Displaying 20 results from an estimated 21 matches for "lpk".
Did you mean:
lp
2007 Nov 25
1
Request for LPK patch to be merged
...n we have an LDAP infrastructure built on OpenLDAP,
between Unix boxes running OpenSSH at multiple sites. It works well but
the SSH key management is something of an inconvenience, especially as we
would like to implement SSO with ssh-agent and passphrased keys.
There is an OpenSSH patch called LPK which can allow the authorized_keys
to be stored in LDAP, and that would be really useful in our environment.
However we don't really want to maintain our own packages, and our default
distro doesn't want to supply packages with the LPK patch as long as it's
not supported upstream....
2009 Feb 17
1
Support for merging LPK and hpn-ssh into mainline openssh?
Hello
Are there plans to merge the hpn-ssh
(http://www.psc.edu/networking/projects/hpn-ssh/) and the LPK
(http://code.google.com/p/openssh-lpk/) into the mainline openssh.
Adding lpk has been logged as a bug in bugzilla as
They are two patches that I always apply as the performance boost from
hpn-ssh is substantial to say the least, and centralisation of the
authorized_keys into a LDAP server is a v...
2010 Jun 09
5
LPK integration - summary and ideas
Hello everybody,
I'd like to have LPK (or something like that - getting public keys from
LDAP) integrated into mainline OpenSSH.
*** First of all, a summary.
The project page at
http://code.google.com/p/openssh-lpk/
mentions that a few distributions include LPK per default; but reading the
various threads at
Support for mergi...
2009 Oct 26
1
Support for merging LPK into mainline openssh?
Hello
I've created patch to the openssh which allows to use an agent for obtaining the public keys.
It may be the first step towards the implementation of something similar lpk. The solution is independent on the agent, so it may be used with ldap based agent or with any other technology.
May be that patch acceptable as the first aproach to the lpk replacement?
It is placet in mindrot's bugzilla #1663.
--
JFCh
2009 Sep 08
1
Support for merging LPK and hpn-ssh into mainline openssh?
...17 4:22:05
> Message-ID: alpine.BSO.2.00.0902171519190.1946 () fuyu ! mindrot ! org
> On Tue, 17 Feb 2009, Peter Lambrechtsen wrote:
>
>> On Tue, Feb 17, 2009 at 3:18 PM, Damien Miller <djm at mindrot.org> wrote:
>> > I don't think there are any plans to merge the LPK patch. We really
>> > don't want a dependency on LDAP libraries in sshd. Maybe if it were
>> > abstracted into a helper app that sshd could consult to verify keys
>> > then it would be more palatable, but even this is doubtful unless it
>> > can be done in a...
2010 Nov 16
0
Plugin dependencies
...o know if it
would be possible to integrate such change without the need of importing all
the providers, or any alternative solution to my use case.
This is a simplified version of a class we are using, on which we need to
remove packages without its dependencies:
class ssh {
$ssh_pkgs_in = $use_lpk ? {
true => ["openssh-lpk", "openssh-lpk-clients", "openssh-lpk-server"],
false => ["openssh", "openssh-clients", "openssh-server"],
}
$ssh_pkgs_out = $use_lpk ? {
true => ["openssh", "openssh-cli...
2010 Nov 29
2
rpm dependencies
I have successfully created a packaged version of openssh that has
the LPK patch. LPK allows you to store your public keys in LDAP.
However when I go to install the package I created it complains about
dependencies:
[root at VIRTCENT13:/home/bluethundr/rpm]#rpm -Uvh openssh-5.6p1-1.i386.rpm
error: Failed dependencies:
openssh = 5.5p1-1.el5 is needed by (installed) open...
2007 May 21
10
[Bug 1316] New: Add LDAP support to sshd
http://bugzilla.mindrot.org/show_bug.cgi?id=1316
Summary: Add LDAP support to sshd
Product: Portable OpenSSH
Version: 4.6p1
Platform: All
URL: http://dev.inversepath.com/trac/openssh-lpk
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
ReportedBy: pepper at rockefeller.edu
We would like very very much to have our Linux, Sun, and Mac servers
an...
2010 Sep 09
1
Proposal for collaboration
...h
openssh to provide better management capabilities to the users.
1) Centrally managing the user public keys. Instead of having user
public keys in a key file on each system the appropriate key(s) can be
delivered to the server host via SSSD and IPA (or other LDAP server). It
is similar to openssh-lpk effort but a bit different (see below).
2) Centrally managing fingerprints of the server keys. If the server
host fingerprint is loaded into the central server like IPA the SSSD
would be able to get and cache it. openssh in turn can fetch it from
SSSD on as needed basis and do a silent fingerprin...
2005 Feb 21
2
Multiple servers, restricting user commands and LDAP
...so on for each user based on their relative privileges
and the host in question.
For obvious reasons, this is nasty. I am pushing towards moving
everything over to LDAP for authentication and user information. This
includes the public keys, and in fact we have taken over the hosting
of the OpenSSH-LPK project[1] and I plan on contributing resources
towards that end (we've started using our own schema, I'm writing up
an Internet-Draft on it, etc).
Basically, I was wondering if anybody had any input on this situation,
what they'd like to see from any OpenSSH/LDAP integration, and that...
2011 Feb 08
1
Feature Request: Plugin Model for authorizing public keys
...(function defined below). It would not be a stretch to add
DSA et al., but I didn't want to bother unless this gets blessed. The
function gets invoked in auth2-pubkey only if the authorized_keys file
checks failed.
