search for: pka

Hi All, I was able to create a public key for one of my servers that I log into frequently. Now I want to do this for a few more servers (where I use the same user id) and my user id on my laptop is the same as the servers. I also want to use PKA for other users accounts on the servers (for website editing and SFTP transfers) where my id on my laptop does NOT match the user on the server. I dont see at all how to make these changes as I already have an id_rsa and id_rsa.pub. So as an example: my user id on my laptop is: jtsm and the user...

...a lot of data in different dataframes(auto.0a, auto.0b, auto.0c, auto.5Na,...), that has similar names. I could print the names all at once wih a loop with the command paste(), see below: plot<-c("0a","0b","0c","5Na","5Nb","5Nc","PKa","PKb","PKc","5NPKa","5NPKb", "5NPKc","10NPKa","10NPKb","10NPKc","20NPKa","20NPKb","20NPKc") for (x in 1:length(plot)) { name<-paste("auto.",plot[x],sep="")...

...the point where exercising that freedom creates a risk to other people?s machines. Your freedom to have sshd enabled by default stops at the point where exercising that freedom creates risk to other people's machines. I can also use that logic with, password based auth by default, rather than PKA by default. A rather strong argument can be made, much more so than a very weak > weak password quality policy, for sshd on a default 7 day disable timer. That is, by default, after 7 days, sshd is stopped and disabled. In the autopsies of pwned computers is the quickly provisioned server with...

I am really new with R Graphical user interfacefunctions. I am developing a software package to calculate pKa (biochemistry) but I want to make it look aesthetically pleasing and make it user friendly. I have heard that R has some GUI (Graphical user interface) and you can do some really cool stuff out there. What are the limitations and what are some resources for help. I have found a couple of sources bu...

...ice and bypass the weak password complaint. > But as I have repeatedly pointed out here, the stock rules really are not that onerous. They basically encode best practices established 20 years ago. In order to protect a system that's Internet facing with challengeresponseauth (rather than PKA), the minimum password quality would need to be at least initially onerous. Whereas if things are properly configured such that ssh is only used internally, all you have to worry about are internal attacks which are hopefully rather rare. -- Chris Murphy

...e.com> keys on the local keyring. This option takes the* *# following arguments, in the order they are to be tried:* *# * *# cert = locate a key using DNS CERT, as specified in RFC-4398.* *# GnuPG can handle both the PGP (key) and IPGP (URL + fingerprint)* *# CERT methods.* *#* *# pka = locate a key using DNS PKA.* *#* *# ldap = locate a key using the PGP Universal method of checking* *# "ldap://keys.(thedomain)". For example, encrypting to* *# user at example.com <user at example.com> will check ldap://keys.example.com <http://keys.example.com&...

...efault when Cockpit has a switch for enabling it, and then expect it to be enabled there - that way it's opt in rather than opt out. And the problem with opt out is a lot of users don't know this service is running and exposes them to infiltration unless they have a strong passphrase or use PKA. > If you want a Linux distro that doesn?t ship with sshd enabled by default, that is already available. Given that CentOS does ship with sshd enabled by default, it makes sense that it should not allow itself to be so badly misconfigured that it allows trivial exploits. Well that's rath...

...abled by default, that is already available. Given that CentOS does ship with sshd enabled by default, it makes sense that it should not allow itself to be so badly misconfigured that it allows trivial exploits. > I can also use that logic with, password based auth by default, rather > than PKA by default. That?s more low-hanging fruit; we might get there someday. They turned off "PermitRootLogin yes" and "Protocol 1" in EL6 or EL7, the previous low-hanging fruit. Do you think those were bad decisions, too? > A rather strong argument can be made, much more so th...

...is > option takes the* > *# following arguments, in the order they are to be tried:* > *# * > *# cert = locate a key using DNS CERT, as specified in RFC-4398.* > *# GnuPG can handle both the PGP (key) and IPGP (URL + fingerprint)* > *# CERT methods.* > *#* > *# pka = locate a key using DNS PKA.* > *#* > *# ldap = locate a key using the PGP Universal method of checking* > *# "ldap://keys.(thedomain)". For example, encrypting to* > *# user at example.com <user at example.com> will check > ldap://keys.example.com &lt...

