similar to: radius support? (was Re: PAM on OPenBSD for OpenSSH?

Hi all, I'm new to this mailing list, so I apologize if my question is "obsolete" for you. I'd like to know if anybody has a clear idea about how to connect smartcards to the SSH framework. I yet got a modified ssh-agent (by Stephen Pellicer) that uses SSP-Lite (CyberflexAccess driver by me) in order to use the smartcard instead of the HD files. Instead, I'd like to

A while ago I saw some stuff about fixes for the problem with ssh2 and linux (which the FAQ on www.openssh.com is still mentioning but not offering any real solutions for). Is there any news on when/if these fixes will find their way into a release? OpenSSH 2.9p3 perhaps? :) Carl

I've been through the archive, and not found anything conclusive, except for a problem report of sorts from Theo E. Schlossnag (who has a set of patches for SecurID integration). I'm about to replace some ssh 1.2.26 (I know!) installations with OpenSSH 2.5.1p2, on Solaris 2.6 sparc boxes, and we use SecurID tokens for these boxes. I've compiled up OpenSSH 2.5.1p2 with --with-pam,

I know this is slightly off-topic. I'm looking at a way to use PAM with OpenSSH, on OpenBSD 2.7 (which at the moment as far as I can tell has no PAM support). I wonder how hard it would be to spoof the config of the portable OpenSSH into thinking it was on something that supported PAM, and then having a wrapper of some sort to connect to a PAM module? Some background: I have a requirement

We ship servers to remote sites, which are rarely staffed with techs familiar with Linux. We have them tell us the static IP configuration for the box before we ship it, then we set it up for them here and ship it out to the site, where they just plug it in, turn it on, and walk away. That?s the ideal, anyway. What often happens in reality is either: 1. They give us incorrect static IP info,

We've changed E1 providers and I'm trying to reconfigure an E400P to make it work with the new lines. They're supposedly "standard" EuroISDN lines (in the UK). I'm initially just trying to get a single line up. I have the following in /etc/zaptel.conf: span=1,0,0,ccs,hdb3 bchan=1-15 dchan=16 bchan=17-31 loadzone=uk defaultzone=uk The LED on the back

I'm using a modified "default config" file for extensions.conf, the one that uses macro-stdexten to handle the stations. We use a TDM30 card for our stations. When a call that has been rung in using that macro transfers the call things work just fine as far as the "other" instrument ringing. But once the ring timeout has expired, the call then drops into the *original

Getting Clueful: Five Things You Should Know About Fighting Spam The battle for your users? e-mail inboxes probably will never end, but it?s not a failure of technology. Experienced e-mail and system administrators share the key points they really, really wish you understood. http://www.cio.com/technology/infrastructure/security/spam/ five_things_about_fighting_spam.html?CID=28830 Thanks

I hacked out a rough first implementation of parisc64 for klibc last month, and only just got around to testing it now. The good news, it compiled fine on the first shot. The bad news, it failed to link usr/klibc/libc.so, and I'm not clueful enough to know why. hppa64-linux-gnu-ld -Ttext 0x40001000 -o usr/klibc/libc.so --start-group [...] usr/klibc/socketcalls/recvmsg.o

Hello, With qpopper you get something like this after a successful login: --- +OK test has 6 visible messages (0 hidden) in 11822 octets. --- This gives a clueful user or support people a quick status about the size of this mailbox, very helpful in full quota scenarios. Would be nice if the next dovecot would have such a feature as well. I doubt the same is (easily) applicable for IMAP (though

I am trying to set up Samba for the very first time in my life on a SlackWare Linux 7.1 system. I'm using kernel 2.4.2, and the Samba 2.0.7 that comes precompiled with Slackware 7. I'm only moderately clueful at this point, but I have experience with other Linux and networking stuff. I can build Samba from sources if you think that would help. I ran through the diagnostic tests given

I've just upgraded to 2.1.0p2 on my solaris 8 boxes (now it survives a little longer, thanks!). But, I'm seeing "scp not found" where before it was fine. configure --prefix=/opt/local --with-random-/dev/random (the entropy generator is still broken), and in the past I had no problems with scp, but AFAIK something's broken in 2.1.0. Is anyone else seeing anything similar?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Time for another cifs-utils release! Nothing terribly earth shattering here. Some distros (like Fedora) are moving krb5 credcaches out of /tmp by default. Users of these distros will definitely want to upgrade. Highlights: * Fixes for mounting with '/' in usernames with sec=krb5 * Support for DIR: type krb5 ccaches * support for

On Fri, 2017-02-10 at 11:15 -0600, Chad William Seys wrote: > Hi Jeff, > > > So we have a default credcache for the user for whom we are operating > > as, but we can't get the default principal name from it. My guess is > > that it's not finding the > > This mount is run by root UID=0 and seems to be find that credential > cache without problem (earlier

> From: Tom Holroyd <tomh at po.crl.go.jp> > > > > What he is proposing is for OpenSSH to disregard a system-wide policy > > > decision -- that root should not be permitted to directly log in from > > > the network. There are more reasons to disable remote logins as root > > > (vs. normal login then su) than just to prevent plaintext use of the

On 12/02/2014 10:35 AM, Warren Young wrote: > We ship servers to remote sites, which are rarely staffed with techs familiar with Linux. We have them tell us the static IP configuration for the box before we ship it, then we set it up for them here and ship it out to the site, where they just plug it in, turn it on, and walk away. > > That?s the ideal, anyway. > > What often happens

Hi all: I ahve some basic questions regarding the mpd.conf: set radius retries 3 set radius timeout 3 set radius server 192.168.128.101 testing123 1812 1813 set radius me 1.1.1.1 set bundle enable radius-auth radius-fallback Here my radius server is 192.168.128.101 and interanl interface of this mpd server is 192.168.64.65 1) What is this "testing123"? is that key between radius

Hello, I'm trying to configure Asterisk with Radius cdr support. Asterisk version 1.6.2.13 Server Radius: Freeradius version 1.X Radius client: radiusclient-ng version 0.5.5 With the Asterisk core debug on 1 when a call terminate, on the console appear this error: Unable to create RADIUS record. CDR not recorded! My cdr.conf is: [radius] usegmtime=yes ; log date/time in GMT

Hi folks, I'm trying to install asterisk with radius cdr support. I got freeradius up and running, so following radius instructions inside asterisk source package, I've installed radiusclient-ng and relative headers. But when I start configure(asterisk 1.4.18.1) I got: checking for rc_read_config in -lradiusclient-ng... no If I type: ./configure --with-radius=/usr/share/radiusclient-ng the

Hello guys, I have my linux system configured to authenticate/authorize (windows XP and Vista) users for several services, like PPTP, SMTP and POP3, against a radius server (using PAM), and now I want to add support for samba authentication also. I was planning to do it by using one tdbsam backend (I can not have LDAP for several reasons, unfortunately) but I have some doubts: Is it possible to