search for: pubkeys

Hi All, I had some health issues for a few months and I barely recall dealing with Heartbleed ... it's all just a blur. Now I'm getting back up to speed, but I have a pair of CentOS 6.6 x86_64 + Virtualmin 4.13 GPL servers which no longer seem to be picking up available updates. 'yum check' ran for about 25 minutes this evening on one of them and returned nothing useful. rpm -qa

Hello, I hope it's the correct ML to get support for "advanced" ssh use (sorry if it's not the case) And I would be very grateful if someone could help me on this issue. Here is my challenge : - I have X devices (around 30) and one SSH server - Each of them have a unique public key and create one dynamic reverse port forwarding on the server - All of them connect with the

Hi, is there a particular reason why this feature is "user" based and not "user-pubkey" based? What I mean is that it works for installation with small number of pubkeys per user. But imagine i.e. a GitHub scale - all users logging in as user "git". On each auth request all the keys from database would be fetched and feeded to OpenSSH. Now I am only asking this out of curiosity - was it easier to implement it the way it currently is? Currently it execut...

HD Moore from MetaSploit has noted that, given a pubkey (and not the corresponding private key, as might be found in authorized_keys), he can determine if he'd be able to log into an account. It's a small thing, but he's using it for very interesting recon/deanonymization. He'll be releasing a paper shortly, not overplaying the characteristic, but certainly showing it can be used

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi all, i have two OSX boxes set up for ssh via pubkey auth only. i'm setting up rsync comms for the first time. i have rsyncd running on box A. no-auth rsync from box B to/from box A's rsyncd works as expected. rsync@B to/from rsyncd@A using pubkey-auth'd-ssh trasport: rsync --verbose --stats --recursive -e "ssh -F

...signed-bugs at mindrot.org Reporter: michael at mgeb.org Hi all, As a pubkey is effectively a multiplexing of multiple sysadmins on a single user it would be very nice to have the pubkey fingerprint written per default in the authentication log line. Most of the time this is the reason pubkeys are forbidden for root, as it's not clear who logged in. There where patches for this at various companies though i've never seen them beyond the log lines which included the pubkey fingerprint. Michael -- You are receiving this mail because: You are watching the assignee of the bug.

...g.txt and it comes back to the prompt, like it worked, but attempting to confirm the download: rpm -K rpmforge-release-0.5.2-2.el6.rf.*.rpm results in: error: rpmforge-release-0.5.2-2.el6.rf.*.rpm: open failed: No such file or directory (Turning -vv on the -import) D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key D: loading keyring from rpmdb D: opening db environment /var/lib/rpm cdb:mpool:joinenv D: opening db index /var/lib/rpm/Packages rdonly mode=0x0 D: locked db index /var/lib/rpm/Packages D: open...

https://bugzilla.mindrot.org/show_bug.cgi?id=2678 Bug ID: 2678 Summary: PubKey Authentication fails when more than one user/group ACL is set on any Path component to authorized_keys Product: Portable OpenSSH Version: 5.3p1 Hardware: amd64 OS: Linux Status: NEW

http://bugzilla.mindrot.org/show_bug.cgi?id=937 Summary: ssh2 pubkey auth broken by user:style syntax Product: Portable OpenSSH Version: -current Platform: All OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hi. The error message 'AuthorizedKeyCommandUser \"%s\" not found' in user_key_command_allowed2() should inform about non-existing username, not about command. --- auth2-pubkey.c 14 Nov 2012 08:04:02 -0000 1.36 +++ auth2-pubkey.c 14 Feb 2013 16:50:04 -0000 @@ -480,7 +480,7 @@ pw = getpwnam(username); if (pw == NULL) { error("AuthorizedKeyCommandUser

I'm running a Debian VPS that was originally configured with OpenSSH 5.5 and I could use pubkey auth without issue. A few days ago, I decided to compile and install OpenSSH 6.2 for the AES-GCM support, and now I cannot login to my server with pubkey auth. I can't seem to figure out what the problem is, and when I replace the new sshd with the one originally included with my server, it

Hi, I'm using 2-factor authentication (pubkey+googe_authenticator) and have an issue with rsync. It's configured to use pubkey to authenticate to server so when google_authentication is bypassed by not creating .google_authenticator file for particular user (thanks to nullok option in PAM) it still sends to stderr "Authenticated with partial success." message although it

https://bugzilla.mindrot.org/show_bug.cgi?id=3048 Bug ID: 3048 Summary: ssh reads from the wrong directory in user namespace Product: Portable OpenSSH Version: 7.9p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hello, I'm currently experiencing the issue laid out in this thread from last year: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106908815129641&w=2 The discussion that ensued resulted in a number of ideas on how best to 'fix' this issue. The two that seemed most reasonable were: 1. implement a pubkey-only option to PermitRootLogin that would only allow root to login

Hi, On Tue, Apr 28, 2015 at 10:37 AM, <carlh04426 at gmail.com> wrote: > Hi All, > > I had some health issues for a few months and I barely recall dealing > with Heartbleed ... it's all just a blur. Now I'm getting back up to > speed, but I have a pair of CentOS 6.6 x86_64 + Virtualmin 4.13 GPL > servers which no longer seem to be picking up available updates.

https://bugzilla.mindrot.org/show_bug.cgi?id=1523 Summary: Log public key identifier on pubkey login Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

I am trying to use F-Secure SSH on a RH7.1 machine to connect using any pubkey method to an OpenSSH on a Debian 'woody' stable server (with current Debian security patches). Interactive password authentication works. But I have been unable to get any of the "passwordless" pubkey methods to work. I am trying to automate a copy where only ssh is allowed through the firewalls.

Hi, I'm wondering if that's planned or just occuring accidentally. With OpenSSH 4.0 and the upcoming 4.1, I'm getting two entries in syslog when a pubkey authentication logon was successful: Apr 7 13:19:10 cathi sshd : PID 66116 : Accepted publickey for corinna from 192.168.129.6 port 40207 ssh2 Apr 7 13:19:10 cathi sshd : PID 67060 : Accepted publickey for corinna from

https://bugzilla.mindrot.org/show_bug.cgi?id=1649 Summary: CreateObject : Mismatch auth between pubkey and password Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Cygwin on NT/2k Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

Hi, first of: my familiarity with OpenSSH/Pam code-base is very limited.. Please excuse me if some of this does not make any sense or seems stupid! I'm investigating if it is possible for a PAM module to find out which public key was accepted (when 'AuthenticationMethods publickey,keyboard-interactive' is used). From my digging in the source, it seems it is currently not. Would