search for: revoked

...t;> ??????????????? permit-agent-forwarding >> ??????????????? permit-port-forwarding >> ??????????????? permit-pty >> ??????????????? permit-user-rc >> >> >> Now i try to revoke this certificate with >> >> ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17 >> id_user_rsa-cert.pub >> >> The serial is 1 less the serial of my created certificate >> >> Check, if my certificate is valid >> >> root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub >> id_user_rsa-cert.pub (test on...

https://bugzilla.mindrot.org/show_bug.cgi?id=3659 Bug ID: 3659 Summary: Certificates are ignored when listing revoked items in a (binary) revocation list Product: Portable OpenSSH Version: 9.2p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh-keygen Assignee: unassign...

...l Options: (none) ??????? Extensions: ??????????????? permit-X11-forwarding ??????????????? permit-agent-forwarding ??????????????? permit-port-forwarding ??????????????? permit-pty ??????????????? permit-user-rc Now i try to revoke this certificate with ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17 id_user_rsa-cert.pub The serial is 1 less the serial of my created certificate Check, if my certificate is valid root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub id_user_rsa-cert.pub (test on myhost - created by ansible (1564358942)): REVOKED Why? I thougt, wh...

...tc/ssl/dovecot/dovecot.pem ssl_key = </etc/ssl/dovecot/dovecot.pem ssl_ca = </etc/ssl/ca/ca.pem ssl_verify_client_cert = yes auth_ssl_require_client_cert = yes protocol !smtp { auth_ssl_require_client_cert = yes } ----------------- All works fine with valid certificates. But if I submit revoked certificate, dovecot doesn't send error or success messages to mail client, process 'imap-login' eats 100% CPU and completely hangs. Only SIGKILL can terminate it. When dovecot receives revoked certificate, following messages appears in the log: ------------------ Dec 2 13:50:26 mail...

...puppetca --revoke hostname puppetca --clean hostname restart puppetmaster puppetca --list --all (host does not show up - good) On client re-issue puppetd --server puppet --waitforcert 30 --test Error is : err: Could not retrieve catalog: Certificates were not trusted: sslv3 alert certificate revoked So how do I get rid of it? I can''t find a cert anywhere with either a valid cert or revoked.. Did I do this wrong? How do you remove and re- add a host? thanks ~J~ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to th...

...s SSL session warning: peer certificate won''t be verified in this SSL session info: Caching certificate for server182.domain.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': sslv3 alert certificate revoked err: /File[/var/lib/puppet/lib]: Could not evaluate: sslv3 alert certificate revoked Could not retrieve file metadata for puppet://puppet/plugins: sslv3 alert certificate revoked info: Creating state file /var/lib/puppet/state/state.yaml err: Could not retrieve catalog from remote server: sslv3 ale...

...al way kinit de7b07k0@ORG1.MYDOMAIN.NET and net ads join -U de7b07k0@ORG1.MYDOMAIN.NET wbinfo -m lists the trusted domains. So far so good. Unfortunately every few minutes I get error messages in the logfile: Oct 2 19:52:53 (none) winbindd[31193]: Kinit failed: Clients credentials have been revoked Oct 2 19:56:34 (none) winbindd[31193]: [2006/10/02 19:56:34, 0] libsmb/cliconnect.c:cli_session_setup_spnego(759) Oct 2 19:56:34 (none) winbindd[31193]: Kinit failed: Clients credentials have been revoked Oct 2 19:56:34 (none) winbindd[31193]: [2006/10/02 19:56:34, 0] libads/kerberos.c:ads_...

Hi, I have this problem: when I make a new request and sign the client''s certificate, then i get a "revoked certificate" error: err: Could not retrieve catalog from remote server: sslv3 alert certificate revoked I am using same version of puppet on master and clients, tried many times, dates are the same, and cleaned the "ssl" directory. Can someone help me? Thanks, Matteo -- You rec...

