search for: kragenba

...rn to report client certificate fingerprints to the dovecot auth server? Like that even client certificate verification could be handled by dovecot auth, aka via SASL, and administrators would have to take care for one user database only? Other than that i say Ciao from Germany! --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

...d highly configurable applications. dovecot for example, i track the source for a couple of years, comes with 568 files changed, 26488 insertions(+), 6969 deletions(-) for my last update (v2.3.10.1 to v2.3.11.3). This is a lot. Thank you. And Ciao! and good night from Germany, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

...bsd.org> AuthorDate: 2017-04-11 17:01:11 +0000 -Some programs use defined error codes to distinguish between possible errors. -However, most programs in -.Ox -do not. +A few programs exit with the following non-portable error codes. +Do not use them. I disagree. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e...

...n, cannot be generated by OpenSSL (yet), and not portably anyway. I will attach these, i like them. Maybe i find time to make the OpenBSD variant work for IPv4 and IPv6, but i think it needs two sockets and select(2), so this is a bit of work. Ciao, and a nice Sunday everybody. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -------------- next part -------------- A non-text attachment was scrubbed... Name: s-port-knock.sh Type: text/x-shellscript Size: 9...

...NAL, i would rather have some password-protected crytographically secured certificates in my local store, and have client certificates in all the IoT devices, than have to mess around with the OAUTH that the major players press forward, for example. Thanks, and Ciao from Germany, --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

...o be continue..) Ie, for me personally sshfwkd would only make sense if it could be made to listen on a different interface than the real SSH server. I'll attach my very, very simple things, but which work for me without any problems for years. (They require IPv4.) |/Simon --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -------------- next part -------------- A non-text attachment was scrubbed... Name: port-knock-client.sh Type: text/x-shellscript Si...

...k.sh knock .ZX.pub /tmp/zt localhost 10000 /tmp/.Z.pub Of course it is a play thing, but for you all it is sunday and maybe you like it. 'Will review and polish it on Monday. TLS client certificates and things like capsicum or pledge/unveil or missing for, also after Monday. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -------------- next part -------------- A non-text attachment was scrubbed... Name: port-knock.sh Type: text/x-shellscript Size: 332...

...a O_APPEND|O_RDWR file requires an intermediate fseek(fout, 0, SEEK_END)) or fflush() which i consider a bug in Solaris stdio. J?rg Schilling however convinced me that the standard requires this behaviour, and it is also in the C FAQ. Nonetheless... --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

...eu>: ... |[.]do not |know about the AI_V4MAPPED flag[.] I have read https://datatracker.ietf.org/doc/html/draft-cmetz-v6ops-v4mapped-api-harmful-01 but as an application developer i find it ugly not to be able to "simply do it", and get back a mapped address. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)

...e too I think. |> |> I interpreted that as "make ssh-add exit with status 2 or 3 or 99, \ |> for example, as opposed to 1". Fyi there is the >35 years old BSD sysexits.h that unfortunately did not become standardized, but is widely available nonetheless. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e...

...ilure condition when ending a program. -Instead, the pre-defined exit codes from -.Nm -should be used, so the caller of the process can get a rough -estimation about the failure class without looking up the source code. I totally agree with the pre-2015 text. It it true. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e...

...e > dovecot auth server? Like that even client certificate > verification could be handled by dovecot auth, aka via SASL, and > administrators would have to take care for one user database only? > > Other than that i say > Ciao from Germany! > > --steffen > | > |Der Kragenbaer, The moon bear, > |der holt sich munter he cheerfully and one by one > |einen nach dem anderen runter wa.ks himself off > |(By Robert Gernhardt) Sorry for duplicate mail, I accidentically pressed too many keys... *sigh* Anyways, I'm not sure if you underst...

On 2024-07-20 at 16:30 -0400, James Ralston wrote: > The real issue here is that the Mailman configuration for the > openssh-unix-dev list does not appear to set > `dmarc_moderation_action` > (in `Privacy options` - `Sender filters`) to either `Munge From` or > `Wrap Message`, which is necessary for lists where ... "Necessary" if the client machines re going to penalize

Hi Damien, Damien Miller wrote on Tue, Aug 21, 2018 at 12:04:41PM +1000: > ok, djm@ Thanks for checking, and thanks to Val and Michael for testing. I just committed the patch to OpenBSD, others will likely take care of merging it to -portable. > (I'd prefer the comment before the return statement, but up to you) Immediately before the return statement, it looked really confusing,

On 12.03.20 19:09, Christoph Anton Mitterer wrote: > On Wed, 2020-03-11 at 21:39 +0100, Thomas Koeller wrote: > IMO, the idea itself sounds not the best... one must assume that such > invoked programs are not written "safe"... and thus an attacker could > potentially cause the system to run such programs a huge number of > times. As the anticipated action of the program is

...xample, i track the source for > a couple of years, comes with > 568 files changed, 26488 insertions(+), 6969 deletions(-) > for my last update (v2.3.10.1 to v2.3.11.3). This is a lot. > > Thank you. > And Ciao! and good night from Germany, > > --steffen > | > |Der Kragenbaer, The moon bear, > |der holt sich munter he cheerfully and one by one > |einen nach dem anderen runter wa.ks himself off > |(By Robert Gernhardt) I was trying to suggest that you could try dovecot submission server. It might work better with EXTERNAL authenticat...

> On Jan 10, 2025, at 11:33, Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > Fyi there is the >35 years old BSD sysexits.h that unfortunately > did not become standardized, but is widely available nonetheless. If you mean [this sysexits][*], that doesn't seem great for several reasons: 1. "A few programs exit with the following non-portable error codes. Do not

On 2025-01-10 09:57, Jim Knoble wrote: > >> On Jan 9, 2025, at 19:14, Corey Hickey <bugfood-ml at fatooh.org> wrote: >> >> To address this, modify ssh-add to: >> * [...] >> * exit with a status of 0 instead of 1 > > When Damien wrote: > >> Adding a new exit status for the >> no-keys-in-agent case would be >> acceptable too I

...lt;/div> <div> </div> <div> Thanks, </div> <div> and Ciao from Germany, </div> <div> </div> <div> --steffen </div> <div> | </div> <div> |Der Kragenbaer, The moon bear, </div> <div> |der holt sich munter he cheerfully and one by one </div> <div> |einen nach dem anderen runter wa.ks himself off </div> <div> |(By Robert Gernhardt) </div> </blockquote> <div&...

On Wed, 2024-06-19 at 16:11 -0400, Joseph S. Testa II wrote: > I suppose in the next few days, I'll try reproducing my original > steps > with the new version and see what happens. I managed to do some limited testing with a local VM, and the results are... interesting. I installed openssh-SNAP-20240626.tar.gz on a fresh and fully-updated Ubuntu Linux 24.04 LTS VM with 1 vCPU.