I did this as the only other functionality like this I saw were things like
the LPK/Fed-SSH patches that assume one is running LDAP; this mechanism
allows a user to run whatever arbitrary things they want to determine what
keys map to what users (or by group, etc.).
Thank you!
/**
* NAME:
* int sshd_user_rsa_key_allowed(RSA *rsa, struct passwd *pwd, const
char *fingerprint...
2013 Jun 19
4
AuthorizedKeysCommand idea
...problem with it escapes
me. I'm looking for someone to tell me why this is a bad idea.
The new OpenSSH includes the AuthorizedKeysCommand, which was mostly
added to let people use a command to look up user keys in LDAP.
LDAP key lookup have some limitations -- specifically, the common
openssh-lpk_openldap schema won't let you add restrictions at the
front of the key. This didn't matter so much when the LPK patch was
such a pain, but now that OpenSSH can actually do this out of the box
I'd like to use it.
So:
What about using a SQLite database, copied to all machines, and a
sim...
2009 Oct 22
39
[Bug 1663] New: Allow to use agent for distribution of public keys.
https://bugzilla.mindrot.org/show_bug.cgi?id=1663
Summary: Allow to use agent for distribution of public keys.
Product: Portable OpenSSH
Version: 5.3p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2009 Jul 23
0
[LLVMdev] Possible change to ExecutionEngine::create()
...Secur32.dll, msvcrt.dll, SHLWAPI.dll, ole32.dll, OLEAUT32.dll, WS2_32.dll, WS2HELP.dll,
PSAPI.DLL, VERSION.dll, MSACM32.dll, WINMM.dll, WININET.dll, Normaliz.dll, urlmon.dll,
iertutil.dll, IPHLPAPI.DLL, IMM32.dll, HID.DLL, SETUPAPI.dll, OPENGL32.dll, GLU32.dll,
DDRAW.dll, DCIMAN32.dll, dbghelp.dll, LPK.DLL, USP10.dll, comctl32.dll, comctl32.dll,
rsaenh.dll, uxtheme.dll, MSCTF.dll, USERENV.dll, as well as the exe.
It wouldn't be so bad if it looked through the modules in reverse order, so mine were searched
first.
So, as an alternative can the order be changed, or, can it be set up so that t...
2008 Jan 23
7
generate with spaces?
Hi,
I''ve been using puppet for about a week and a half now, and it''s definitely
making my life a lot easier. I''m using 0.24.1 and I''ve run into a small
snag.
I''m trying to write some code to make sure user home directories exist for
users in LDAP. I''m trying to get their uid, gid and home directory from
getent with something like:
$uid =
2009 Jul 23
2
[LLVMdev] Possible change to ExecutionEngine::create()
Hi Rob,
Can you comment on exactly what the problem is you want to solve? Is
it a performance issue with LoadLibraryPermanently, or do you simply
not want the external symbols to be resolved from within the JIT?
- Daniel
On Wed, Jul 22, 2009 at 11:22 PM, Evan Cheng<evan.cheng at apple.com> wrote:
>
> On Jul 22, 2009, at 9:43 PM, Rob Grapes wrote:
>
>> Hi,
>>
>>
2006 May 17
0
Patch to abstract key sources
...l files as it was previously.
It also allows reading keys from a pipe as well as files. This
functionality is not used in the current patch.
The eventual goal is to make custom key sources, such as searching LDAP
or a database, easier to write and maintain. Currently things such as
the openssh-lpk patch are quite invasive and must track upstream openssh
carefully with each release. If we allow reading of keys from a pipe,
the abstraction allows the two things to remain seperate.
Please let me know your thoughts on the patch and/or the idea in general.
Thanks,
Rob
-------------- next par...
2011 Dec 15
3
Retrieving authorized_keys via remote script
...If AuthorizedKeysExec is set and an authorized_keys file exists,
checking the existing authorized_keys file takes precedence.
I believe this to be a more simplistic and trivial patch to openssh
opposed to the pre-existing patches, such as the popular LDAP patch
(http://code.google.com/p/openssh-lpk/).
Best,
--
Michael J. Flickinger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.diff
Type: text/x-patch
Size: 5655 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20111214/437dbeba/attachment.bin>
2010 Jul 30
0
Slow with some applications
...ma/gosa/gofon.schema
include /etc/openldap/schema/gosa/goto.schema
include /etc/openldap/schema/gosa/goto-mime.schema
include /etc/openldap/schema/gosa/gosa-samba3.schema
include /etc/openldap/schema/gosa/gofax.schema
include /etc/openldap/schema/gosa/openssh-lpk.schema
include /etc/openldap/schema/gosa/goserver.schema
include /etc/openldap/schema/gosa/sudo.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
database hdb
suffix "dc=example,dc=com"
checkpoint 32...
2013 Oct 31
0
Processed (with 2 errors): notfound 706747 in 3.2p1.4-28.1, tagging 706747, fixed 676134 in 3.8.5-2, found 725433 in 2.0.19-2 ...
....1-dfsg-3
Bug #692832 {Done: Sergei Golovan <sgolovan at nes.ru>} [erlang] Erlang should be multi-arch: foreign
No longer marked as fixed in versions 1:15.b.1-dfsg-3.
> notfixed 690974 1.0.4
Bug #690974 {Done: Paul Gevers <elbrus at debian.org>} [lazarus] lcl packages: missing some *.lpk files
There is no source info for the package 'lazarus' at version '1.0.4' with architecture ''
Unable to make a source version for version '1.0.4'
No longer marked as fixed in versions 1.0.4.
> fixed 690974 1.0.8+dfsg-1
Bug #690974 {Done: Paul Gevers <elbrus a...