search for: proulx

...#39;s configured shell? ssh -oCommandShell=/bin/sh example.com "my command here" But maybe there is already a way to do this and I just have not been able to figure it out? This problem finally caused me enough trouble that I decided I would need to ask for help. Thanks Bob -- Bob Proulx <bob at proulx.com> http://www.proulx.com/~bob/ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev at mindrot.org http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

I am supporting a site that allows members to upload release files. I have inherited this site which was previously existing. The goal is to allow members to file transfer to and from their project area for release distribution but not to allow general shell access and not to allow access to other parts of the system. Currently rsync and old scp has been restricted using a restricted shell

Bob Proulx wrote: > Here is a patch that I believe should fix the problem. I will also > attach it so that there won't be any mailer problems with the > transport of it. And I broke it in the editing of it. Drat! > + bridge=$(brctl show | | awk 'NR==2{print$1}') Which is obviousl...

I concur. It should be the operating system's responsibility to come up with appropriate error messages, not every application that runs on the operating system. From: openssh-unix-dev <openssh-unix-dev-bounces+herbie.robinson=stratus.com at mindrot.org> On Behalf Of Bob Proulx Sent: Thursday, January 9, 2025 10:45 AM To: openssh-unix-dev at mindrot.org Subject: Re: ssh-keygen: error if file is directory You don't often get email from bob at proulx.com<mailto:bob at proulx.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> SM...

...er last week...upon restart, I could not log back in using the root password the former employee left me. Is there a separate administrator password? Is there any way to reset that? As of right now I cannot gain access to the gui. Thanks for all your help. _____________________________ Joey Proulx Technology Coordinator Seabrook Schools 256 Walton Road Seabrook, NH 03874 (603) 474-2252, ext 136 jproulx@sau21.k12.nh.us

Salar Nosrati-Ershad wrote: > On several tasks if you pass a directory as a file to ssh-keygen, the > program wouldn't check the file mode to check if it's a directory like: > `Saving key "./test/" failed: Is a directory` > After asking the user to overwrite or not. Seems an appropriate error message is emitted to the caller if the argument is of an incorrect type.

Hi all, I have a very strange problem with the public key authentication with 2 machines. I generated the key, configured the authorized_keys etc.. etc.. This is all ok, now: The ssh works without the password for the "root" user, any other user cannot use the key and ssh ask me for the password !! I cannot understand why only the root is able to connect without the password. So, the ssh

On Wed, 2013-08-07 at 22:55 -0600, Bob Proulx wrote: > Bob Proulx wrote: > > Here is a patch that I believe should fix the problem. I will also > > attach it so that there won't be any mailer problems with the > > transport of it. > > And I broke it in the editing of it. Drat! > > > + bridge=$(brctl...

There is another concept that I neglected to mention. In cases where something is checked and then later used there is a gap of time when the thing that was checked might be moved out of the way and replaced with a different thing before it is used. That's a classic race condition attack. There is really nothing to attack here but the concept is the same. In that case adding the directory

I would like to automatically deduce in a script if an ssh key is encrypted or not. Basically in a very particular application I want to be the BOFH and enforce that users place a passphrase on their id_rsa key. If they don't put a passphrase I want to send them back to ssh-keygen until they do. I have not been able to deduce a way to detect this yet. Any hints? Thanks Bob

Hello List, i need the feature of a password option (like --password) for scripting/testing purpose. I know its not secure and i am aware of that, i just need it for internal testing purpose. I did have a little look at the ssh source code, to see where i would hook in my code, but couldn't really find anything useful. I am really new to C. Is there a workaround or already an unofficial

Package: logcheck-database Version: 1.3.8 Severity: normal After double checking that I had the most up to date logcheck-database :-) I am seeing these lines reported. May 17 15:29:33 localhost named[1765]: error (network unreachable) resolving 'software.majix.org/A/IN': 2001:503:ba3e::2:30#53 I believe that this line was intended to match it. ^\w{3} [ :[:digit:]]{11}

Brian Candler wrote: > Chris Green wrote: > > ... redundant ones are because I have a mixed population of > > Raspberry Pis and such on my LAN and they get rebuilt fairly > > frequently and thus, each time, get a new entry in known_hosts. > ...many useful tips... > To disable host key checking altogether for certain domains and/or networks, > you can put this in

On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and...

Package: logcheck Version: 1.3.7 Severity: normal After installing logcheck on a system it posted an error to the cron mail address hourly. An untrapped script error was posting stderr output to cron. It originated here: # Hostname either fully qualified or not. if [ $FQDN -eq 1 ]; then HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1 else

Hey folks, As most of everyone, I use OpenSSH for almost everything and whenever I can: backups, sync, Git, configuration management, and of course console sessions. So much for an intro ;) My laptop and I roam between three networks, though sometimes I leave the laptop at the office overnight, or hop over to the third site for an hour or two. I'd like to find a way to configure OpenSSH (or

Hi All, I''ve run into a bit of a tangle. I currently have two puppet masters which are "load balanced" with round robin DNS (one is also the CA). I''m using dns_alt_names to let them each answer to puppet.my.domain.com For the past year this has been fine. About a week ago I tried to add a third & while all my Linux clients are happy with the new arrangement,

I am trying to understand the details of the deprecation notice. Because I am getting people asking me questions. And I don't know the answer. Therefore I am pushing the boulder uphill and asking here. :-) Damien Miller wrote: > Future deprecation notice > ========================= > > It is now possible[1] to perform chosen-prefix attacks against the > SHA-1 algorithm for

Hi. I would like to add an option [-p port] to ssh-copy-id. If this option is given then ssh-copy-id calls ssh with -p port to connect to non-standard port. The patch [1] adds this option to ssh-copy-id and documents it in ssh-copy-id(1) man page [1] http://plautrba.fedorapeople.org/openssh/718674/ssh-copy-id-p-port.patch Thanks, Petr diff --git a/contrib/ssh-copy-id

On Wed, Aug 07, 2013 at 08:09:59PM -0600, Bob Proulx wrote: >The behavior of the upstream GNU cut has changed. It is no longer >allows the usage of cutting lines as fields by setting a newline as >the delimiter. This has broken /etc/xen/scripts/vif-bridge which uses >it in this way. > >This was originally reported by Volker Klasen...