search for: enkor

Displaying 7 results from an estimated 7 matches for "enkor".

Did you mean: entor
2023 Nov 10
1
@cert-authority for hostbased auth - sans shosts?
On 09/11/23, Marian Beermann (public at enkore.de) wrote: > ... while OpenSSH does support using a CA in conjunction with hostbased > authentication, it still requires a list of all authorized host names in the > rhosts / shosts file. I'm not familiar with the use of .rhosts/.shosts, but I don't think those are needed at all...
2023 Nov 15
0
@cert-authority for hostbased auth - sans shosts?
On 11/15/23, 10:51 AM, "openssh-unix-dev on behalf of Marian Beermann" <openssh-unix-dev-bounces+iain.morgan=nasa.gov at mindrot.org <mailto:nasa.gov at mindrot.org> on behalf of public at enkore.de <mailto:public at enkore.de>> wrote: On 11/15/23 18:09, Chris Rapier wrote: > On 11/11/23 9:31 PM, Damien Miller wrote: > >> It's not discouraged so much as rarely used. It's very useful in some >> situations and I can think of good reasons to use it more oft...
2023 Nov 09
1
@cert-authority for hostbased auth - sans shosts?
Hi, we're looking to reduce the number of host lists that need to be kept in sync in our system. (There are quite a few of them all over the place) OpenSSH CAs are an obvious solution for not having to keep all host keys in sync in /etc/ssh/known_hosts, however, while OpenSSH does support using a CA in conjunction with hostbased authentication, it still requires a list of all authorized
2023 Nov 10
1
@cert-authority for hostbased auth - sans shosts?
On Fri, 10 Nov 2023, Rory Campbell-Lange wrote: > On 09/11/23, Marian Beermann (public at enkore.de) wrote: > > ... while OpenSSH does support using a CA in conjunction with hostbased > > authentication, it still requires a list of all authorized host names in the > > rhosts / shosts file. > > I'm not familiar with the use of .rhosts/.shosts, but I don't think...
2024 Jul 20
1
Proposal: Option to escape/quote individual COMMAND arguments
This comes up from time to time. The main hurdle is that the ssh client doesn't know what the login shell of the user on the server is, but you need to know that to correctly escape for the shell at hand. (And not all servers are even Unix-like). The real/proper fix is and always would've been a separate request type that's essentially just doing an execvp and simply wouldn't be
2023 Nov 11
1
Question about stderr output containing carriage return External
Hi Josh, it's been around for a while: https://github.com/openbsd/src/commit/8747197a4a479407167d01f46017ddb99cc3cae2 Though the commit doesn't say why it needs the \r. Cheers, Marian On 11/11/23 00:38, Joshua Rogers wrote: > Hi all, > > I have recently only discovered that openssh prints lines to stderr > separated by CLRF pairs, and am trying to understand where this
2023 Nov 11
1
@cert-authority for hostbased auth - sans shosts?
On 11/10/23 04:17, Damien Miller wrote: > AIUI what he is asking for is a file that combines the host identity > of the system-wide ssh_known_hosts file with the host/user authorisation > of shosts in a single file. > > This might be a little cleaner, but IMO not so much so as to be highly > motivating (personally). > > -d Yup, but since this is auth code I imagine it