Displaying 20 results from an estimated 10000 matches similar to: "Re: THE LINUX/I386 BOOT PROTOCOL - Breaking the 256 limit"
2005 Dec 15
1
Breaking the 256 command line limit
I'm building pxe-booted kiosk systems using pxelinux 3.09 and linux
kernel 2.6.14. I noticed a discussion on this list that 3.09 supports a
511 character command line but that the kernel would need to be patched
to access it beyond 255. How can I patch the kernel to do so?
Andrew Lambe
Systems Programmer
Information Technology
Oral Roberts University
Tulsa, Oklahoma
2016 Jul 25
3
ssh-pkcs11.c
Hi Alon,
I confirmed with pkcs11-tool (from OpenSC) and I can confirm that
pressing return when asked for the pin causes the login to stop (and
not to try a empty pin).
Can you confirm if a empty pin is actually a valid pin, and if not,
can the patch be accepted?
Once again, the problem is that from a user experience, *some/most*
users would expect they can skip pkcs11 token authentication just
2015 May 21
2
[PATCH] build: ssh-agent: condition util.h include
Signed-off-by: Alon Bar-Lev <alon.barlev at gmail.com>
---
ssh-agent.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ssh-agent.c b/ssh-agent.c
index 9e2a37f..415a5ea 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -68,7 +68,9 @@
#include <time.h>
#include <string.h>
#include <unistd.h>
+#ifdef HAVE_UTIL_H
#include <util.h>
+#endif
#include
2016 Jun 17
3
ssh-pkcs11.c
On Fri, Jun 17, 2016 at 7:57 PM, Alon Bar-Lev <alon.barlev at gmail.com> wrote:
> On 17 June 2016 at 20:58, Nuno Gon?alves <nunojpg at gmail.com> wrote:
>> Hi,
>>
>> It seems there is a bug with the pkcs11 feature where a zero-length
>> PIN is accepted. I believe this is a bug, since the user might want to
>> press return when asked for the PIN to
2015 Nov 15
2
~/.ssh/config permissions
Hi,
Working with apache-sshd I found that it forces ~/.ssh/config to be
owned by user without group/others permissions. It failed for me
within my valid openssh environment.
Within sources (readconf.c::read_config_file), I found that openssh
only enforces ownership by user and not group/others write.
When I opened an issue, I was referred to this[1] wiki page (not sure
who maintain it) claiming
2008 Oct 27
0
NEW: COM32 module to alias (Revised)
From: Gene Cumm <gene.cumm at gmail.com>
alias.c: A simple COM32 module that allows the creation of an alias
within the config for SYSLINUX and variants.
Signed-off-by: Gene Cumm <gene.cumm at gmail.com>
---
Revised based on previous discussion on this list <syslinux at zytor.com>
to change the command line string size and account for the possibility
of overflowing the
2005 Oct 05
2
ssh-agent add PKCS#11 support
Hello,
PKCS#11 is a standard API interface that can be used in
order to access cryptographic tokens. You can find the
specification at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most
smartcard and other cryptographic device vendors support
PKCS#11, opensc also provides PKCS#11 interface.
I can easily make the scard.c, scard-opensc.c and
ssh-agent.c support PKCS#11.
PKCS#11 is
2009 Feb 22
2
NEW: COM32 module to run another command, optionally clearing the screen
From: Gene Cumm <gene.cumm at gmail.com>
run.c: A simple COM32 module that will optionally clear the screen
(using newlines) then run a command.
Signed-off-by: Gene Cumm <gene.cumm at gmail.com>
---
This is based on my alias COM32 module that I submitted back in
October, with some improvements to clean up debugging code and
optionally clear the screen.
LABEL et
KERNEL run.c32
2007 Sep 25
9
OpenSSH PKCS#11merge
[[Sending again, as for some strange reason it is not accepted]]
Hello OpenSSH developers,
I maintain external patch for PKCS#11 smartcard support into
OpenSSH[1] , many users already apply and use this patch.
I wish to know if anyone is interesting in working toward merging this
into mainline.
I had some discussion with Damien Miller, but then he disappeared.
Having standard smartcard
2006 Feb 04
1
BIDI (Hebrew) Support
Hello,
I've looked for a BIDI HOW-TO, but did not find any.
I use wine-0.9.5, and run IE using ies4linux. It works great
including Hebrew showing Hebrew text correctly.
The problem is that I could not write any Hebrew
character... Whenever I type a character I get "?".
