh-keygen -r can''t export SSHFP records for ECDSA keys:
0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -f foobar -t ecdsa -q -P ''''
0 dkg@pip:/tmp/cdtemp.oiRYAS$ ssh-keygen -r foobar -f foobar.pub
export_dns_rr: unsupported algorithm
0 dkg@pip:/tmp/cdtemp.oiRYAS$
the first number in my prompt is the return code of the last command;
note that ssh-k...
2008 Aug 16
21
[Bug 1506] New: rationalize agent behavior on smartcard removal/reattachment
...ttachment
Product: Portable OpenSSH
Version: 5.1p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Smartcard
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: dkg at fifthhorseman.net
Created an attachment (id=1559)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1559)
patch to retry smartcard if detached reader/card is detected.
Currently, if you use an OpenSC-supported smartcard with your
ssh-agent, the passphrase is cached while the smartcard is...
2005 Nov 11
1
Can't get LocalForward to work when using ControlPath
...dary to be able to tear it down when it's done too, of course,
but i could do without that for now.
Here's an example of an attempt which appears to fail for me, with a
bit of debugging verbosity thrown in:
("5th" is a host with an IMAP server answering on the loopack address)
[dkg at squeak ~]$ ssh -Nf -MS ~/.ssh/controls/fubar -L 9999:localhost:143 5th true
[dkg at squeak ~]$ ssh -vvv -Nf -S ~/.ssh/controls/fubar -L 8888:localhost:143 5th true
OpenSSH_4.2p1 Debian-5.dkg0, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /home/dkg/.ssh/config
debug1: Applying o...
2008 Nov 07
2
[PATCH/cygwin] Fix cygwin specific Makefile and a bug in the ssh-host-config script
Hi,
could somebody be so kind to check in the follwoing patch? It fixes
two problems:
- contrib/cygwin/Makefile:
Installs new docs and stops trying to install RFC.nroff.
- contrib/cygwin/ssh-host-config:
Fixes a condition which tries to find out if ssh or sshd processes are
still running. The old version unfortunately stumbles over user names
which contain the substring
2008 Oct 29
0
ssh disregarding umask for creation of known_hosts (and other files?)
...angerous writable bits with the current umask
instead:
umask(022 | umask(0));
This would make sure that we're not creating group- or other-writable
files while still honoring the user's expectations that setting a bit
in the umask will actually mask off that bit.
Regards,
--dkg
PS Some tests that i ran that demonstrate this surprising behavior:
Here's ssh setting g+r,o+r (explicitly disregarding my umask of 077)
when it creates known_hosts for me (tested with OpenSSH 4.8 on OpenBSD
4.3 and OpenSSH 5.1 on Debian testing):
$ uname -a
OpenBSD openbsdtest.squeak.fifthh...
2015 Feb 06
4
Creating users "on - the - fly"
...9;ll keep rooting
around. I'm ok writing a PAM module if that's what I needed. But I
have a feeling there's a good bit more to it. And without someone know
"knows " - that can be a very long rabbit trail :)
Hrm....
On Fri, Feb 6, 2015 at 12:52 PM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
> On Fri 2015-02-06 12:41:38 -0500, Cary FitzHugh wrote:
>> The trouble is that the user isn't created on the machine beforehand.
>> But I actually don't want the user created, b/c I don't want to litter
>> all these servers with litt...
2009 Jun 09
1
Match Statement in sshd_config
Hello Portable OpenSSH Team!
I recently read the man-page of sshd and found: The Match-Statement.
Which maybe could solve the problem i have.
(Get freeNX running on my UbuntuBox and connect to it with the
Windows-Client just using PublicKey Authentication )
But unfortunately the documentation of the Match-Statement refers to the
PATTERN section, which is non existent :-(
After a little bit of
2013 May 16
1
[Bug 1545] ssh-keygen -R removes all comments from known_hosts file
https://bugzilla.mindrot.org/show_bug.cgi?id=1545
Daniel Kahn Gillmor <dkg at fifthhorseman.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dkg at fifthhorseman.net
--- Comment #15 from Daniel Kahn Gillmor <dkg at fifth...
