Displaying 20 results from an estimated 1000 matches similar to: "Files >2GB?"
2002 Mar 11
3
Does OpenSSH 3.x support KRB5 directly?
Just curious. There seems to be an awful lot in the source, but no
actual configure option.
Please advise.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"It is the part of a good shepherd to shear his flock, not to skin it."
Latin Proverb
2002 Mar 19
1
Status of KRB5 support?
Just curious. I'd like to move up to 3.1px since there are security
updates associated with it.
Also, any pointers on implementing an kerberized external login server
would be helpful.
TIA
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"It is the part of a good shepherd to shear his flock, not to skin it."
Latin
2002 Mar 25
2
Using kerberized SSHD. Question.
I have a kerberized SSHD installed on HOST-1, a login server for the
outside world.
How can I make it so users are still authenticated via kerberos, even
though they haven't yet received a ticket?
The main reason for this is that a user who is at home, no vpn, but has
an ssh client could then login and be authenticated by kerberos using
password authentication, get a ticket, then be allowed
2002 Mar 21
4
OpenSSH 3.1p1 on Linux Slackware 8 with KERBEROS v5 support
Hello,
I have a little question and this regarding the compilation of the latest
release of OpenSSH on a Linux Slackware version 8 box. We are currently
using Kerberos 5 for user authentification and I saw that in SSH there is
only an option to configure called: --with-kerberos4, so my question is:
what do I need to do to get Kerberos 5 support into OpenSSH ?
I am using the MIT kerberos version
2002 May 03
2
Does OpenSSH have tcp_wrappers *built-in* or just compatibility?
I was under the impression it was just compatibility, and not actually
built-in, but I thought I'd ask here and just make sure of what I'm
saying. :) TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"It is the part of a good shepherd to shear his flock, not to skin it."
Latin Proverb
-------------- next part
2002 May 31
11
(no subject)X-forward
No "ssh -X hostname" doesn't work.
But when you "export DISPLAY=..." it works!?
I set the the Display Hack so that I can see my IP with "env" or "echo
SSH_CLIENT" when I'm connect via VPN-Tunnel and I don't know my IP in
the Net I'm connected through.
Andreas Kerl
-----------------------------------------
DTS Medien GmbH
Heidestrasse 38
2002 May 09
4
Feature request: Discussion.
I was wondering if anyone would find the syntax:
ssh://someuser at host#port or even as simple as ssh://somehost#port
useful?
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try to run away from it. If you do that, you will double the danger.
But if you meet
2002 Mar 29
0
Announce: Unofficial OpenSSH 3.1p1 RPMS with kerberos patches
Thanks to Simon Wilkinson for getting Kerberos working in OpenSSH.
Changes:
*openssh.spec file has been updated to use the kerberos patches based on
the existence of krb5-devel rpm
*added sshd-krb5.pam to contrib/redhat. This file
enables the sshd to accept password auth, and check
the password against the KDC.
*Bumped the OpenSSH rpm build version to 3.
*added sshd-krb5.pam install to
2002 Apr 18
2
AuthorizedKeysFile
OpenSSH 3.1
Not really a bug, but an "undocumented feature".
The default sshd_config file show the default setting for AuthorizedKeysFile
as being:
AuthorizedKeysFile .ssh/authorized_keys
If you uncomment that default, it changes the "undocumented" setting for
"AuthorizedKeysFile2", which is by default:
AuthorizedKeysFile2 .ssh/authorized_keys2
2002 Mar 26
2
SSH / PAM / Kerberos / password aging
Ok, so, things are complicated.
The PAM standard insists on password aging being done after account
authorization, which comes after user authentication. Kerberos can't
authenticate users whose passwords are expired.
So PAM_KRB5 implementations tend to return PAM_SUCCESS from
pam_krb5:pam_sm_authenticate() and arrange for pam_krb5:pam_sm_acct_mgmt()
to return PAM_NEW_AUTHTOK_REQD, as
2002 Jan 10
4
Potential SSH2 exploit
I just noticed (at least on OpenSSH 3.0p1) that even though I have both RSA
and DSA keys available in sshd_config on a server, only a ssh-rsa line
shows up in known_hosts on the client side, not a ssh-dss line (that
priority may come from the fact that my RSA key is listed before my DSA key
in sshd_config). If I comment out the RSA key in sshd_config and restart
the server, then the next time the
2006 Nov 01
0
No subject
forwarding at all, or it's been turned off in /etc/ssh/sshd_config.
To find out you're IP that you're coming from, use www.whatismyip.com it
will tell you what you're IP is. Either that or who -l should show you
as well, when you're ssh'd into the system.(the one that the VPN is
talking to)
On Fri, 2002-05-31 at 17:05, Kerl, Andreas wrote:
> No "ssh -X
2006 Nov 01
0
No subject
forwarding at all, or it's been turned off in /etc/ssh/sshd_config.
To find out you're IP that you're coming from, use www.whatismyip.com it
will tell you what you're IP is. Either that or who -l should show you
as well, when you're ssh'd into the system.(the one that the VPN is
talking to)
On Fri, 2002-05-31 at 17:05, Kerl, Andreas wrote:
> No "ssh -X
2006 Nov 01
0
No subject
forwarding at all, or it's been turned off in /etc/ssh/sshd_config.
To find out you're IP that you're coming from, use www.whatismyip.com
it will tell you what you're IP is. Either that or who -l should show
you as well, when you're ssh'd into the system.(the one that the VPN is
talking to)
On Fri, 2002-05-31 at 17:05, Kerl, Andreas wrote:
> No "ssh -X
2002 May 17
1
OpenSSH 3.2.2 supports kerberos5 but....
I can't seem to login with only a TGS? (i.e. no password)
Do I need another patch to have that part work? Password auth seems to
be working against the KDC just fine.
TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try to run away from it. If you do
2002 May 15
3
Curious about final KRB5/GSSAPI patch inclusion.
What is the target version for all the KRB5 bits to be in place. I know
there is very much in place right now, but I remember someone mentioning
there was just a GSSAPI/MITKRB5 patch being waited for.
TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try
2002 Mar 29
1
Two patches for OpenSSH 3.1p1 (fwd)
Can I get people from other platforms to test the waitpid.patch to see
if it solves hang-on-exit on their platform?
I can confirm Solaris at this moment (but I've not done heavy testing at
this moment) that is works like a charm (Solaris 7). It handles 'sleep
90&' vs 'nohup sleep 90&' correctly (killed, vs left).
thanks.
- Ben
---------- Forwarded message
2002 Sep 03
1
post upload handling with sftp-server.
Is there something like this that's possible? Maybe by wrapping
sftp-server or some such thing?
--
Austin Gonyou <austin at coremetrics.com>
Coremetrics, Inc.
2001 Mar 27
3
Kerberos 5 and OpenSSH 2.5.2p2
Are there any patches to enable Krb5 for OpenSSH? I'm trying to get a
proof of concept done so I can eventually roll Krb5 and OpenSSH out as our
primary AA infrastructure and I'm having a hard time of it. Can someone
point me to info to help?
--
Austin Gonyou
Systems Architect
Coremetrics, Inc.
Phone: 512-796-9023
email: austin at coremetrics.com
2002 May 31
1
(no subject)
Hello,
I've got the Problem that the Display Variable is not set when I connect
to sshd.
X-Forward is active.
I think I tested all Configurations but it doesn't work.
Sorry :-)
Solaris 8 openssh 3.2.3
Andreas Kerl