Displaying 12 results from an estimated 12 matches similar to: "Restrict account to only use sftp not working"
2011 Dec 08
1
Converting SSH2 keys for use in OpenSSH
I have a couple of keys generated using the F-Secure SSH2 client. I have converted those keys using "ssh-keygen -i -f samplekey.txt >> ~/.ssh/authorized_keys". When I try and log into the OpenSSH server using those keys, OpenSSH rejects using those keys.
I am under the assumption that this is supposed to work. If I connect using a password, there is no problem. It just does not
2000 Sep 13
2
Can't connect to server using protocol v2?
Is this really caused by a buggy server, or is this an interoperability
problem? It seems to work ok when I specify -o "protocol 1" on the command
line. Thanks,
Greg
[gleblanc at grego1 gleblanc]$ ssh -v login.metalab.unc.edu
SSH Version OpenSSH_2.2.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying
2000 Jun 21
1
SSH 2.2.0
Yo All!
I have been playing with SSH 2.2.0 from www.ssh.com. I can not
connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0.
Ver 1 works fine.
See below for the debug output from both ends
If I force hmac-md5 (-m hmac-md5) from the sender it works!
The other 3 choices fail: hmac-sha1; hmac-md5-96; and none.
I have no problem connecting to this openssh host (hobbes) from
2003 Feb 06
2
kex guess methods incorrect?
Hey guys,
My second post in the last few days (boy I'm active! ;)). We've had a
few issues with SSH Secure Shell version 3.2.0 (build 267) and sftp and
while trying to figure it out I noticed something in the debug output
that I think should be brought to OpenSSH's attention.
Ssh2Transport/trcommon.c:1518: All versions of OpenSSH handle kex
guesses incorrectly.
Does anyone know
2001 May 31
3
OpenSSH, sftp problems
Hi -
We have been fighting this issue quite some time now and a posting on
the general list some months ago did not provide any answers. So I
thought the developers may have an insight.
We are in a Tru64 4.0F environment, running C2 security and TCP
Wrappers.
We are using OpenSSH_2.5.1p2
OpenSSL 0.9.5 28 Feb 2000
Zlib 1.1.3
for remote sessions and all works ok with ssh but
2015 Jan 30
3
SSH over websockets
I must be missing the point here somehow. From my simple mind I think that
two things would be needed - first a mod, e.g., mod_sshd, or better an
addition to mod_auth and mod_proxy so that a URL could be used to initiate
contact to an sshd server elsewhere.
The mod_auth part could/should be used to verity the credentials to used -
basically setting up the VPN between ssh and httpd as ssh; the
2000 Dec 06
1
openssh-2.3.0p1 (Linux) fails using options with dss key
I'm trying to change my local setup from ssh2 to openssh-2.3.0p1. I need
captive comands and specific environments for each key, i.e. the
"command=XXX" and "environment=X=y" options. Unfortunately I *also* need
to support the existing ssh2 client for a transition period, since it's
impractical to change all user's environments to openssh in one go.
I have converted
2002 May 15
3
ssh3 with ssh1
On Solaris 8, I have ssh 3.1.0 and on other box Sol 7 I have 1.2.26 (min
version for comtable with ssh 3), I checked also /etc/ssh2/sshd2_config
file
## SSH1 compatibility
# Ssh1Compatibility <set by configure by default>
# Sshd1Path <set by configure by default
2) generate key for ssh3 # ssh-keygen2 -P /etc/ssh2/hostkey
2017 Feb 02
2
ssh-agent check for new fresh certificate (and key)? worthwhile doing?
Damien Miller wrote:
> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
>
>> On Thu, Feb 2, 2017 at 10:42 AM Damien Miller <djm at mindrot.org> wrote:
>>> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
>>>> I guess a case could be made for ssh-add to always set a timeout when
>>>> adding a certificate with an expiry time, but I think for now I'm
2018 Jan 03
2
SSHD and PAM
Sudarshan Soma wrote:
> Does sssd/NSS has a way to fetch user names from sources like
> RADIUS/TACACS server?
My impression is that while this might be theoretically possible, nobody
does this. Especially it's not clear to me how you would push group
membership to the system. And AFAICS in case of TACACS+ there's also
only a single "role" available (translate this to
2017 Feb 02
3
ssh-agent check for new fresh certificate (and key)? worthwhile doing?
On Thu, Feb 2, 2017 at 10:42 AM Damien Miller <djm at mindrot.org> wrote:
> On Thu, 2 Feb 2017, Adam Eijdenberg wrote:
> > I guess a case could be made for ssh-add to always set a timeout when
> > adding a certificate with an expiry time, but I think for now I'm
> > happy enough to do that on our end.
>
> That sounds like a fine idea.
Damien, to clarify did
2018 Jan 03
3
SSHD and PAM
On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote:
> HI, I do see some refernce on it: but seems not closed
> https://marc.info/?l=secure-shell&m=115513863409952&w=2
>
> http://bugzilla.mindrot.org/show_bug.cgi?id=1215
>
>
> Is this patch available in latest versions, 7.6?
No. It never was.
The SSSD is using NSS (Name Service Switch) [1] way of getting