2015 Feb 06
2
Re: Creating users "on - the - fly"
...to a numeric user ID and the other
information that is typically found in /etc/passwd. this doesn't write
anything to the local disk.
> The AuthorzedKeysCommand could then just return the tmp/username information..
Then the AuthorizedKeysCommand can return the proper key material.
--dkg
2015 Jan 15
3
OpenSSH v6.7 & NumberOfPasswordPrompts Option ...
...Ultra Electronics
Advanced Tactical Systems, Inc.
4101 Smith School Road
Building IV, Suite 100
Austin, TX 78744 USA
Trey.Henefield at ultra-ats.com
Tel: +1 512 327 6795 ext. 647
Fax: +1 512 327 8043
Mobile: +1 512 541 6450
www.ultra-ats.com
-----Original Message-----
From: Daniel Kahn Gillmor [dkg at fifthhorseman.net]
Received: Thursday, 15 Jan 2015, 4:03PM
To: Trey Henefield [trey.henefield at ultra-ats.com]; ?ngel Gonz?lez [keisial at gmail.com]
CC: openssh-unix-dev at mindrot.org [openssh-unix-dev at mindrot.org]
Subject: RE: OpenSSH v6.7 & NumberOfPasswordPrompts Option ...
On Thu...
2004 Dec 27
1
Potential DoS against forwarded ssh-agent
...uthorized
authentication. And of course, ForwardAgent should be kept to a
minimum in general for security.
However, in the circumstances where ForwardAgent is warranted, i'd
like to be able to rely on my local system to alert me to any
tampering with the agent from remote hosts.
Regards,
--dkg
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ssh-agent-require-confirmation.diff
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20041226/415f2766/attachment.ksh
2012 Feb 22
1
[Bug 1984] New: Add Unix Domain Socket Forwarding
https://bugzilla.mindrot.org/show_bug.cgi?id=1984
Bug #: 1984
Summary: Add Unix Domain Socket Forwarding
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo:
2010 Jun 09
5
[Bug 1777] New: KnownHostsCommand
...: KnownHostsCommand
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: dkg at fifthhorseman.net
A useful feature to have for ssh would be KnownHostsCommand, by analogy
with KnownHostsFile and ProxyCommand.
One possible implementation: if set, KnownHostsCommand would be invoked
as a subprocess immediately after receipt of the host's key, with the
host name as argv[1...
2016 Mar 29
3
request: add IP address to a log message to allow blocking
...enssh-7.3, due in a
> couple of months.
Will it be configurable? There are situations where people actively
don't want to have any IP addresses logged for legal reasons, and
ideally it would be easy to get diagnostics without risks of IP
addresses being written to log storage.
--dkg
2015 May 22
4
Weak DH primes and openssh
...ision
themselves provide a fingerprinting mechanism, but those can be disabled
on Debian with "DebianBanner no" in sshd_config. We'd want to make sure
that distro-specific moduli don't re-introduce fingerprinting for
operators who want to hide their choice of distro.
--dkg
PS Darren, has there been any attempt at generating primality proofs for
the values in ./moduli, as opposed to 100 rounds of Miller-Rabin? It
would be a shame for a pseudoprime to slip in, however unlikely that
would be.
2008 Aug 13
1
Encoding SSH RSA public key
Hello,
I'm trying to build a valid public ssh v2 RSA key from a java
application but I have some problems understanding how the two numbers
(e and n) are base64 encoded into ~/.ssh/id_rsa.pub or
~/.ssh/authorized_keys2 file.
My question is what exactly is encoded into the base64 string? For
example for this public key:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6p76zG+8aOkFZT1y4O+Y7n
2016 Feb 04
3
Unix socket support for sshd
Greetings everyone!
I would like to know if adding support for Unix socket to sshd would be a
feature that would be consider to be added upstream? (ListenAddress).
One of the main reason for this question to you all is that tor now has Unix
socket support for hidden services that is traffic of a hidden service can be
forwarded to a Unix socket (see HiddenServicePort in tor.1). The rationale