Hello, When I try to revoke certificates from my puppet installation, I get the following error : /etc/puppet/ssl# puppetca --revoke all all notice: Revoked certificate with serial # Inventory of signed certificates err: Could not call revoke: Cannot convert into OpenSSL::BN And nothing gets deleted. I didn''t find any information about this error, and couldn''t correct it. I''m using a gem installed puppet, version 0.25.5, wi...

Folks -- I am attempting to retrieve a new certificate on a Puppet client whose certificate was revoked on the Puppet master. The original certificate was revoked using the command: # puppet cert --revoke el5-puptest-2.localdomain I have deleted the /var/lib/puppet/ssl directory on the client, and issued the following command: # puppet agent --test --waitforcert=20 This produces the following...

On 17.04.18 12:38, Aki Tuomi wrote: > > > > On 17.04.2018 12:36, Reio Remma wrote: >> Hello! >> >> I noticed SpamAssassin *spamc* usage has entered the documentation at >> https://wiki2.dovecot.org/HowTo/AntispamWithSieve >> >> I'm wondering if the -C (report) option in sa-learn-ham.sh should >> use revoke instead of report for --ham

https://bugzilla.mindrot.org/show_bug.cgi?id=3204 Bug ID: 3204 Summary: Enable user-relative revoked keys files Product: Portable OpenSSH Version: 8.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: ma...

...et's suppose it is unique), or key hash SHA256:KdBh..., and no other kind of hash is known. The SHA256 hash is useless, because (at least according to the documentation) "ssh-keygen -k" only accepts SHA1 hashes. So let's try the ID. echo 'id: user' | ssh-keygen -k -f revoked_keys -s ca /dev/stdin OK, after transferring the result to the server and setting the RevokedKeys option in sshd_config, it works. But, as an admin, I would also like to revoke the key itself (not only the certificate) where I can. And I don't have any information to do so - is it because m...

Greetings all, I have hit a kernel BUG in revoke.c in kernel 2.4.7-ac7 twice today while attempting to perform the same operation (patching stock 2.4.8 kernel src with "patch -p1 < patch-2.4.8-ac4"). Syslog entries follow. Please email me if you want/need my kernel config or any other information. Thanks, jtp

How can I revoke one SSH certificate without having to replace the root certificate and all certificates signed by it? Regarding the second statement, do you have sources? On Fri, May 25, 2018 at 6:58 AM, Peter Moody <mindrot at hda3.com> wrote: > On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997 at gmail.com> wrote: > >> SSH certificates provide no >> way to

On Sun, 9 Jun 2024 18:52:39 +0100 Luis Peromarta via samba <samba at lists.samba.org> wrote: > Update: > > I have revoked the privilege to BUILIN\Administratos. As before, no > root mapping. > > root at member:/# net rpc rights revoke "BUILTIN\Administrators" > SeDiskOperatorPrivilege -U "MAD\luis" Password for [MAD\luis]: > Successfully revoked rights. > > root at member:/#...

...s again. [root@ip-10-196-90-236 ~]# puppet agent -t info: Retrieving plugin err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] err: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=ip-10-224-122-211.ec2.internal] Could not retrieve file metadata for...

...t agent --test* Info: Caching certificate for r3.pb Info: Caching certificate_revocation_list for ca Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=masterdns.peoplebrowsr.com] Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=mas...

I revoked the certificate of one of the clients by issuing the following command on puppetmaster : puppet cert clean <hostname> Then tried to access the catalog from <hostname> via : puppet agent --server=puppet .... and I can still access the catalogs from the master without any erro...

On Mon, 10 Jun 2024 08:33:13 +0100 Rowland Penny via samba <samba at lists.samba.org> wrote: > On Sun, 9 Jun 2024 18:52:39 +0100 > Luis Peromarta via samba <samba at lists.samba.org> wrote: > > > Update: > > > > I have revoked the privilege to BUILIN\Administratos. As before, no > > root mapping. > > > > root at member:/# net rpc rights revoke "BUILTIN\Administrators" > > SeDiskOperatorPrivilege -U "MAD\luis" Password for [MAD\luis]: > > Successfully revoked rights. >...