similar to: User-Dependent Identity File

Here is a patch to allow private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location on systems where home directories are NFS mounted. This is especially important for users who use blank passphrases rather than ssh-agent (a good example of where this is necessary is for tunnelling lpd through ssh on systems that run lpd as user lp). IdentityFile now accepts

Hi, The name of the identity file defaults to what fill_default_options() in readconf.c does: SSH_PROTO_1: "~/%.100s", _PATH_SSH_CLIENT_IDENTITY SSH_PROTO_2: "~/%.100s", _PATH_SSH_CLIENT_ID_RSA "~/%.100s", _PATH_SSH_CLIENT_ID_DSA Identity files are always expanded by tilde_expand_filename() which gets the name of the home directory from

https://bugzilla.mindrot.org/show_bug.cgi?id=1898 Summary: possible unreasonable behaviour when using ProxyCommand with multiple IdentityFile(s) Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

On 12/12/2018 03:32 PM, Steve Clark wrote: > On 12/12/2018 03:28 PM, Gary Braatz wrote: >> Thanks for responding so quickly! No but I will try. Are you saying the >> first vendor connection worked because id_rsa and id_rsa.pub are the >> defaults if not specified? (I didn't use the -i flag for the first vendor.) >> >> >> -----Original Message-----

Here is a patch to add the missing scp -1 and -2 options to eliminate confusion for users familiar with the commercial version of SSH. This patch and others are maintained on the secure nfs (SNFS) web page: http://www.math.ualberta.ca/imaging/snfs/ -- John Bowman University of Alberta diff -ur openssh-3.0.2p1/scp.c openssh-3.0.2p1J2/scp.c --- openssh-3.0.2p1/scp.c Sun Oct 21 18:53:59 2001 +++

https://bugzilla.mindrot.org/show_bug.cgi?id=2066 Bug ID: 2066 Summary: ssh tries the keys proposed by the agent before those passed with -i Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Hardware: All OS: Linux Status: NEW Severity: normal

Hi, I usually have around 10 identities loaded in my local ssh-agent and when I use the "ForwardAgent" option all them are forwarded to the remote server, which is not ideal. I usually only need to forward one (or two) of the identities and I would like to be able to choose which one(s) to forward. Looking for solutions it seems that the only option is to create a new ssh-agent, add

http://bugzilla.mindrot.org/show_bug.cgi?id=1159 Summary: %u and %h not handled in IdentityFile Product: Portable OpenSSH Version: 4.3p2 Platform: All URL: http://www.math.ualberta.ca/imaging/snfs/openssh.html OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2

I''m trying to make sure a specific user has a special ssh key used as his identity file. so I''m trying something like: augeas{"user_second_key": context => "/files/home/user/.ssh/config", changes => [ "ins IdentityFile after /files/home/user/.ssh/config/IdentityFile[last()]", " set

Hi, In SSH, there is a way of telling ssh to look for identification files in a user-dependent location other than in default directory, $HOME/.ssh, without creating a separate ~/.ssh/config entry for each user. For example, in sshd_config one can specify UserConfigDirectory "/etc/ssh2/auth/%U" where %U stands for the incoming $USER. This is required for security if

Hi all, I'm trying to install ssh server based on x509 certificates with no result. What I've done is the following: - Build openssh4.7p1 after patching with openssh-4.7p1+x509-6.1.diff.gz without error using ./configure --prefix=/opt/ssh && make && make install in both server and client machines - Create minimal openssl ca structure under /opt/ssh/etc/ca ( self

Hi All, Please pardon me if it is the wrong list to ask how-to etc. I am having an issue with the Signed SSH keys. I am being asked for the passphrase for my signed public key, even though I don't have any. I am running CentOS7 with OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013. 1) I have ca server with ca user keys (ca-user-key.pub) 2) I created user ssh rsa keys (user-id-org and

Is there any way to tell the openssh client exactly which identity to use for an outgoing commection? I know about "-i identityfile", but it doesn't do what I want. I want to precisely specify the identity to use, not just add an identity to a list of things to try. Whatever mechanism is used should work both for local files and for identities managed by ssh-agent. My ssh client

Here is the user-dependent IdentityFile patch for openssh3.5 (BSD version), which allows private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location. This addresses an important security hole on systems where home directories are NFS mounted, particularly if there are users who use blank passphrases (or when lpd is tunneled through ssh on systems running lpd

https://bugzilla.mindrot.org/show_bug.cgi?id=1981 Bug #: 1981 Summary: Trying to use ssh with a missing identity file gives no warnings Classification: Unclassified Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

Hi, There seems to be an issue where a case sensitive Host entry is no longer working after update to openssh 6.5 example entry: (was working before update) Host MyHost Hostname 192.168.0.1 Port 1234 User root IdentityFile ~/.ssh/id_rsa When issuing "ssh MyHost" the outcome is now: ssh: Could not resolve hostname myhost: Name or service not known When the above entry is changed

Hi, I try to mirror two dovecots with: dsync -v -f -u login mirror ssh -o IdentityFile=/etc/dovecot/dsync.d/id_rsa root at shrike dsync -u login This usually works, but if I delete a certain number of emails, I get this messages: dsync-local(mailverwalter): Info: Posteingang: Ignored 178 modseq changes dsync-local(mailverwalter): Info: Posteingang: Couldn't keep all uids

Thanks for responding so quickly! No but I will try. Are you saying the first vendor connection worked because id_rsa and id_rsa.pub are the defaults if not specified? (I didn't use the -i flag for the first vendor.) -----Original Message----- From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Steve Clark Sent: Wednesday, December 12, 2018 2:23 PM To: CentOS mailing list

Hi all, I am struggling with remote R sessions and a (I suspect) locale related encoding problem: Using the X11 device (X11forwarding enabled), whenever I try to plot something containing umlauts using ggplot2, I am seeing sth like ,---- | Error in grid.Call(L_stringMetric, as.graphicsAnnot(x$label)) : | invalid use of -61 < 0 in 'X11_MetricInfo' `---- Using base graphics is fine

https://bugzilla.mindrot.org/show_bug.cgi?id=2024 Priority: P5 Bug ID: 2024 Assignee: unassigned-bugs at mindrot.org Summary: Allow to ssh client say to ssh-agent which key should be used. Severity: enhancement Classification: Unclassified OS: Linux Reporter: pub at mnu.pp.ru Hardware: