similar to: SU vs. ssh root@host

Hi, I must access several hosts through reverse masquerading gateways which are visible on the Internet under a single IP address, with different ports (2, 22, 222, 2222 etc..) forwarding to port 22 of various internal ssh servers, each with its own hostkey. This setup totally confuses the openssh client because it does not store the port numbers in the known_hosts* file, and thus falsely

Just compiled the SRPM for 3.3p1 on my Immunix 6.2 box (Redhat 6.2 + Stackguard compiler), fired up the server, and tried to connect to it. No joy. In the spec file I changed the following options: # Is this build for RHL 6.x? %define build6x 1 # Disable IPv6 (avoids DNS hangs on some glibc versions) %define noip6 1 This appears in the system log: Jun 24 16:11:51 johnh sshd[27774]: fatal:

Has anybody here implemented OpenSSL+OpenSSH on SCO Open Server 5.0.5? Please contact me off-list. Thanks! -- John Hardin Internal Systems Administrator Apropos Retail Management Systems, Inc. <johnh at aproposretail.com>

Quick question: ssh client and server 2.5.2p2, RSA authentication. Should the user be prompted to change their password if it's expired? -- John Hardin <johnh at aproposretail.com> Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192

Hi, below is a patch to contrib/cygwin/ssh-host-config and the corresponding README in the same dir. It adds a `--port' option to the config script to allow setting another port than 22 for sshd. Additionally the script used to add `sshd 22/tcp' to the services file while the IANA proposes `ssh 22/tcp' and `ssh 22/udp' as services entries. The new version removes old `sshd'

we are encouraging the use of protocol 2 over protocol 1, correct? but ssh's default is that protocol 1 is tried first, then protocol 2. this can be overridden in the ssh_config file and by command line options, of course, but shouldn't we set the default to be what we want users to use? thanks, wendy -- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com,

I have a ssh enabled server and client machine (we'll call them "server" and "client" respectively...) They both have proper RSA and DSA keys,using protocol version 2 works fine between them. (so ssh itself and the network is working fine) However, I want to get something that will work with rsync without having to manually enter passwords, passphrases, or enter such

Open Letter to Developers, Is there any way you can cut through the mob scene at Homeland Defense with a powerful new encryption/decryption formula? The government cryptography bunch are stuck in symmetry and asymmetry and are deaf/dumb/blind to supersymmetry. When it's so easy to line up a supersymmetrical hypercube fractal-to-fractal, pair-to-pair, quantum-to-quantum and slice through

That's a good point. DHCP allows you to set DNS search parameters. So as long as each location sets different search, "ssh fishbowl" will in fact resolve to the proper local FQDN. On Monday, December 22, 2014, Nico Kadel-Garcia <nkadel at gmail.com> wrote: > On Mon, Dec 22, 2014 at 4:26 AM, martin f krafft <madduck at madduck.net > <javascript:;>> wrote:

Can somebody install an attachment filter on the listserv? Please? -- John Hardin <johnh at aproposretail.com> Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192 ----------------------------------------------------------------------- "Rather than form a

Markus and Damien, here is a more detailed explanation about BUG report at "http://bugzilla.mindrot.org/show_bug.cgi?id=592" concerning "bad decrypted len" error in OpenSSH: If anyone wants to do a private key sign, and the key is located in a device or the Microsoft certificate store in which the private key cannot be accessed directly ( you cannot access the private key

Michael S. Tsirkin <mst at redhat.com> writes: > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: >> I rephrased it in terms of address translation. What do you think of >> this version? The flag name is slightly different too: >> >> >> VIRTIO_F_ACCESS_PLATFORM_NO_TRANSLATION This feature has the same >> meaning as

Michael S. Tsirkin <mst at redhat.com> writes: > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: >> I rephrased it in terms of address translation. What do you think of >> this version? The flag name is slightly different too: >> >> >> VIRTIO_F_ACCESS_PLATFORM_NO_TRANSLATION This feature has the same >> meaning as

This showed up in RISKS and no one has mentioned it here yet, so.. OpenSSH contains lots of code like: char *password = read_passphrase(prompt, 0); [do stuff] memset(password, 0, strlen(password));

So I'm working from home today, and for the first time I've tried running Evolution over a forwarded X11 connection. Even though work has a T1 and I have 640k at home, and ssh is compressing, it's ... rather slow. So I fire off lbxproxy and try to run an xterm to see if it works. No dice, authentication denied. Does anybody have any experience with this? Is it possible to run

Outside the pre-auth patch by Markus to fix Cygwin and a few other platforms. SEND ME (privately) ANY required patch against the lastest snapshot. I'm doing the final commits this evening. Patches that have been temporary rejected for this release. - Owl's full patch for SysV Shm if mmap fails - mmap() on /dev/zero - mmap() on sparse file .. Not looked at the BSD/OS 5.0 patch

Just to bring everyone up to date, could we get a report on the status of support for the 2.x protocol? The home page says "next major release" - is that 1.3 or 2.0? And is there any feel for when it'll be generally available? -- John Hardin Internal Systems Administrator Apropos Retail Management Systems, Inc. <johnh at aproposretail.com>

Michael S. Tsirkin <mst at redhat.com> writes: > On Mon, Jun 03, 2019 at 10:13:59PM -0300, Thiago Jung Bauermann wrote: >> >> >> Michael S. Tsirkin <mst at redhat.com> writes: >> >> > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: >> >> I rephrased it in terms of address translation. What do you think of >>

Michael S. Tsirkin <mst at redhat.com> writes: > On Mon, Jun 03, 2019 at 10:13:59PM -0300, Thiago Jung Bauermann wrote: >> >> >> Michael S. Tsirkin <mst at redhat.com> writes: >> >> > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: >> >> I rephrased it in terms of address translation. What do you think of >>

Hi, OpenSSH git master now disabled SSH protocol 1 at compile time by default. If you want it back, then you'll need to pass --with-ssh1 to configure before you build. We expect to ship this configuration for openssh-6.9 in a few months. -d