similar to: /etc/ssh/shosts.equiv ignored?

Hi, I am using syslinux-4.00-pre24, -pre27 and -pre31. chain.c32 fails for pre27 and pre31 for particular configs ... shown below. 1) works on pre24, fails with error message "Chainboot failed!" for pre27 and pre31 LABEL local MENU DEFAULT MENU LABEL Local Boot ... (skip PXE boot) KERNEL chain.c32 APPEND hd0 0 2) works on all three. LABEL local

I just tried, on a whim, to use an OpenSSH client vs SSH 1.2.26 client, and I can connect with it... Something drastic change between pre23 and pre24? Then again, I can't get pre23 to work anymore either, after further investigation :( OpenSSH clients connect no problem, just not the old SSH 1.2.26 clients ... Marc G. Fournier marc.fournier at acadiau.ca

Hi, does anyone have any elegant solutions for managing shosts.equiv? In my puppet ssh module, host keys for /etc/ssh/ssh_known_hosts are automatically managed with: @@sshkey { $hostname: ensure => present, type => "rsa", key => $sshrsakey, } Sshkey <<| |>> Is there a similar construct for

Hello all, I use a Slackware 4.0 based system (libc5 based, with glibc2.07 runtime support). I've configured OpenSSH using: ./configure --sysconfdir=/etc/ssh --without-pam --with-default-path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbi n:/sbin NOTE: yes, --with-default-path DOES work, since pre24 (pre 22 did not) When I try to compile OpenSSH-1.2.1pre25 (or pre24 or pre22), I

Hello all! I'm looking for a solution to the following problem - I need to be able to use OpenSSH from root on one system to perform work on several dozen other systems using some automation. The restrictions that have to be met to keep the business happy are that no cleartext passwords or unencrypted private keys can be stored on disk. Since this is within an automated environment, there

On 11/15/23, 10:51 AM, "openssh-unix-dev on behalf of Marian Beermann" <openssh-unix-dev-bounces+iain.morgan=nasa.gov at mindrot.org <mailto:nasa.gov at mindrot.org> on behalf of public at enkore.de <mailto:public at enkore.de>> wrote: On 11/15/23 18:09, Chris Rapier wrote: > On 11/11/23 9:31 PM, Damien Miller wrote: > >> It's not discouraged so much as

Hi, we're looking to reduce the number of host lists that need to be kept in sync in our system. (There are quite a few of them all over the place) OpenSSH CAs are an obvious solution for not having to keep all host keys in sync in /etc/ssh/known_hosts, however, while OpenSSH does support using a CA in conjunction with hostbased authentication, it still requires a list of all authorized

On 09/11/23, Marian Beermann (public at enkore.de) wrote: > ... while OpenSSH does support using a CA in conjunction with hostbased > authentication, it still requires a list of all authorized host names in the > rhosts / shosts file. I'm not familiar with the use of .rhosts/.shosts, but I don't think those are needed at all with a machine or per-user known_hosts file/files

Got this from one of my users today ... ========== sshing did still work last week, but you had to use the blowfish encryption protocol instead of 3des that is used by default. ========== Marc G. Fournier marc.fournier at acadiau.ca Senior Systems Administrator Acadia University "These are my opinions, which are not necessarily

On Fri, 10 Nov 2023, Rory Campbell-Lange wrote: > On 09/11/23, Marian Beermann (public at enkore.de) wrote: > > ... while OpenSSH does support using a CA in conjunction with hostbased > > authentication, it still requires a list of all authorized host names in the > > rhosts / shosts file. > > I'm not familiar with the use of .rhosts/.shosts, but I don't think

Hi, I'm running OpenSSH 1.2.3 here on assorted Solaris and Linux machines. On the Linux machines, users are able to ssh back and forth among the machines without a password assuming proper .shosts files, but root is never able to do the same: it always gets prompted for a password. I'm using RH6.2 here. I've tried fiddling with PAM, /etc/securetty, /etc/hosts.equiv, all to no

On 11/11/23 9:31 PM, Damien Miller wrote: > It's not discouraged so much as rarely used. It's very useful in some > situations and I can think of good reasons to use it more often (e.g > requiring both host and user identity as part of authentication). > > It definitely has more rough edges than user publickey authentication - > it's harder to set up (admin only)

Hello, The ssh deamon from OpenSSH_2.5.2p2 first does a seteuid(uid) and then stat($HOME/.shosts) to check whether a .shosts file is there. This seems to be a problem when homedirectories are only accessible "by group permission"; for example in the following (as I guess quite common) case: drwxr-x--- root mygroup 512 Apr 10 12:09 mygroup And my personal homedirectory would now

On 11/10/23 04:17, Damien Miller wrote: > AIUI what he is asking for is a file that combines the host identity > of the system-wide ssh_known_hosts file with the host/user authorisation > of shosts in a single file. > > This might be a little cleaner, but IMO not so much so as to be highly > motivating (personally). > > -d Yup, but since this is auth code I imagine it

On Sat, 11 Nov 2023, Marian Beermann wrote: > On 11/10/23 04:17, Damien Miller wrote: > > AIUI what he is asking for is a file that combines the host identity > > of the system-wide ssh_known_hosts file with the host/user authorisation > > of shosts in a single file. > > > > This might be a little cleaner, but IMO not so much so as to be highly > >

is anyone using rhost-rsa + hosts.equiv? is it broken? -------------- next part -------------- An embedded message was scrubbed... From: Francesc Guasch <frankie at etsetb.upc.es> Subject: hosts.equiv Date: Thu, 22 Mar 2001 12:56:22 +0100 Size: 2614 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010322/ced5a345/attachment.mht

All, Here is the output of smbstatus after I have opened up the file on the PC: /usr/local/samba/bin [184] ./smbstatus Samba version 1.9.18p10 Service uid gid pid machine ---------------------------------------------- dave dave staff 972 syscon2 (137.51.150.63) Tue Dec 15 15:43:27 1998 No locked files Share mode memory usage (bytes): 1048464(99%)

> Hello, > > On 01.08.2014 19:22, Ady wrote:>> On 24.07.2014 17:32, Gene Cumm wrote: > >>> On Thu, Jul 24, 2014 at 10:29 AM, Philipp Hahn <hahn at univention.de> > wrote: > >>>> On 24.07.2014 13:52, Gene Cumm wrote: > ... > >>>> Your special build gets the gateway working, but the downloaded InitRD > >>>> still

Hello Ady, On 27.08.2014 16:46, Ady wrote: >> On 01.08.2014 19:22, Ady wrote:>> On 24.07.2014 17:32, Gene Cumm wrote: >>>>> On Thu, Jul 24, 2014 at 10:29 AM, Philipp Hahn <hahn at univention.de> >> wrote: >>>>>> On 24.07.2014 13:52, Gene Cumm wrote: >> ... >>>>>> Your special build gets the gateway working, but the

On 08/11/2014 06:12 AM, Shantanu Gadgil wrote: > Hi all, > > I too am getting positive results using 6.03-pre19 lpxelinux.0, for the problem that I have been facing. > > The symptom was that booting hangs on client side. > On the server (DNSMasq TFTP) it keeps getting a request for the same (MAC address) file. > OR, alternatively it just stops completely. > > My