Displaying 20 results from an estimated 2000 matches similar to: "[Bug 78] New: Support use of named (krb4, krb5, gsi, x.509) keys in auth_keys entries"
2005 Apr 21
0
[Bug 78] Support use of named (krb4, krb5, gsi, x.509) keys in auth_keys entries
http://bugzilla.mindrot.org/show_bug.cgi?id=78
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From djm at mindrot.org 2005-04-21 18:57
2002 Jan 24
1
PATCH: krb4/krb5/... names/patterns in auth_keys entries
This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and
other principal names in authorized_keys entries.
It's a sort of replacement for .klogin and .k5login, but it's much more
general than .k*login as it applies to any authentication mechanism
where a name is associated with the ssh client and it supports name
patterns and all the normal authorized_keys entry options
2002 Mar 18
0
[Bug 170] New: Double free() and heap corruption when krb4 auth fails
http://bugzilla.mindrot.org/show_bug.cgi?id=170
Summary: Double free() and heap corruption when krb4 auth fails
Product: Portable OpenSSH
Version: 3.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2012 Feb 23
0
Announce: Puppet 2.6.14 Available [security update]
Puppet 2.6.14 is a security release in the 2.6.x branch which
addresses CVEs 2012-1053 and 2012-1054.
All users of Puppet 2.6.x are encouraged to upgrade when possible to
Puppet 2.6.14.
Other information available at: http://puppetlabs.com/security
or visit http://puppetlabs.com/security/cve/cve-2012-1053 and
http://puppetlabs.com/security/cve/cve-2012-1053
Detailed feature release notes are
2001 Aug 15
0
[ossh patch] principal name/patterns in authorized_keys2
As you know, revoking RSA/DSA keys in an SSH environment requires
editing all authorized_keys and authorized_keys2 files that reference
those public keys. This is, well, difficult at best but certainly very
obnoxious, particularly in a large environment.
SSH key management is difficult. This patch simplifies key management
wherever GSS-API/Kerberos is used and is general enough to be used with
2006 Oct 09
1
Can not use auth_keys Mac OSX to Linux
Connect from Mac OSX 10.4.8 / to Recent Linux .. Sys/Sw Versions in .txt
?
Refuses to accept keys in auth_keys .. bad keys "-----BEGIN" ...
"-----END"
Is this open .. not found in site search ...
R/ Everett F Batey II - WA6CRE - http://www.cotdazr.org
800 545-6998 = 805 340-6471 / Office (805) 228-7180
2003 May 20
2
[Bug 573] Don't include krb4 headers on a krb5 compile
http://bugzilla.mindrot.org/show_bug.cgi?id=573
Summary: Don't include krb4 headers on a krb5 compile
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: openssh-bugs at mindrot.org
2016 May 19
0
[PATCH 2/2] customize: fix ownership when creating ~/.ssh/authorized_keys (RHBZ#1337561)
When creating ~/.ssh and ~/.ssh/authorized_keys (in case they are
missing), change their ownership to the target user. If not, they are
owned by root.
---
customize/ssh_key.ml | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml
index 7c482e7..d05816c 100644
--- a/customize/ssh_key.ml
+++ b/customize/ssh_key.ml
@@ -115,20 +115,24
2015 Sep 07
1
[PATCH] customize: Create .ssh as 0700 and .ssh/authorized_keys as 0600 (RHBZ#1260778).
Both ssh-copy-id and ssh create .ssh as 0700. ssh-copy-id creates
.ssh/authorized_keys as 0600.
Thanks: Ryan Sawhill for finding the bug.
