search for: pubkey

...ID c105b9de: BAD error: rpmdbNextIterator: skipping h# 1028 Header V3 RSA/SHA1 \ Signature, key ID c105b9de: BAD - - - - 8< snipped for brevity, continuing to end - - - - ->8 - - - - error: rpmdbNextIterator: skipping h# 1019 Header V3 RSA/SHA1 \ Signature, key ID c105b9de: BAD gpg-pubkey-fe837f6f-4e0fd77e Thu 17 Jul 2014 12:00:11 AM EDT gpg-pubkey-ef1d6db8-4e0fd7f0 Thu 17 Jul 2014 12:00:11 AM EDT gpg-pubkey-d0ff3d16-4e0fd442 Thu 17 Jul 2014 12:00:11 AM EDT gpg-pubkey-a0bdbcf9-42d1d837 Thu 17 Jul 2014 12:00:11 AM EDT gpg-pubkey-11f63c51-3c...

...d 30) and one SSH server - Each of them have a unique public key and create one dynamic reverse port forwarding on the server - All of them connect with the same UNIX user (I don't want to create a new user each time, I add a new device) When I connect to the server, I would like to know which pubkey as open which reverse port. I would like to know which is the proper / easiest way to achieve this? Thanks for your help, Clement

Hi, is there a particular reason why this feature is "user" based and not "user-pubkey" based? What I mean is that it works for installation with small number of pubkeys per user. But imagine i.e. a GitHub scale - all users logging in as user "git". On each auth request all the keys from database would be fetched and feeded to OpenSSH. Now I am only asking this out o...

HD Moore from MetaSploit has noted that, given a pubkey (and not the corresponding private key, as might be found in authorized_keys), he can determine if he'd be able to log into an account. It's a small thing, but he's using it for very interesting recon/deanonymization. He'll be releasing a paper shortly, not overplaying the charact...

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi all, i have two OSX boxes set up for ssh via pubkey auth only. i'm setting up rsync comms for the first time. i have rsyncd running on box A. no-auth rsync from box B to/from box A's rsyncd works as expected. rsync@B to/from rsyncd@A using pubkey-auth'd-ssh trasport: rsync --verbose --stats --recursive -e "ssh -F $MY_SSH_CONF...

https://bugzilla.mindrot.org/show_bug.cgi?id=2082 Bug ID: 2082 Summary: Please add pubkey fingerprint to authentication log message Classification: Unclassified Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Compo...

...g.txt and it comes back to the prompt, like it worked, but attempting to confirm the download: rpm -K rpmforge-release-0.5.2-2.el6.rf.*.rpm results in: error: rpmforge-release-0.5.2-2.el6.rf.*.rpm: open failed: No such file or directory (Turning -vv on the -import) D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key D: loading keyring from rpmdb D: opening db environment /var/lib/rpm cdb:mpool:joinenv D: opening db index /var/lib/rpm/Packages rdonly mode=0x0 D: locked db index /var/lib/rpm/Packages D: ope...

https://bugzilla.mindrot.org/show_bug.cgi?id=2678 Bug ID: 2678 Summary: PubKey Authentication fails when more than one user/group ACL is set on any Path component to authorized_keys Product: Portable OpenSSH Version: 5.3p1 Hardware: amd64 OS: Linux Status: NEW Severit...

http://bugzilla.mindrot.org/show_bug.cgi?id=937 Summary: ssh2 pubkey auth broken by user:style syntax Product: Portable OpenSSH Version: -current Platform: All OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org...

Hi. The error message 'AuthorizedKeyCommandUser \"%s\" not found' in user_key_command_allowed2() should inform about non-existing username, not about command. --- auth2-pubkey.c 14 Nov 2012 08:04:02 -0000 1.36 +++ auth2-pubkey.c 14 Feb 2013 16:50:04 -0000 @@ -480,7 +480,7 @@ pw = getpwnam(username); if (pw == NULL) { error("AuthorizedKeyCommandUser \"%s\" not found: %s", - options.authorized_keys_command, strerror(errno)); + userna...

