search for: isbd

Hi I have a routing problem with the OpenVPN service running directly on the firewall itself. I have two DSL connections, one with a static IP (and my default route), the other with a dynamic IP. The first is called ISBD in the configs, the second is called SAIX. Connecting to the OpenVPN via ISBD works well, the packets route perfectly. Connecting via SAIX does not. In the attached status.txt, I try to connect to the firewall via the SAIX line (IP 165.146.107.24) from 41.245.93.27. In the Conntrack table, it'...

There is a program call sshpass that does just that On ubuntu/debian: apt install sshpass > On 01 Jan 2024, at 20:37, Chris Green <cl at isbd.net> wrote: > > On Mon, Jan 01, 2024 at 06:34:01PM +0000, Chris Green wrote: >> Setting SSH_ASKPASS_REQUIRE=never in the environment on my xubuntu >> 23.10 system doesn't seem to work. I have set it:- >> >> chris$ env | grep SSH >> SSH_AUTH_SOCK=/...

On Wed, 5 Jun 2024 at 22:20, Chris Green <cl at isbd.net> wrote: > If I set a timeout for a specific host's key does it set the timeout > for just that key/host? [...] > Host backup > IdentityFile ~/.ssh/backup_id_rsa > IdentityAgent 600 I think you meant AddKeysToAgent? > Will it just time out the key s...

If I set a timeout for a specific host's key does it set the timeout for just that key/host? I.e. if I do something like in ~/.ssh/config:- # # # backup, use public-key authentication # Host backup IdentityFile ~/.ssh/backup_id_rsa IdentityAgent 600 Will it just time out the key saved for backup and leave any other keys with the default no timeout? --

On Mon, Jan 01, 2024 at 06:34:01PM +0000, Chris Green wrote: > Setting SSH_ASKPASS_REQUIRE=never in the environment on my xubuntu > 23.10 system doesn't seem to work. I have set it:- > > chris$ env | grep SSH > SSH_AUTH_SOCK=/run/user/1000/keyring/ssh > SSH_ASKPASS_REQUIRE=never > chris$ > > But I still get the annoying GUI pop-up rather than

Is there any way to remove old entries from the known_hosts file? With the hashed 'names' one can't easily see which entries are which. I have around 150 lines in my known hosts but in reality I only ssh to a dozen or so systems. All the redundant ones are because I have a mixed population of Raspberry Pis and such on my LAN and they get rebuilt fairly frequently and thus, each time,

I currently use mutt to read my E-Mail on a machine which runs a postfix server to receive mail by SMTP. Mail is actually delivered to the final mbox mailboxes by a custom filtering script writtin in Python. Will dovecot happily serve mail from the existing hierarchy (obviously if I configure it right) so that I can connect using IMAP to my server machine to read mail? The mbox files are all

Setting SSH_ASKPASS_REQUIRE=never in the environment on my xubuntu 23.10 system doesn't seem to work. I have set it:- chris$ env | grep SSH SSH_AUTH_SOCK=/run/user/1000/keyring/ssh SSH_ASKPASS_REQUIRE=never chris$ But I still get the annoying GUI pop-up rather than being asked for the passphrase in the terminal window. Is this a bug or am I doing something wrong? --

> > There must be *something* in the environment that affects this because > I'm seeing two different ways of asking for the passphrase on the same > screen. The only difference is that one is a simple terminal window > running on my system and the other is one where I have used ssh to > connect to a remote system and then ssh again back to the 'home' > system.

I have an rsync daemon running on a 64-bit (x86_64) system which I successfully use for backups from several other 64-bit systems on my LAN. I want to use it for backups from a BeagleBone Black (32-bit, armv7l) but it fails as follows:- root at bbb:~# rsync -a /etc chris at backup::bbb Password: pre-xfer exec returned failure (256) rsync error: requested action not supported

I run a daily backup using 'rsync -a -F ....' I want to exclude everything in ~/.local/share **except** the file:- /home/chris/.local/share/evolution/calendar/system/calendar.ics I have the following in my rsync-filter file to exclude ~/.local/share - .local/share Can I simply add the following before the exclude line:- +

On Sat, Aug 10, 2024 at 10:34:45AM -0400, rsbecker at nexbridge.com wrote: > On Saturday, August 10, 2024 10:13 AM, Chris Green wrote: > >I have several ssh keys in the ~/.ssh directory of my desktop machine. > >As a result whenever I try to connect to a system which uses password > >authentication I get the "Too many authentication failures" error. > > >

I use rsync a lot, it's a wonderful tool. I use it almost exclusively on Linux systems and it would be really handy if I could set a number of options which would always be used when I run rsync. These would be in addition to -a which is useful but not quite enough. In particular I always want to copy extended attributes (-X), ACLs (-A) and hardlinks (-H). I've recently lost a number

On Mon, Oct 21, 2024 at 08:24:46PM +0000, Tim Rice via openssh-unix-dev wrote: > Hi Chris, > > > tl;dr In my experience, you get a lot of bang for your buck simply by denying > all password authentication, and only permitting keypair authentication. > If you're already doing this much, then you're on the right track. > What do you mean by "keypair

On Mon, Oct 21, 2024 at 08:50:44PM +0000, Tim Rice via openssh-unix-dev wrote: > Hi Chris, > > > What do you mean by "keypair authentication"? > > That's the authentication you use when you have ssh-keygen provide you > with a private key and a public key, and distribute the public key to all > the different authorized_keys files. > But he says not to

This refers to version 3.0.0pre6 if that's relevant. I was expecting that if I specified the --copy-unsafe-links option to rsync that I'd then get no warnings about 'skipping non-regular file "bla/bla/bla"' but it doesn't seem to work like that. It *sounds* from the man page that if I set --copy-unsafe-links then symlinks that point 'elsewhere' will copy the

rsync: recv_generator: failed to stat "/freecom/backup/www/html/chris/info/computer/hardware/networkStorage/freecom/objects\00005151.pdf": Invalid argument The file exists OK. -- Chris Green

I'm getting this error message and I don't really understand what rsync is trying to tell me:- rsync: link_stat "/rdiffBackup/gradwell/Mail/." failed: No such file or directory (2) rsync error: some files could not be transferred (code 23) at main.c(977) [sender=2.6.9] Can anyone explain what it's saying please. /rdiffBackup/gradwell/Mail/ does exist and is

I have several ssh keys in the ~/.ssh directory of my desktop machine. As a result whenever I try to connect to a system which uses password authentication I get the "Too many authentication failures" error. Yes, I know I can get round this by setting PreferredAuthentications but this is rather a nuisance to have to do individually for all systems that use password authentication. It

OK, I think I have realised what has been confusing me (and, maybe you, in the plural). I have been looking at this security question with a sort of 'tunnel vision', I'm concerned with login security of remote systems **when viewed from my desktop**. For this specific case, i.e. when someone is sitting at my desk, or has my laptop in front of them, there is little to choose between