similar to: Retract sftp/scp connections.

https://bugzilla.mindrot.org/show_bug.cgi?id=1687 Summary: scp/sftp is not working when using key based (authorized_keys2) authentication Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp

This is off topic and only tangentially related to statistics or R (through "HARK"ing -- Hypothesizing After Results are Known). But given the research interests of many on this list, I thought others would enjoy it. My apologies if I have overstepped (please let me know if so). Also, PLEASE DON'T RESPOND ON THIS LIST (privately is fine). This is just FYI. I don't know whether

Hello, When running scp (from openssh-3.4p1) on our linux systems we are experiencing hangs after authentication. According to the debug messages, authentication succeeds but the file itself is not transferred. Openssh is built using OpenSSL 0.9.6d. The command scp foo 192.168.1.111:/tmp will hang until the connection times out. Below are the client and server side logs. An strace of the

Mainline commit d4f7e650e55af6b235871126f747da88600e8040 attempts to delay the dlm_thread from sending the drop ref message if the lockres is being migrated. The problem is that we make the dlm_thread wait for the migration to complete. This causes a deadlock as dlm_thread also participates in the lockres migration process. A better fix for the original oss bugzilla#1012 is in testing.

I''ve got a situation where a manifest fails when writing one particular key for a user. What I have is a manifest that looks like this: class my::accounts () { Ssh_authorized_key { ensure => present, type => ssh-dss, } Then, after making sure the user, group, and authorized_keys2 file exist: ssh_authorized_key { "key-name-1": key

http://bugzilla.mindrot.org/show_bug.cgi?id=66 Summary: $HOME/authorized_keys not read by sshd Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

scp may be an ugly protocol, but it works, works nicely from a command line, and is quite convenient. FTP (and, presumably, sftp) is not nearly as convenient. Why do you think your recommendation to "use sftp instead" keeps falling on the deaf ear? Usability, perhaps? Perhaps it's time to stop preaching to people about what they should use, but instead - if you really want a change

Help! I am trying to get debug output working with sftp-server, and can''t seem to find the appropriate information to get it working. Yes, I have recompiled sftp-server to include defining DEBUG_SFTP_SERVER. I found that myself in the code before finding it in several postings as the common answer to others having this problem. In addition, I have set up the sshd_config file

Hi, could somebody with checkin rights please apply the following patch to contrib/cygwin/ssh-user-config? It just appends the RSA2 and DSA keys to .ssh/authorized_keys instead of .ssh/authorized_keys2. TIA, Corinna Index: contrib/cygwin/ssh-user-config =================================================================== RCS file: /cvs/openssh_cvs/contrib/cygwin/ssh-user-config,v retrieving

Damien wrote: > Could you redo your traces with "-v -v -v" set? Best send the report to > openssh-unix-dev at mindrot.org so it isn't just myself looking at it. Attached are a number of log files from a problem I'm seeing with DSA/authorized_keys2 when operating ssh strictly with Protocol 2. Damien has not been able to reproduce it with his RSA setup. When my server has

http://bugzilla.mindrot.org/show_bug.cgi?id=72 Summary: sshd 3.0.2p1 assumes authorized_keys2 unless configured otherwise. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

OpenSSH 2.9.9 has just been uploaded. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH 2.9.9 fixes a weakness in the key file option handling, including source IP based access control. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability

It seems that there are a few camps here: * The scp power users - this camp believes that scp supporting backtick notation is fine and that running arbitrary commands is a perfectly fine thing to do. * The restricted shell users - this camp believes that scp supporting backtick may not be the best, and there are various restricted shells which can prevent this. Power users may belong to this

Hi, We have a CLI that certain users get dropped into when they log in. One of the things they can go is generate certificates (actually .p12 key/certificate bundles) that they will then scp out of the box from another host. Problem is that if their default shell isn't sh, ash, dash, bash, zsh, etc. then things break. Is there a workaround to allow scp/sftp to continue to work even for

Hi all, I'm setting up a system where users will only be able to use "sftp" but not "ssh" to connect to the server (http://www.snailbook.com/faq/restricted-scp.auto.html). Here's the setup... Server: OpenSSH 2.5.2p2-1 on RH Linux Client: Commercial SSH 2.4 on Solaris The vendor on the client system creates a key pair and sends it to me. I then add the vendor's

As you know, revoking RSA/DSA keys in an SSH environment requires editing all authorized_keys and authorized_keys2 files that reference those public keys. This is, well, difficult at best but certainly very obnoxious, particularly in a large environment. SSH key management is difficult. This patch simplifies key management wherever GSS-API/Kerberos is used and is general enough to be used with

I'm trying to change my local setup from ssh2 to openssh-2.3.0p1. I need captive comands and specific environments for each key, i.e. the "command=XXX" and "environment=X=y" options. Unfortunately I *also* need to support the existing ssh2 client for a transition period, since it's impractical to change all user's environments to openssh in one go. I have converted

Damien, I was going down the path of public key authentication when I encountered problems. I've been discussing it off-line using the simple example of creating a key pair with no passphrase for an account on "myserver", then trying to connect to myserver using the "ssh -i id_dsa myserver" command. It's not working, so we're debugging now (see below). If you

Why does the local scp determine what characters are valid in a remote host userid? A friend of mine just had his ISP convert him to using a userid of the form 'user#isp-acct' (eg, "ssh -l 'joe#foo.org' foo.org" is used to login). The OpenSSH ssh and sftp commands both allow this form of userid. However, it seems that scp has its very own idea of what characters are

On Tue, 4 Aug 2020, raf wrote: > In such cases, this vulnerability can be mitigated by > the use of an ssh-specific command whitelisting control > such as: Probably just as easy: give the user a restricted shell (/bin/rmksh) as shell and set their PATH etc. suitably, to not include any other commands. bye, //mirabilos PS: Full disclosure: I?m the mksh developer -- ?MyISAM tables