similar to: [Bug 172] Add multiple AuthorizedKeyFiles options

https://bugzilla.mindrot.org/show_bug.cgi?id=2635 Bug ID: 2635 Summary: Unable to use SSH Agent and user level PKCS11Provider configuration directive Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5

Package: logtail Version: 1.2.68 Severity: normal Hi, logtail does not cleanly update from logtail2: $ sudo dpkg --install /var/cache/apt/archives/logtail_1.2.68_all.deb (Reading database ... 26564 files and directories currently installed.) Unpacking logtail (from .../logtail_1.2.68_all.deb) ... dpkg: error processing /var/cache/apt/archives/logtail_1.2.68_all.deb (--install): trying to

http://bugzilla.mindrot.org/show_bug.cgi?id=172 Summary: Add multiple AuthorizedKeyFiles options Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

https://bugzilla.mindrot.org/show_bug.cgi?id=2714 Bug ID: 2714 Summary: Allow specifying a key description when loading from stdin Product: Portable OpenSSH Version: 7.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-add

Hi, my test host is running Debian/GNU Linux unstable and has virt-manger 0.9.5 and libvirt 1.2.1. I am using encryption and thus have devices in /dev/mapper that are not LVs, for example called /dev/mapper/myvirtualdisk. I'd like to configure libvirt in a way that allows me to directly assign such devices to a VM. This does not work when I create a filesystem directory storage pool in

Hi, We'd like to run sshd with a configuration morally equivilent to: # stuff ... AuthorizedKeysFile /var/db/keys-distributed-by-security-team/%u AuthorizedKeysFile %h/.ssh/authorized_keys # be backwards compatable for a bit longer yet AuthorizedKeysFile %h/.ssh/authorized_keys2 # more stuff ... The following patch (against the cvs source) turns the authorizedkeysfile statement in sshd.conf

https://bugzilla.mindrot.org/show_bug.cgi?id=1247 Sascha Silbe <sascha-openssh-bugs at silbe.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sascha-openssh-bugs at silbe.o | |rg -- You are

https://bugzilla.mindrot.org/show_bug.cgi?id=2713 Bug ID: 2713 Summary: Please provide a StrictModes-like setting (command line parameter) for ssh (client) Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5

On 02/01/18 03:29, Michael Str?der wrote: > How high is the risk that this unmaintained device is added to > yet-another-bot-net in the Internet-of-shitty-devices or is used to > enter parts of your network. I think that is what is called a straw-man argument.? If a device can be compromised in the way you suggest, then I am sure it will be replaced, but it will be replaced because it

I would like to suggest adding a fallback in the event that somehow the sshd_config port number is invalid. Example: Port != (1<= or >=65535) By default fall by to port 22, and spit out an error. Same would go for if the new port is already in use, fall back to port 22 and spit out an error. Why is this a good idea? Would be a good idea because people are human and make mistakes, and you

https://bugzilla.mindrot.org/show_bug.cgi?id=2677 Bug ID: 2677 Summary: Provide a way to set an environment variable from ssh_config Product: Portable OpenSSH Version: 7.4p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh

Hi devs, recently I had to replace authorized_keys on several systems to enforce an access policy change. I was badly surprised that authorized_keys2(!) was still processed, which allowed some old keys to enter the systems again, because I wasn't aware of the file's existance on the server and use by sshd, since this "backward compatibility" isn't documented, not even a

https://bugzilla.mindrot.org/show_bug.cgi?id=2578 Bug ID: 2578 Summary: -W should honor -4 and -b Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=165 ------- Additional Comments From markus at openbsd.org 2002-03-17 04:31 ------- never seen this. what does sshd -ddd say? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

OpenSSH 3.1 Not really a bug, but an "undocumented feature". The default sshd_config file show the default setting for AuthorizedKeysFile as being: AuthorizedKeysFile .ssh/authorized_keys If you uncomment that default, it changes the "undocumented" setting for "AuthorizedKeysFile2", which is by default: AuthorizedKeysFile2 .ssh/authorized_keys2

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

On Thu, Jul 7, 2016 at 10:00 AM, Bruce F Bading <badingb at us.ibm.com> wrote: > > Hi Gentlemen, > > Thank you both for your valued opinion. I do however agree that public key > authentication cannot be fully considered MFA as have 2 PCI QSAs I have > spoken with. This is because it is not enforceable server side. Many > things can affect client side security. >

From: Halil Pasic <pasic at linux.vnet.ibm.com> Make ringtest work on s390 too. Signed-off-by: Halil Pasic <pasic at linux.vnet.ibm.com> Acked-by: Sascha Silbe <silbe at linux.vnet.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck at de.ibm.com> --- tools/virtio/ringtest/main.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git

From: Halil Pasic <pasic at linux.vnet.ibm.com> Since ef1b144d ("tools/virtio/ringtest: fix run-on-all.sh to work without /dev/cpu") run-on-all.sh uses seq 0 $HOST_AFFINITY as the list of ids of the CPUs to run the command on (assuming ids of online CPUs are consecutive and start from 0), where $HOST_AFFINITY is the highest CPU id in the system previously determined using lscpu.

https://bugzilla.mindrot.org/show_bug.cgi?id=2623 Bug ID: 2623 Summary: AuthorizedKeysFile split pub key and signature with tab `\t` not work. Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: