similar to: TCP port forwarding troubles?

There's one vulnerability that's bugged me for some time. It applies to nearly all crypto software, including ssh. That's the swapping of sensitive info (such as keys and key equivalents) onto hard drives where they could possibly be recovered later. The Linux kernel provides a system call, mlock(), that inhibits swapping of a specified region of virtual memory. It locks it into real

Hi. To compartmentalize things a bit (e.g., to help limit the damage should one of my machines be hacked and my private RSA keys stolen) I use different RSA key pairs on my different client machines. So it occurs to me that it would be nice if ssh could log which key was used when logging in to a particular account that has more than one entry in .ssh/authorized_keys. Right now it simply says

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 openssh-1.2.1pre20 has been released at: http://violet.ibs.com.au/openssh/files/ This release integrates more of Andre Lucas' portability patch, Ben Taylor's utmpx patch and some cleanups and bugfixes of my own. The auth-passwd failures should be fixed, as should lastlog support on NetBSD. Since Andre Lucas' patch included platform

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 openssh-1.2.1pre20 has been released at: http://violet.ibs.com.au/openssh/files/ This release integrates more of Andre Lucas' portability patch, Ben Taylor's utmpx patch and some cleanups and bugfixes of my own. The auth-passwd failures should be fixed, as should lastlog support on NetBSD. Since Andre Lucas' patch included platform

Anyone here remember the old Talking Moose desktop toy from the 80's? For the unitiated, the Talking Moose was a simple applet on old Mac computers that periodically displayed an animated Bullwinkle-lookalike moose in the corner of the screen, spouting witty phrases or biting insults, as well as commenting on various activities like opening and closing programs or inserting disks. (The

Hi. I saw a new release appear today, and I pulled it down to see if some residual problems in port forwarding from openssh-1.2.3 were fixed. The configure script had trouble finding the openssl package, even though I had it installed in the standard place (/usr/local/ssl). I investigated and found that the failed test compile was caused by two nonfatal compiler warnings that memset and RAND_add

I'm using Opus for a networked ham radio communications receiver. Kudos on the whole project; it sounds excellent even at low bit rates and the API was surprisingly simple and easy to use. And god knows the world needs a really good, general purpose, non-proprietary codec. One question, though. Depending on the mode my receiver can generate mono or stereo. Most operating modes are mono, but a

Scenario: Use the ssh-keygen utility in openssh-1.2pre17 to generate a host key Kill and restart sshd Remove the old host key from ~/.ssh/known_hosts Connect to the host using ssh. I get this: homer.ka9q.ampr.org$ ssh 199.106.106.3 who The authenticity of host '199.106.106.3' can't be established. Key fingerprint is 1024 a0:8d:17:f0:fa:a9:9f:6f:b5:d0:1c:d6:02:92:bd:5e. Are you sure

For some time I have routinely websurfed across a forwarded TCP connection using SSH. The other end of the TCP tunnel connects to a Squid proxy cache on the same machine. This usually works. But I see lots of error messages on each end of the form Jun 13 13:22:02 tunnel sshd[32378]: error: channel 0: chan_shutdown_read: shutdown() failed for fd5 [i1 o128]: Transport endpoint is not connected

I started getting exception notifications recently from the server just about the time I upgraded to Rails 3.2. I don''t know if that is a coincidence or not. Evidently some robot is hitting my site with: mydomain.com?iframe=true&width=100%&height=100% and that is throwing an exception. I have two questions: 1) First, just out of curiosity, who puts

I'm still seeing problems when I use TCP connection forwarding across SSH to surf the web. I see lots of error messages of the form channel 1: chan_shutdown_read: shutdown() failed for fd7 [i1 o128]: Transport endpoint is not connected And I see occasional connection lockups. Both ends are running openssh-2.1.1p1. Phil

I have recently compiled and installed openssh-2.1.1p1 on a linux box. The login reporting does not seem to work properly. When logging into the box via ssh (protocol 1) utmp shows the user logged in and the tty properly, but the field for the login date/time and the field for originating host contain all NULLs. Is anyone else seeing this same behavior, or have I just done something really

Hi all, I was investigating the SMB signing problems between Win2k clients and Windows XP servers and thought I'd take a look to see if there were any hotfix patches for Win2k that were post service pack 2. I discovered this list.... : http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com/support/ServicePacks/Windows/2000/Win2000_Post-SP2_Hotfixes.asp of *amazing*

I am behind a webproxy and am wondering if I can pass the webproxy's details to the boot time kernel so that I can install centos 5.1 from the net boot CD I have downloaded!? Thanks Ronan Australia Post is committed to providing our customers with excellent service. If we can assist you in any way please telephone 13 13 18 or visit our website. The information contained in this e-mail

Dear R-Users I have created the following table in R: Year TACC.SNA1 Catch.SNA1 TACC.SNA2 Catch.SNA2 TACC.SNA3 Catch.SNA3 111 1985-86 9396 18595 1860 530 1486 16727 112 1986-87 3155 12195 9506 7067 4991 2300 113 1987-88 6913 2074 3740

Hello, I have a very strange trouble with samba 3.0.33 when I integrate a Linux server in my Windows 2003 AD. I do : - kinit administartor, it's work. - klist, it's work too. - net join ads -U administrator, it's work. I hev the message that my computer has join the domain and I see the Linux in my Domain. - wbinfo -t give me "checking the trust secret via RPC calls

> Thanks all point about security, I''ll do as follows. > I thought that the point was the following two. > > > 1. Storage place of encrypted password > Should I store it in /etc/xen/passwd ? > Or, should I wait for DB of Xen that will be released in > the future? The xend life cycle management patches were posted by Alistair a couple of months back.

Hello everybody, I'd like to have more detailed records for calls related to queues. For instance, if A enters in queue X, waits for Y secs and then talks to peer Z for T seconds, I'd like to have two entries in my CDR: - src: A, dst: X, duration: Y, state: ANSWERED - src: A, dst: Z, duration: T, state: ANSWERED This independently from how many peers the Queue app calls without success

This was posted not too long ago on sci.crypt... Enjoy... I think the most relevant information is near the top, but it''s all quite good... :-) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- There is no intrinsic difference between algorithm and data, the same information can be viewed as data in one context and as algorithm in another. Why then do so many people claim that encryption algorithms

Hi! when using agent forwarding, the connection hangs on exit, if the agent has been accessed. Symptoms: - On the client side, when the agent is accessed, the following output is being logged: debug1: channel 1: new [authentication agent connection] debug1: confirm auth-agent at openssh.com debug1: channel 1: rcvd eof debug1: channel 1: output open -> drain debug1: channel 1: obuf empty