similar to: Key fingerprint logging

Hi, We'd like to run sshd with a configuration morally equivilent to: # stuff ... AuthorizedKeysFile /var/db/keys-distributed-by-security-team/%u AuthorizedKeysFile %h/.ssh/authorized_keys # be backwards compatable for a bit longer yet AuthorizedKeysFile %h/.ssh/authorized_keys2 # more stuff ... The following patch (against the cvs source) turns the authorizedkeysfile statement in sshd.conf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I am not sure if this is the correct place to ask these question, if I am at the wrong place please advise. I am currently working on some modifications to openssh which record the users rsa/dsa identity comment file to a log file when the user logs in (password authentication is disabled). The ssh1 portion of the modification works

This patch is against 3.0.2p1. It produces output like the first line in the example below for both v1 and v2 logins. Logging is turned on by sticking ``LogFingerprint yes'' in sshd_conf. It would be nice if something like this would make it into OpenSSH. Dec 4 14:21:09 lizzy.bugworks.com sshd[7774]: [ID 800047 auth.info] Found matching RSA1 key:

Hello again! Since there was some resistance against adding TCP_NODELAY uncontionally, I've made another patch. The new patch contains the following: * Added a NoDelay yes/no (default no) config option to ssh and sshd * Added -oNoDelay=yes to the ssh command line for sftp. * Changed the sshd subsystem config option syntax from Subsystem name path to Subsystem name options path

By the way, I noticed in the previous IdentityFile patch I forgot to expand tilde. I fixed this by making the change in ssh.c instead of readconf.c, which is probably where it belongs, as far as the existing code is concerned: diff -ur openssh-3.0.2p1/auth.c openssh-3.0.2p1I/auth.c --- openssh-3.0.2p1/auth.c Sun Nov 11 17:06:07 2001 +++ openssh-3.0.2p1I/auth.c Sun Jan 27 12:05:14 2002 @@ -44,7

Here is a patch to allow private key files to be placed system wide (for all users) in a secure (non-NFS) mounted location on systems where home directories are NFS mounted. This is especially important for users who use blank passphrases rather than ssh-agent (a good example of where this is necessary is for tunnelling lpd through ssh on systems that run lpd as user lp). IdentityFile now accepts

Hi All I need some real help in using virt-install. I have a fedora8 o/s + Xen installed and wanted to have RHEL4 as the Guest Domain. I have mounted the CD1 of RHEL4 and wanted to install this as guest domain using virt-install and not able to do and seeking help. Please let me know if the parameters to virt-install are correct and if not please let me know the correct parameters. Contents of

Any help is greatly appreciated.   Thanks Chandra Sekhar --- On Sun, 11/16/08, Chandra Sekhar <sekhar_15@yahoo.com> wrote: From: Chandra Sekhar <sekhar_15@yahoo.com> Subject: [Xen-users] Error while running virt-install To: xen-users@lists.xensource.com Date: Sunday, November 16, 2008, 11:23 PM Hi All I need some real help in using virt-install. I have a fedora8 o/s + Xen

Hello there! I have a little trouble with using dovecot as lmtp and maillists. I use dovecot 2.0.13 with exim 4.72 on Debian 6.0. (All stuff at one host). info of maillists is store in mysql table, for example: +---------+-------------------------------------------------------------------------------------------------+ | name | recipients

Hello... Since there has been much discussion about zpool import failures resulting in loss of an entire pool, I thought I would illustrate a scenario I just went through to recover a faulted pool that wouldn''t import under Solaris 10 U5. While this is a simple scenario, and the data was not terribly important, I think the exercise should at least give some piece of mind to those who

ZFS experts! cu is looking for _documentation_ about putting zone paths on zfs. cu is running 5.10 KP 137111-06. he needs to make sure u5 kp is ok with zone roots. Also has FSs mounted via legacy. So...anybody have documentation on which u5 or u6 of Solaris (NOT OpenSolaris) supports zfs, if any update, for zone paths? -Brian -------- Original Message -------- Subject: RE: Sun#

I was looking through the RSA fingerprinting code from a few releases back, with an eye to being able to close <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=111598>. While it works fine with SSH2, the fingerprint log message goes missing with SSH1. I eventually realized that this is because auth_rsa() is called in the unprivileged child, and so can't write syslog messages. Am I

https://bugzilla.mindrot.org/show_bug.cgi?id=1829 Summary: auth-rsa.c: move auth_key_is_revoked() call from auth_rsa_verify_response() to auth_rsa_key_allowed() Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component:

File authorized_keys is unusable for mass key storage and manipulation. I wan to store keys in something like mysql server, but It will add big unwanted dependency to package. What if we use auth_rsa.c but instead search in file send key to some script and read sigle return value if key finded and empty if not. I think it will be very customizable. -- With Best Regards, Constantine

Dear all, I need to do a loop in R, but I am not sure the software is generating "n" times the variables I request differently. When I ask to print the last matrix created, I just can see the loop for n=1. To be more precise, supose I need to simulate 10 times one variable and I want to fit the 10 variables simulated in a matrix. I dont really know what I am doing wrong, but I just

Hi, I have added calls to `check_ntsec()' to the code which checks for the ownership and modes of identity files and directories. As you might know, check_ntsec() tests if owner/modes are supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem (FAT/FAT32=no, NTFS=yes) and the current Cygwin settings (ntea/ntsec). Corinna Index: auth-rhosts.c

OS: Solaris 10 5/08 s10s_u5wos_10 Sol 10 U5 panic on removing device from aggr during scp copy files For some reason, I can not get the dump file out of the server. -- This message posted from opensolaris.org

I am working on heavily optimising unusually static C++ code, and have encountered a situation where I basically want an optimiser that would speculatively unroll a loop to see if the first round of the loop could be optimised further. (I happen to know that it is possible.) The previous optimisations that produce the loop in the first place already do a magical job (relying heavily on constant

Hi Guys, First, thanks for all the hard work! You all rock. I am running Samba 3.0.20a on RHEL 3 u5 x86, my configuration is working perfectly except for cvs commits for 3 users. We are using ADS, pam_winbind, and pam_require to authenticate CVS users against AD. Our CVS directories are mod 2775, and the group ownership of all dirs is the AD group "DEN-CVS-Users". Every valid user

The CentOS development team is pleased to announce the release of CentOS 4.5 for i386, x86_64 and ia64. It is available on all CentOS.org mirrors and via bittorrent. This release corresponds to the upstream vendor U5 release. Also released in the updates repository for CentOS-4.5 are all updates through May 16th, 2007. The work for the i386 and x86_64 ServerCDs and all other arches is in