similar to: Logging authorized key info

hi guys, I am having an unusual behaviour in puppet with AIX (client node) while copying ssh key from puppet-server to client. here is what i am trying to do; $username = "xyz" $group = "system" $home = "/home" $sshDir = ".ssh" $pub_key = "id_rsa.pub.xyz" 1. creating all users virtually in one go 2. realize them all and copy each of

We recently started upgrading OpenSSH on our Sol8 systems and we've run into a problem were we can run commands on a remote system since we installed 3.7.1p1. The debug output from sshd is attached below. We use PAM in our environment, and have since 2.9.9p2. I think most of the systems were running 3.4p1 prior installing 3.7.1p1 and they were working - the only thing we replaced was

Hey everyone, Basically, I'm trying to figure out if I can configure sshd to require that the user has a key that has been signed by a trusted user CA *and* is listed separately as an authorised key (or the user has a signed key and a different authorised key)? The closest I've come is having an `authorized_keys` file have two entries consisting of the CA key and a normal key with

I just installed puppet on an ubuntu natty narwhal desktop and I''m getting the following error on one of my puppet classes: notice: //myclass/Ssh_authorized_key[adminuser]/ensure: created err: //myclass/Ssh_authorized_key[adminuser]: Could not evaluate: Cannot write SSH authorized keys without user ssh_authorized_key { "adminuser": ensure => present,

Hi, I'm wondering whether it is possible to log the key fingerprint (or, the comment of the key) that was used for authentication) with the actual available openssh v3.4p1 on solaris? (with Solaris 8 / UsePrivilegeSeparation yes, if this might be relevant, it seems not) -Is it possible at all? How? -Is there a special sshd configuration option neccessary to use? -Does is only work with a

Hi all, I have a permissions problem with a samba share which I really can't fathom out. I'm trying to create a fully group writable share. Easy or so I thought. As you can see from my config I am trying all the options to set files group writable, however when I create a file from the client I'm always getting the mode 0644. Does anyone have a clue why? Thanks! client:

I''m still trying to figure out how to get my Xen installation on a 34-CPU machine (8 quad cores) to recognize more than one CPU per socket. It seems to default to one CPU per socket on this machine. Win2003ServerEnterprise will support 8 quad cores (32 CPUs) in a native install, but I can''t fathom why it won''t when installed under Xen (OpenSuSE11.0). Thanks for any

This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and other principal names in authorized_keys entries. It's a sort of replacement for .klogin and .k5login, but it's much more general than .k*login as it applies to any authentication mechanism where a name is associated with the ssh client and it supports name patterns and all the normal authorized_keys entry options

File authorized_keys is unusable for mass key storage and manipulation. I wan to store keys in something like mysql server, but It will add big unwanted dependency to package. What if we use auth_rsa.c but instead search in file send key to some script and read sigle return value if key finded and empty if not. I think it will be very customizable. -- With Best Regards, Constantine

Hi, I have istalled LLVM 3.1 Release+Asserts build. I was just trying out the hello world sequence of steps in the installation instructions. However when I run lli or llvm-dis I get an error "invalid MODULE_CODE_GLOBALVAR record". I have searched the web and I am not able to fathom what the problem and its fix is. I have GCC 4.6.3 running on a Ubuntu 12.04 LTS x86-64. Please let me

Hi all! I wish to give huge thankyous to KB and all the others who worked to get 7.3 out the door. Many thanks! I have some good things and some bad. A good thing is that unlike previous versions, when I plug in my USB headphones they are automatically recognized and I get sound without having to change anything! (which is a huge win from before when I had to mess with settings, sometimes for a

On Oct 14, 2008, at 5:41 PM, Chris Lattner wrote: > On Oct 14, 2008, at 4:30 PM, Mike Stump wrote: >> On Oct 14, 2008, at 1:54 PM, Eli Friedman wrote: >>> Maybe... although note that with gcc vector intrinsics, this >>> violates >>> strict aliasing. gcc does allow you to use a slightly more >>> elaborate >>> workaround with a union,

In order to comply with our internal security guidelines, we created a patch on top of openssh-3.6.1p2. With that patch, if sshd sets up a session based on key authentication, it logs to syslog which one of the keys in authorized_keys or authorized_keys2 is actually being used. The patch logs the key comment (typically the key owner's email address) as well as the name of the file containing

Hi. To compartmentalize things a bit (e.g., to help limit the damage should one of my machines be hacked and my private RSA keys stolen) I use different RSA key pairs on my different client machines. So it occurs to me that it would be nice if ssh could log which key was used when logging in to a particular account that has more than one entry in .ssh/authorized_keys. Right now it simply says

Hi all, I've got the following problem when connecting to a SSH server version 2.0.13 with dsa public key authentication. Instead of logging in I get "Authenticated with partial success". I attached the complete output of "ssh -v". The interesting part: This only happens when connecting from one special machine (running SuSE 8.0, OpenSSH 3.4p1). From any other machine

Hello All, I am experiencing the following test unit error working with Rails that I can''t fathom. I have a products.yml file which holds the following test fixture for the products table: dell_pc: id: 1 title: Dell PC description: Dell PC image_url: http://.../pc_image.jpg price: 15000.00 date_available: 2005-12-31 06:53:00 I also have the following product_test.rb file to

I'm trying to convince my employer to deploy an Asterisk based system, but one member of the leadership team is against it. The rest of the team is for it, but he's convinced them that we should find other organisations in the Joplin, MO area who are using Asterisk first because, "we don't want to be the first in our area." I can't fathom how that's relevant, since

Hi, Users who are interested in certificate authentication might be interested in this change: > - djm at cvs.openbsd.org 2010/05/07 11:30:30 > [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c key.c] > [servconf.c servconf.h sshd.8 sshd_config.5] > add some optional indirection to matching of principal names listed > in certificates. Currently, a

Hi, I''m new to using ferret (and fairly new to ruby/rails) and I''m having a problem I can''t fathom. Sorry for the long post ... I have a test which passes require ''rubygems'' require ''ferret'' include Ferret require ''test/unit'' class CompanyTest < Test::Unit::TestCase def test_index puts ''running

Hi, I''m new to using ferret (and fairly new to ruby/rails) and I''m having a problem I can''t fathom. Sorry for the long post ... I have a test which passes require ''rubygems'' require ''ferret'' include Ferret require ''test/unit'' class CompanyTest < Test::Unit::TestCase def test_index puts ''running