similar to: [Bug 1316] New: Add LDAP support to sshd

Hi all, At my organisation we have an LDAP infrastructure built on OpenLDAP, between Unix boxes running OpenSSH at multiple sites. It works well but the SSH key management is something of an inconvenience, especially as we would like to implement SSO with ssh-agent and passphrased keys. There is an OpenSSH patch called LPK which can allow the authorized_keys to be stored in LDAP, and that

Hello Are there plans to merge the hpn-ssh (http://www.psc.edu/networking/projects/hpn-ssh/) and the LPK (http://code.google.com/p/openssh-lpk/) into the mainline openssh. Adding lpk has been logged as a bug in bugzilla as They are two patches that I always apply as the performance boost from hpn-ssh is substantial to say the least, and centralisation of the authorized_keys into a LDAP server

Hello everybody, I'd like to have LPK (or something like that - getting public keys from LDAP) integrated into mainline OpenSSH. *** First of all, a summary. The project page at http://code.google.com/p/openssh-lpk/ mentions that a few distributions include LPK per default; but reading the various threads at Support for merging LPK and hpn-ssh into mainline openssh?

I have successfully created a packaged version of openssh that has the LPK patch. LPK allows you to store your public keys in LDAP. However when I go to install the package I created it complains about dependencies: [root at VIRTCENT13:/home/bluethundr/rpm]#rpm -Uvh openssh-5.6p1-1.i386.rpm error: Failed dependencies: openssh = 5.5p1-1.el5 is needed by (installed)

Hello I've created patch to the openssh which allows to use an agent for obtaining the public keys. It may be the first step towards the implementation of something similar lpk. The solution is independent on the agent, so it may be used with ldap based agent or with any other technology. May be that patch acceptable as the first aproach to the lpk replacement? It is placet in mindrot's

> From: Damien Miller <djm () mindrot ! org> > Date: 2009-02-17 4:22:05 > Message-ID: alpine.BSO.2.00.0902171519190.1946 () fuyu ! mindrot ! org > On Tue, 17 Feb 2009, Peter Lambrechtsen wrote: > >> On Tue, Feb 17, 2009 at 3:18 PM, Damien Miller <djm at mindrot.org> wrote: >> > I don't think there are any plans to merge the LPK patch. We

Hello, My is Dmitri Pal and for the last two years I have been working on SSSD and IPA open source projects. SSSD is effectively a replacement for PAM/NSS combination with offline caching. The details about the project can be read here: https://fedorahosted.org/sssd/ Quick overview of features is here: https://fedorahosted.org/sssd/attachment/wiki/Contribute/sssd%20overview%20slides.2.pdf SSSD

I would like to implement a feature whereby users can write their own plugins for authorizing use of a public key. I've got a private branch of this working, but would like feedback before submitting a patch (starting with whether the community would want this). Essentially, I've added a line in sshd_config like: PubKeyPlugin

Hi, I''m attempting to move from 0.24.x to 2.6.x :) trying to fix all those parts that have changed, and found that the use of plugins we are doing is probably not the best approach hoping you can help me with comments regarding this use case. In our working 0.24.x environment we had to make use of plugins to add an attribute in the package.rb, something like: *newparam(:ignoredeps)*

We've been on the Gluster 3.7 series for several years with things pretty stable. Given that it's reached EOL, yesterday I upgraded to 3.13.2. Every Gluster mount and server was disabled then brought back up after the upgrade, changing the op-version to 31302 and then trying it all out. It went poorly. Every sizable read and write (100's MB) lead to 'Transport endpoint not

Hi, I've been kicking this idea around, and the problem with it escapes me. I'm looking for someone to tell me why this is a bad idea. The new OpenSSH includes the AuthorizedKeysCommand, which was mostly added to let people use a command to look up user keys in LDAP. LDAP key lookup have some limitations -- specifically, the common openssh-lpk_openldap schema won't let you add

I am trying to use highlight, but I am getting this kind of thing: /usr/local/lib/ruby/gems/1.8/gems/ferret-0.11.4/lib/ferret/index.rb:197:in `highlight'': IO Error occured at <except.c>:93 in xraise (IOError) Error occured in index.c:1222 - lazy_df_get_bytes len = -5, but should be greater than 0 from

Hi Daniel, In my case ExecutionEngine::create() loads 40 modules, then each time I try to resolve a symbol that I know is in a DLL that I supply, it looks through all 40 modules first. This is on Windows, so I get the following modules loaded: ntdll.dll, kernel32.dll, USER32.dll, GDI32.dll, SHELL32.dll, ADVAPI32.dll, RPCRT4.dll, Secur32.dll, msvcrt.dll, SHLWAPI.dll, ole32.dll, OLEAUT32.dll,

http://bugzilla.mindrot.org/show_bug.cgi?id=1348 Summary: Small code refinement to remove some duplication. Product: Portable OpenSSH Version: 4.6p1 Platform: Other OS/Version: Other Status: NEW Severity: trivial Priority: P4 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy:

Thought I would post this experience to the list so it's archived for posterity... My company is deploying Asterisk-based PBX's to all of our branch offices. Each office has 2 analog Voice lines and a fax line. We didn't want to go to the expense of using TDM400's in the servers (which run asterisk and Hylafax) so we opted for 2 X100P cards in each box. So far they have

I happened to review the status of volume clients and realized they were reporting a mix of different op-versions: 3.13 clients were still connecting to the downgraded 3.12 server (likely a timing issue between downgrading clients and mounting volumes). Remounting the reported clients has resulted in the correct op-version all around and about a week free of these errors. On 2018-03-01

Built from tar. Same result from git pull as of 01NOV install sudo samba-tool domain provision --realm=hen.us.mentats.us --domain=NEWDOM --dns-backend=BIND9_DLZ --adminpass=badpass --server-role='domain controller' "libkdc-policy.so: cannot open shared object file: No such file or directory" How do I find/build this module?

People, Anybody knows what mean this message in my CLI: [Apr 1 16:58:34] WARNING[3845]: asterisk.c:3050 canary_thread: The canary is no more. He has ceased to be! He's expired and gone to meet his maker! He's a stiff! Bereft of life, he rests in peace. His metabolic processes are now history! He's off the twig! He's kicked the bucket. He's shuffled off his mortal

I have a set-up of 3 servers at disparate geographical locations. Server 1 provides web services, and users should be able to use sftp only. Admins should be able to get shells. Server 2 provides CVS services, and users sh ould be able to use cvs only. Admins should be able to get shells. Server 3 provides shell services for all users. There appears to be no easy way of implementing this within

Damien, I've filed a bug for this on mindrot as requested, https://bugzilla.mindrot.org/show_bug.cgi?id=1348. Patch attached in case that helps reviewing. Comments welcome, Rob -- Rob Holland <rob at inversepath.com> http://www.inversepath.com - Chief R & D Engineer Inverse Path Ltd, 63 Park Road, Peterborough, PE1 2TN, UK Registered in England: 5555973 -------------- next