I'm running a Debian VPS that was originally configured with OpenSSH 5.5 and I could use pubkey auth without issue. A few days ago, I decided to compile and install OpenSSH 6.2 for the AES-GCM support, and now I cannot login to my server with pubkey auth. I can't seem to figure out what the problem is, and when I replace the new sshd with the one originally included with my server, it res...

Hi, I'm using 2-factor authentication (pubkey+googe_authenticator) and have an issue with rsync. It's configured to use pubkey to authenticate to server so when google_authentication is bypassed by not creating .google_authenticator file for particular user (thanks to nullok option in PAM) it still sends to stderr "Authenticated with...

...names. but it seems it does something else holst at hholst-lt:~$ unshare -r root at hholst-lt:~# echo "~ expands to" ~ "and \$HOME is" $HOME ~ expands to /home/holst and $HOME is /home/holst root at hholst-lt:~# ssh sdf.org Could not create directory '/root/.ssh'. load pubkey "/root/.ssh/id_rsa": Permission denied load pubkey "/root/.ssh/id_rsa": Permission denied load pubkey "/root/.ssh/id_dsa": Permission denied load pubkey "/root/.ssh/id_dsa": Permission denied load pubkey "/root/.ssh/id_ecdsa": Permission denied load...

...experiencing the issue laid out in this thread from last year: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106908815129641&w=2 The discussion that ensued resulted in a number of ideas on how best to 'fix' this issue. The two that seemed most reasonable were: 1. implement a pubkey-only option to PermitRootLogin that would only allow root to login using pubkey authentication. 2. implement a more flexible arrangement where a list of allowed authentication methods could passed to PermitRootLogin. I looked through the code and it seems that both are straightforward to code,...

...erator: skipping h# 1028 Header V3 RSA/SHA1 \ > Signature, key ID c105b9de: BAD > > - - - - 8< snipped for brevity, continuing to end - - - - ->8 - - - - > > error: rpmdbNextIterator: skipping h# 1019 Header V3 RSA/SHA1 \ > Signature, key ID c105b9de: BAD > > gpg-pubkey-fe837f6f-4e0fd77e Thu 17 Jul 2014 12:00:11 AM EDT > gpg-pubkey-ef1d6db8-4e0fd7f0 Thu 17 Jul 2014 12:00:11 AM EDT > gpg-pubkey-d0ff3d16-4e0fd442 Thu 17 Jul 2014 12:00:11 AM EDT > gpg-pubkey-a0bdbcf9-42d1d837 Thu 17 Jul 2014 12:00:11 AM EDT > gp...

https://bugzilla.mindrot.org/show_bug.cgi?id=1523 Summary: Log public key identifier on pubkey login Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: jm9991...

I am trying to use F-Secure SSH on a RH7.1 machine to connect using any pubkey method to an OpenSSH on a Debian 'woody' stable server (with current Debian security patches). Interactive password authentication works. But I have been unable to get any of the "passwordless" pubkey methods to work. I am trying to automate a copy where only ssh is allowed thr...

Hi, I'm wondering if that's planned or just occuring accidentally. With OpenSSH 4.0 and the upcoming 4.1, I'm getting two entries in syslog when a pubkey authentication logon was successful: Apr 7 13:19:10 cathi sshd : PID 66116 : Accepted publickey for corinna from 192.168.129.6 port 40207 ssh2 Apr 7 13:19:10 cathi sshd : PID 67060 : Accepted publickey for corinna from 192.168.129.6 port 40207 ssh2 I found that this only happens when privil...

https://bugzilla.mindrot.org/show_bug.cgi?id=1649 Summary: CreateObject : Mismatch auth between pubkey and password Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Cygwin on NT/2k Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: unassigned...

...d-interactive' is used). From my digging in the source, it seems it is currently not. Would it be possible to provide this information? Maybe using do_pam_putenv()? Would there be any security implications of doing this? The reason I'm asking is that I'm looking into using 2FA (i.e. pubkey + pam_google_authenticator) for *some* of my SSH keys. For example, a SSH privkey on my trusted box can login without verification code, but another SSH privkey on my not-as-trusted box requires a verification code to login. My initial thought was to implemented it through a pubkey whitelist i...