...ll absolutely stop using his iPad if it ever > requires him to use anything more than 4 numeric digits for his > password. The iPad never leaves the house. iPads can?t be coopted into a botnet. The rules for iPad passwords must necessarily be different than for CentOS. > the Mac has SSH PKA required. True, but more on-point here is that OS X ships with sshd disabled by default. You have to dig into the pref panes and tick an obscurely-named checkbox to enable it. > Their online services are another > matter, those I've made very clear they will be strong or they don't...

Once upon a time, Warren Young <wyml at etr-usa.com> said: > Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. Since most of that crap comes from Windows hosts, the security of Linux SSH passwords seems hardly relevant. > Your freedom to use

On Sat, 25 Jul 2015 11:16:18 -0600 Chris Murphy <lists at colorremedies.com> wrote: > On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins <scottro at nyc.rr.com> wrote: > > This might show up twice, I think I sent it from a bad address previously. > > If so, please accept my apologies. > > > > > > In Fedora 22, one developer (and only one) decided that if

...all, We are a Linux / Open Source company based in Bad Ragaz, Switzerland, developing commercial Rails applications since version 0.8. We''re currently looking for a skilled programmer with Rails experience to join our team. If you''re interested, please contact Pirmin Kalberer (pka at sourcepole.ch) for more information. -- Pirmin Kalberer Sourcepole - Linux & Open Source Solutions http://www.sourcepole.ch/

Hi, I am not sure if this problem has been discussed already. I am running red-hat LINUX 2.2.14 and the version of iproute that comes with it. The problem is that whatever I give as a command it tells me RTNETLINK answers : Invalid argument Example : tc qdisc add dev eth2 handle 10: root estimator 1sec 8sec prio bands 3 priomap 0 1 2 I have tried all kinds of combinations and it refuses to

...ic digits for his password. The iPad never leaves the house. Future concern is IPv6 stuff, now that Xfinity has forcibly changed their hardware to include full IPv6 support. I have no idea if this is NAT'd or rolling IPs or what. But the iPad has no remote services enabled. And the Mac has SSH PKA required. So I'm not that concerned about their crappy login passwords. Their online services are another matter, those I've made very clear they will be strong or they don't get to play. -- Chris Murphy

On 07/28/2015 03:06 PM, Chris Adams wrote: > Once upon a time, Warren Young <wyml at etr-usa.com> said: >> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > Since most of that crap comes from Windows hosts, the security of Linux >

Hi, I have server with multiple virtual domains and this server also accepts mail for the local domain. I'm using postfix and have the following setup for a virtual sales at domain.com mapped to custsales at localhost I was wondering if there is a way to login with the virtual email address, for example sales at domain.com? I would also like to still be able to login with the local user

...ubbles for this reason are called immune compromised. So this push to depend on stronger passwords just exposes how "immune compromised" we are in these dark ages of computer security. There are overwhelmingly worse side effects of password dependency than immunization. The very fact SSH PKA by default is even on the table in some discussions demonstrates the level of crap passwords are at. Software patches, SELinux and AppArmor are closer analogs to certain aspects of human immunity, but even that is an imperfect comparison. And also, a large percent of malware doesn't even depe...

...ault, challengeresponseauth by default, and a 9 character (even random) passphrase, and that shit is going to get busted into. Against a targeted attack by a botnet, you need something stronger than a 9 character password, today. Let alone 6 years from now. Those other measures need to get better (PKA only, put it behind a VPN). Not the password getting slightly longer. ATMs and credit cards in the U.S. The weak link is the magnetic stripe, not the 4 digit PIN. The enhancement for credit cards due this year is not 5 or 6 digit PINs. It's EMV chips. And the end user will be minimally affecte...

> On Jul 28, 2015, at 11:27, Warren Young <wyml at etr-usa.com> wrote: > > On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote: >> >> 1FuckingPrettyRose >> "Sorry, you must use no fewer than 20 total characters." >> 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow! >> "Sorry, you cannot use punctuation."