search for: monkeysphere

Howdy, We in the Ubuntu Server world have been using a handy little shell utility for a couple of releases now, called 'ssh-import-id' [1]. Whereas ssh-copy-id _pushes_ a public key from one system to another, ssh-import-id _pulls_ a public key from a secure key server and installs it. It takes one or more userid's as command line arguments, loops over them, sequentially attempts to

...of 077) when it creates known_hosts for me (tested with OpenSSH 4.8 on OpenBSD 4.3 and OpenSSH 5.1 on Debian testing): $ uname -a OpenBSD openbsdtest.squeak.fifthhorseman.net 4.3 GENERIC#698 i386 $ umask 077 $ ls -l ~/.ssh/known_hosts ls: /home/dkg/.ssh/known_hosts: No such file or directory $ ssh monkeysphere.info The authenticity of host 'monkeysphere.info (204.13.164.191)' can't be established. RSA key fingerprint is e8:7e:5b:7d:bc:6f:08:22:80:00:bb:0a:83:ef:bd:7a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'monkeysphere.info,204.13.164.19...

A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20081103/e9bffea8/attachment.bin

Hi, As far as I can tell, when working in an environment with many servers, there seem to be several ways for your client to authenticate the HostKeys of each: 1) Set StrictHostKeyChecking=no, and hope you don't get MITM'd the first time you connect to a server. 2) Use SSHFP records (which generally requires you to have DNSSEC fully deployed to be meaningful compared to #1, I think?)

...} [release.debian.org] pu: package sikuli/1.0~x~rc3.tesseract3-dfsg1-5+deb7u1 Removed tag(s) moreinfo. > tags 710035 - moreinfo Bug #710035 {Done: Moritz Muehlenhoff <jmm at inutil.org>} [release.debian.org] RM: chicken/4.7.0-1 Removed tag(s) moreinfo. > found 668754 0.36-1 Bug #668754 [monkeysphere] monkeysphere: unowned files after purge (policy 6.8, 10.8) Marked as found in versions monkeysphere/0.36-1. > found 672256 5.2.2+20130718-2 Bug #672256 {Done: Roland Mas <lolando at debian.org>} [gforge-db-postgresql] gforge-db-postgresql: unowned files after purge (policy 6.8, 10.8): /et...

...connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which would be blocked otherwise to defend against brute force attacks. Another interested user is monkeysphere (currently using option 1) below). Solutions: ~~~~~~~~~~ 1) (Ab)using ProxyCommand. This is employed in some howtos on port knocking. It however has the disadvantage that TCPKeepAlive and some timeout options are no longer honoured. 2) Wrapping ssh. While this does not disable other options...

...as of 5.7p1 (since the switch from PEM_read_PrivateKey() to PEM_read_bio_PrivateKey(), and reading the file into an ssh buffer directly). Being able to read from a FIFO is nice for tools that don't want to put keys directly on the filesystem. In fact, we were relying on that behavior for the monkeysphere, and it's currently breaking because of the change: https://labs.riseup.net/code/issues/2735 The attached patch fixes things so that ssh-add can read from a FIFO again. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: -...

...known_hosts files. For lines that have comments, the hostname is not diplayed in the ssh-keygen -l output. Please see the attachment for a demonstration of the effect. As you can see in the last command in the attachment, the hostname is not present in the display, although the comment is. The monkeysphere [0] program uses the comment field in known_hosts files, so this may present a problem for users of that program. Thanks for the help. [0] http://web.monkeysphere.info/ -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------...

https://bugzilla.mindrot.org/show_bug.cgi?id=1663 Summary: Allow to use agent for distribution of public keys. Product: Portable OpenSSH Version: 5.3p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org

Hi, OpenSSH 5.4 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a big release, with a number of major new features and many bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH

...9;docbookwiki' > submitter 659288 ! Bug #659288 [openjdk-6-jre-zero] openjdk-6-jre-zero: uninstallable in squeeze Changed Bug submitter to 'Andreas Beckmann <anbe at debian.org>' from 'Andreas Beckmann <debian at abeckmann.de>' > submitter 668754 ! Bug #668754 [monkeysphere] monkeysphere: unowned files after purge (policy 6.8, 10.8) Changed Bug submitter to 'Andreas Beckmann <anbe at debian.org>' from 'Andreas Beckmann <debian at abeckmann.de>' > submitter 663525 ! Bug #663525 [tome] tome: unowned files after purge (policy 6.8, 10.8) Cha...

...] 1000 4630 6046 62 2 0 0 dbus-launch Sep 5 18:03:14 pcale kernel: [ 985.495209] [ 4632] 1000 4632 7966 386 1 0 0 dbus-daemon Sep 5 18:03:14 pcale kernel: [ 985.495212] [ 4633] 1000 4633 15858 4151 2 0 0 monkeysphere-va Sep 5 18:03:14 pcale kernel: [ 985.495216] [ 4648] 1000 4648 145588 1736 1 0 0 gnome-settings- Sep 5 18:03:14 pcale kernel: [ 985.495219] [ 4657] 1000 4657 15497 165 2 0 0 gvfsd Sep 5 18:03:14 pcale kernel: [ 985.495221] [ 4663] 10...