similar to: encrypt authentication credentials with payload in the clear?

Hey everyone, I have been using sftp for quite some time now and we have just hit 256 sftp users. Line 21 of servconf.h reads: #define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ I am curious why this is in a header file and not something that is in sshd_config that can be changed without recompile? Thanks in advance! -- James Dennis Harvard Law School "Not

On Solaris 8, I have ssh 3.1.0 and on other box Sol 7 I have 1.2.26 (min version for comtable with ssh 3), I checked also /etc/ssh2/sshd2_config file ## SSH1 compatibility # Ssh1Compatibility <set by configure by default> # Sshd1Path <set by configure by default 2) generate key for ssh3 # ssh-keygen2 -P /etc/ssh2/hostkey

I am doing rsync over a private network. Encryption is not required. Currently rsync over ssh works, but requires too many CPU cycles (especially when doing a lot of transfers) on a CPU-bound system. I need to use rsh instead. The problem is, I can either set rsh to allow transfers without a password, or it won't let me transfer files at all. I need rsh to ask for a password. The network

In the changelog, there is an entry: 20001129 - (djm) Back out all the serverloop.c hacks. sshd will now hang again if there are background children with open fds. Does this mean that this is regarded as expected (and correct) behavior, that should not change in the future, or does it mean that this behavior is a known problem that someone will eventually fix? --Adam -- Adam McKenna

Hello! I have a query regarding the use of "encrypt passwords = yes" and is wondering if anyone can help me with it. If I recall correctly, when using "encrypt passwords = no" , Samba will lookup the username/password via the UNIX /etc/passwd file or equivalent. And as the password can have mixed-case passwords, the "password level = x" parameter is used to

It is my understanding that roving profiles cannot be implemented without using encrypted passwords. It is also my understanding that encrypted passwords cannot be implemented without pointing smb.conf to a windows password server. I'm trying to set up a samba server on a Linux (RedHat 7.3) to act as a PDC and a provider for roving profiles - when I do things with cleartext (encryption

So far the tutorials I''ve seen are for encrypting text and then decrypting it back. So for example you have a plaintext = "some text" you encrypt it and then you decrypt it depending on how you encrypted it. What I am looking for is to encrypt a whole file and then store it. for example I allow my users to upload .doc/.xls files. I want to encrypt those files so I would not

Hello, I apologize that this is slightly off topic. According to the Internet Draft I found for SSH ver 1 (draft-ietf-tls-ssh-00.txt from Jun 13, 1996), the client or server can send a SSH_MSG_KEXINIT at any time to force a new key exchange. I looked through the code for OpenSSH and ssh-1.2.27 and can't find where it does this. I then searched the Secure Shell mailing list archives and saw

Using OpenSSL, is there a preferred/recommended rate of rekeying an encrypted stream of data? Does OpenSSL handle this for developers behind the scenes? Does it even need to be rekeyed? Thanks in advance. -sc -- Sean Chittenden -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 202 bytes Desc: not available

I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. I was playing around with different encryption schemes. doveadm pw -l SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5

Below is a patch that adds the ability to have a none cipher and mac for protocol version 2. By default, sshd will not allow these to be used; an admin will have to explicitly allow them in the Ciphers and MACs section of sshd_config. Additionally, the client will not use these unless explicitly instructed to by the user. The actual name of the cipher is 'none2', to distinguish it

Hi All, This is an update/question about the new beta release of Samba. I installed it onto a test bay. One machine is Redhat 7.3, one is XP. For our purposes, the clients need to have encryption turned off (IE: we enabled cleartext passwords). With Samba 2.2.7, I had PDC support, including roving profiles and login scripts working when ecryption was turned on, both server-side and

hi all Trying to setup a testserver with NUT here, and I notice the password is set in cleartext in the upsd.users file. Is there a way to store it encrypted? I don't like cleartext passwords? -- Vennlige hilsener / Best regards roy -- Roy Sigurd Karlsbakk (+47) 98013356 roy at karlsbakk.net http://blogg.karlsbakk.net/ GPG Public key: http://karlsbakk.net/roysigurdkarlsbakk.pubkey.txt -- I

hi... i've got an "access denied" issue with rsh on one of my boxes (and before we start, no "use ssh" comments.. rsh is what i'm dealing with for now!!) i've got a few boxes in my network, and i can successfully rsh into them with no issue. however, on one box, i can't access it using rsh, and i'm running out of things to try... kind of curious. i can

Well, I have successfully migrated about 75 Windows 95/98 machines over to using Samba as a PDC, it works better than I expected. Much faster than NT or OS2. However I have a few questions? There are a couple of machines that will not use the Samba box to authenticate. I know that the network config on these machines is correct as they were working before, and the net properties have been set

Hi! I noticed these messages in my logs. It seems that the user checked the "encrypted password" in her outlook or something, and wants NTLM auth. I'm storing all the passwords as SSHA256, and when the user tries to auth, this happens: => dovecot.info auth: Info: password(<username>,<user_ip>): Requested NTLM scheme, but we have only SSHA256 auth: Debug:

On Wed, 29 Mar 2023, Chris Rapier wrote: > I was wondering if there was something specific to the internal chacha20 > cipher as opposed to OpenSSL implementation. > > I can't just change the block size because it breaks compatibility. I can do > something like as a hack (though it would probably be better to do it with the > compat function): > > if

Dear sir, Having read all the descriptions of how easy it was to use rsync, I tried it for the replication of two servers. Testing rsync 10.0.1.4:/tmp/repl/ /tmp/repl I got the following error message (after a period which seemed to be a time-out): 10.0.1.4: Connection refused rsync: connection unexpectedly closed (0 bytes read so far) rsync error: error in rsync protocol data stream

On 12/4/18, 1:14 AM, "dovecot on behalf of Aki Tuomi" <dovecot-bounces at dovecot.org on behalf of aki.tuomi at open-xchange.com> wrote: On 3.12.2018 22.24, Jerry wrote: > I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. > I was playing around with different encryption schemes. > > doveadm pw -l > SHA1

Hello I am trying to set up a backup server running Solaris 8 with rsync 2.5.5 and ipfilter the latest version. The problem i have is i have about 16 different interfaces that are secured via ipfilter , and i tried running rsync via rsh but ipfilter would not set up a keepstate with rsh which meant i had to open up and that is not acceptable. So what i tried then was via ssh and that worked fine