---
customize/ssh_key.ml | 4 ++--
src/guestfs.pod | 17 +++++++++++++++++
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml
index 09664bf..dd6056f 100644
--- a/customize/ssh_key.ml
+++
2012 Jun 04
3
Update .k5login with Puppet
Hi,
can you anyone suggest me how can i update .k5login to append new entry or
remove existing line
when i tried using
k5login { ''/root/.k5login'':
ensure => present,
path => ''/root/.k5login'',
principals => ''dhaval@MYREALM.COM'',
}
it completelty removes all lines form k5login and put
2002 Jun 29
0
[Bug 324] New: privsep break KRB4 auth, KRB4 TGT forwarding and AFS token forwarding
http://bugzilla.mindrot.org/show_bug.cgi?id=324
Summary: privsep break KRB4 auth, KRB4 TGT forwarding and AFS
token forwarding
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2002 Jun 29
3
[Bug 324] privsep break KRB4 auth, KRB4 TGT forwarding and AFS token forwarding
http://bugzilla.mindrot.org/show_bug.cgi?id=324
------- Additional Comments From jan.iven at cern.ch 2002-06-30 09:19 -------
Created an attachment (id=125)
KRB4/KRB5/AFS with privsep
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2012 Dec 28
1
Kerberos/GSSAPI auth via .k5login file
Hi, we are currently moving our mailserver to a new server with Dovecot,
virtual users in LDAP, Passwords in Kerberos Setup. Everything works
fine except for GSSAPI which seems to be a bit buggy.
The thing is, that when using a .k5login [1] file it seems that SASL
does not get passed the home directory specified userdb. In other words,
mails for user1 (see below) are stored in
2013 May 09
1
Crossrealm Kerberos problems
I am running dovecot 2.1.7 on Debian Squeeze 64 bit, config information
at the end of the email.
I am working on a Kerberos/GSSAPI based setup that requires cross-realm
authentication. I have regular GSSAPI working, I can log in using
pam_krb5 with password based logins or with the GSSAPI support when
using a kerberos ticket in the default realm.
However when I attempt to authenticate using
2002 Jan 23
1
OpenSSH w/ kth-krb4 on AIX
Hi,
I'm suffering from a memory corruption problem when compiling OpenSSH
3.0.2p1 with kth-krb4 1.1 on AIX 4.3.2 and 4.3.3. The symptom is that
the file name gets zeroed out during ssh key generation, for example
during "make install":
Generating public/private rsa1 key pair.
open failed: No such file or directory.
^ filename normally goes here
When I remove krb4 from the
2003 Feb 14
0
patch for krb4 authentization in openssh-3.5p1 on RH 8.0
Dear developers,
recently I tried to compile kerberos4 authentization support in
openssh-3.5p1 on Redhat 8.0, unfortunately autentization against
kerberos server in a kerberos4 realm doesn't work well, probably due to
the bug in auth-krb4.c. My colleague David Komanek wrote patch to this
file solving the problem, so credits goes to him. I'm sending this here,
believing that it can help
2001 Mar 20
1
Kerberos v5 and GSSAPI support in OpenSSH
An updated version of my patch for Kerberos v5 support is now available
from
http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch
This patch includes updated Kerberos v5 support for protocol version 1,
and also adds GSSAPI support for protocol version 2.
Unlike the Kerberos v5 code (which will still not interoperate with
ssh.com clients and servers), the GSSAPI support is based on
2002 Jan 18
0
KTH krb4 and OpenSSL conflict building OpenSSH 3.0.2p1
Hi,
I configured OpenSSH 3.0.2p1 with
./configure --disable-suid-ssh --with-pam --with-kerberos4=/usr/athena \
--with-afs=/usr/afsws --with-ipaddr-display \
--with-ssl-dir=/afs/bi/v/@sys/libraries/openssl/latest
My "latest" OpenSSL is 0.9.6a. KTH krb4 is 1.1.
When linking the binaries, the KTH krb4 libdes conflicts with the
OpenSSL libdes. It seems to be possible to get around
2000 Feb 08
0
compile with KTH-KRB4
Hello,
Has anyone tried to compile Openssh with KTH-KRB4? I tried using:
./configure --prefix=/usr --sysconfdir=/etc/ssh \
--with-gnome-askpass --with-tcp-wrappers \
--with-ipv4-default \
--with-kerberos4=/usr/athena
but it complains that it cannot find krb.h (which is in
/usr/athena/include).
I didn't find anything in the
2002 May 13
1
[Bug 44] Can't pass KRB4 TGT on RH7.2 due to glibc mkstemp
http://bugzilla.mindrot.org/show_bug.cgi?id=44
------- Additional Comments From djm at mindrot.org 2002-05-13 15:39 -------
Have you filed a bug in the glibc bug tracking system?
BTW, how did you compile with krb4 on Redhat 7.2 without running over libdes
conflicts?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.