Displaying 20 results from an estimated 4000 matches similar to: "ssh/openssh and X authentication"
2000 Oct 16
2
ssh2 authentication and ip forwarding
I'd been hoping to move all of our site to ssh protocol 2 whilst we are
still small enough to do this without serious pain, however the lack of
authentication and connection forwarding is making that difficult at
present.
I see the current (2.2.0p1) code base does not have the code on either
client or server side for ssh2 to handle tunneled connections or
authentication agent. Is this
2000 Nov 27
1
StrictHostKeyChecking
Long ago, when I wrote the ssh config file on my desktop box, ssh
(which might have been the non-openssh one) took 3 possible values for
the StrictHostKeyChecking option - yes, no & ask.
Today, when I attempted to connect to a new machine, with no DNS
entries (so using IP address) from my desktop box, ssh (now 2.3.0p1)
SEGVed. Looks like there is some subtle interaction between having an
2000 Jun 27
1
DSA Auth Key Support
This appears to be rather poorly supported compared to the rsa key
equivalent...
The man page implies that ~/.ssh/authorized_keys &
~/.ssh/authorized_keys2 are similar format. In fact the code will only
read DSA keys from the ~/.ssh/authorized_keys2 file - the options
entries are not supported, and putting options in causes key
recognition to fail.
I guess ideally the key reader needs
2001 Mar 21
2
Challenge response authentication and PAM
As an experiment I set up Challenge/response authentication on a Linux
system with PAM using a pam_opie module (this module works fine with
console logins and su).
I can log into the box using the opie password, *but* it does not give
me the challenge - which can make things a little tricky :-)
I can well believe this might be a fault in the PAM pam_opie module I
am using, so has anyone got
2002 Mar 01
2
RH7.2 journal creation
Stephen et al,
You may remember me raising the point that the new e2fsprogs (1.25 as I
remember) griped about old journals not having all the appropriate
fields zeroed.
I've just discovered that the RH 7.2 installer produces journals (ie on
partitions created as ext3 from within the installer) that flag these
warnings with a modified 1.25 e2fsck (the mods being to clear the errors
rather
2001 Jun 06
2
Suspiciously broken filesystem
I appear to have a broken filesystem on this box to the point where I am
probably going to rebuild the system since I have lost trust in it.... I
was wondering if there was any reasonable postmortum work I could do on
it before it gets rebuilt.
History is that the laptop has a much mauled partition set on it -
initially it came with 100% win2k, I then shrunk that and added linux (a
RH71 install
2006 Jun 07
1
RPM spec file
Hi,
To to build an RPM from the nut 2.0.3 source I've corrected the old
nut.spec.in file. Please find a copy of the slightly updated spec file
attached. The changes are documented at the bottom of the spec file.
Regards,
Will
-------------- next part --------------
# don't know how different I can do this
%define majorver 2.0
%define version 2.0.3
%define relver 1
%define nutuser
2001 Mar 28
1
Ext3 and LFS - possible? fatal?
Has anyone tried LFS (ie >2G files support) and Ext3 together?
Are there good reasons why this should/should not work?
I see the RH enterprise kernel patch set specifically does not attempt
both lfs and ext3, but the lfs patches themselves touch some reasonably
localised parts of ext2, so I would hope (without having dived in there
to test), that the ext3 changes would mirror that
2001 Sep 12
3
Distinct transactions (MV vs rename())?
I have a question regarding a thread in June called "Distinct
transactions", which I have included below. It seems to me that the
solution is not atomic for daemons opening the file as there is a moment
where the filename is not in the directory (i.e. unlink then link).
In summary, poster Charlie Woloszynski wanted to update a configuration
file in a safe manner (i.e. as a
2000 Jan 11
1
openssh 1.2.1. pre25 and X11 forward
Hello,
I moved my ssh servers to openssh and installed:
openssh-1.2.1pre25 via .rpm
My problem is that X11 forwarding doesn't work.
-/etc/ssh/sshd_config
X11Forwarding yes
X11DisplayOffset 10
I start sshd with defaul port and can connect to the server
and then:
$ xosview
X11 connection rejected because of wrong authentication.
X connection to servername.de:10.0 broken (explicit kill or
2003 Mar 17
1
ext3 over aes crypted loopback on partition
I'm looking at running an ext3 filesystem on top of a loopback AES
encrypted device, which in turn is on top of a raw partition (so no
other things in the way that should be reordering writes).
Are there likely to be any strange issues with using ext3 in this way?
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@InTechnology.co.uk ]
[ - Comments in this message are my own and
2004 Oct 26
1
Filesystem requirements
What are the filesystem requirements for dovecot - for example I see
some people are running with atime updates switched off (as I intend to
do so myself), so presumably dovecot has no need of an accurate atime
implementation.
How about directory atime? ctime/mtime etc?
I'm intending to run on a linux box using local disk, so am currently
considering using reiserfs (3.6) with noatime,
2005 Apr 25
0
HA heartbeat scripts
Has anyone worked with getting dovecot to work in a HA cluster using
heartbeat? If so do you have any magic startup scripting or other
special sauce?
[I'll be playing with this over the next couple of days, although
concentrating on pop for our requirements. I can post any scripting I
produce]
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham at InTechnology.co.uk ]
[ -
2000 Nov 20
3
Info before I try this
Is there any more docs on this other then the blurb on beta.redhat.com?
I got a spare non-critical victim err... test machine I want to try this
on and have all the RPMS, but would really like to chew on a little
more detail before I leap.
Regards,
Henri
--
"People die."
--The Cynic's Book of Wisdom
2000 Jan 14
1
minor prob with spec file
The openssl rpm needs to be installed on the system *before* the
openssh-server rpm is installed. This is because the openssh-server's
post script does the host key generation.
As it is now, the command
rpm -U openss*
intended to install openssh* and openssl* will report that the host
key generation failed. Fix: change
PreReq: openssh chkconfig >= 0.9
to
PreReq: openssh chkconfig
2000 Feb 17
2
Idle time out
Hi, I don't know if this is the approriate place to post it. But it
really annoying me. My ssh connection times out every 10 minutes or so and
I want it to keep open for like 3 hours so that I don't have to relogin.
However, I cannot find an option to change this!! In the Secure SSH we
have a option called IdelTimeout to deal with this but OpenSSH seems to
totally ignore this option.
Can
2000 Mar 02
2
Is it securely: `hostname`:10 ?
Hello,
I am using OpenSSH 1.2.1 on Solaris 2.6.
I am using X forwarding intensively. During work OpenSSH creates
display like `hostname`:10. Is it securely?? Why not 127.0.0.1:10 or
localhost:10 ?
Best regards
Sergey Khorev.
2000 Mar 06
2
spec file
I have looked into the spec file for the openssh rpm.
In the %preun stanza, I noticed that the currently running sshd is
stopped only when removing the package. On the other hand, it is
theoretically possible that a new version of openssh may install files
which would make the old sshd misbehave.
So I think, it is better to stop sshd every time the package is
upgraded.
Also, the %post stanza
2000 Feb 14
3
Binding ssh to priviledged port breaks rule (port < 1024 => system service)
I'm sure there is a rationale for binding the ssh client to a
priviledged port. (Which?)
However there are several drawbacks to this:
o It breaks firewall rules that assume that user connections start at
port > 1024 or > 32768.
o It breaks monitoring software using the same assumptions.
o Every suid program is a separate evil (caused by the flawed security
model in most unices).
I
2001 Apr 09
2
"X11Forwarding yes" causes "error: socket: Protocol not supported"
Greetings,
I'm running OpenSSH_2.5.2p2, and OpenSSL-0.9.6a, on BSD/OS 4.0.
Following the FAQ, I added the following line to my sshd_config
in order to enable X11 forwarding:
X11Forwarding yes
Now openssh is disconnecting my sessions immediately after
authentication and login with the following error messages:
"error: socket: Protocol not supported"
"Disconnecting: Command