So I've looked at wine-bidi issues, and found that I need to
compile wine with icu library. I did! using
2015 Dec 23
2
Why hostkeys-00@openssh.com is following user authentication?
Hello,
This hostkeys extension is great, reading[1]:
"""
OpenSSH supports a protocol extension allowing a server to inform a
client of all its protocol v.2 host keys after user-authentication has
completed.
"""
I wonder, why should user authentication be completed before this
functionality is available? This means that ssh-keyscan tool (for
example) cannot take
2005 Nov 01
3
PKCS#11 support for openssh
Hello OpenSSH developers,
A week ago I've posted a patch that enables openssh to work
with PKCS#11 tokens.
I didn't receive any comments regarding the patch or reply
to my questions.
In current software world, providing a security product that
does not support standard interface for external
cryptographic hardware makes the product obsolete.
Please comment my patch, so I can know
2014 Jun 27
1
Using AuthorizedKeysCommand in unprivileged sshd mode
Hi,
I have a setup in which I run sshd as unprivileged user at dedicated port
to serve specific application.
It is working perfectly!
One tweak I had to do, since the AuthorizedKeysCommand feature requires
file to be owned by root, I had to use root owned command at root owned
directory, although it does not add a security value.
At auth2-pubkey.c::user_key_command_allowed2(), we have the
2018 Dec 19
2
RFE: OpenSSH Support for PKCS11 Funneling to PAM for Kerberos/PKINIT
Alon,
On 12/18/2018 06:52 PM, Alon Bar-Lev wrote:
> OK... So you have an issue...
>
> First, you need to delegate your smartcard to remote machine, probably
> using unix socket redirection managed by openssh. This can be done in
> many levels...
> 1. Delegate USB device, this will enable only exclusive usage of the
> smartcard by remote machine.
> 2. Delegate PC/SC, this
2015 Feb 22
3
PKI host based principal
Hello,
Maybe I did not understand correctly the PKI trust, so forgive me if I am wrong.
For example, I have multiple hosts that all serves as monitoring
server, I would like to trust only these hosts, so I enrol a
certificate for these using "monitoring" principal, so I can connect
only to these.
At first I thought we can do Match statement at ssh_config, however,
the Match is being
2003 Jan 18
2
[patch 2.4] Fix ext3 scheduling storm and lockup
This patch fixes an inefficiency and potential system lockup in the 2.4
kernel's ext3 filesystem. The problem has been present since 2.4.20-pre5.
This patch is applicable to 2.4.20. A copy is at
http://www.zip.com.au/~akpm/linux/patches/2.4/2.4.20/ext3-scheduling-storm.patch
Anyone who is using tasks which have realtime scheduling policy on ext3
systems should apply this change.
2006 May 27
2
[ANNOUNCE] PKCS#11 support in OpenSSH 4.3p2 (version 0.11)
Hello,
The version 0.11 of "PKCS#11 support in OpenSSH" is published.
Changes:
1. Updated against OpenSSH 4.3p2.
2. Modified against Roumen Petrov's X.509 patch (version
5.4), so self-signed certificates are treated by the X.509
patch now.
3. Added --pkcs11-x509-force-ssh if X.509 patch applied,
until some issues with the X.509 patch are resolved.
4. Fixed issues with gcc-2.
You
2023 May 25
1
+ ocfs2-fix-use-after-free-when-unmounting-read-only-filesystem.patch added to mm-hotfixes-unstable branch
The patch titled
Subject: ocfs2: fix use-after-free when unmounting read-only filesystem
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
ocfs2-fix-use-after-free-when-unmounting-read-only-filesystem.patch
This patch will shortly appear at
2002 Dec 01
3
data corrupting bug in 2.4.20 ext3, data=journal
In 2.4.20-pre5 an optimisation was made to the ext3 fsync function
which can very easily cause file data corruption at unmount time. This
was first reported by Nick Piggin on November 29th (one day after 2.4.20 was
released, and three months after the bug was merged. Unfortunate timing)
This only affects filesystems which were mounted with the `data=journal'
option. Or files which are
2012 Jul 28
1
[PATCH] ssh-keygen: support public key import/export using SubjectPublicKeyInfo
ssh-keygen already supports importing and exporting ssh keys using
various formats.
The "-m PEM" which should have been the easiest to be used with
various of external application expects PKCS#1 encoded key, while
many applications use SubjectPublicKeyInfo encoded key.
This change adds SubjectPublicKeyInfo support, to ease integration
with applications.
Examples:
## convert