Displaying 20 results from an estimated 6000 matches similar to: "PKI and SSH"
2005 Mar 02
1
PKI and SSH (cont.)
Dear List...
I have a similar question to the one that is copied below. I
am trying to get instructions for configuring OpenSSH to use PKI
based authentication.
I understand that I can provide the server with the public keys
of the client machines to get this working (one way) but the next
step is where I would like to go...
I want SSHD to authenticate my users based upon the "Root
2008 Jul 24
1
The specified network name is no longer available
Hello Samba people,
I have been successfully using Samba for several years, across many
minor versions of Samba across many minor versions of Linux kernel 2.4.x
and 2.6.x, against a Windows 2000 and then in the past couple of years
2003 AD Domain. This morning, something broke...
Setting the stage:
RedHat Fedora based Linux box, FC8, updated over time using 'yum
update'...,
2003 Apr 08
2
OpenSSH 3.6.1p1 on NCR MP-RAS v4.3, several weird terminal problems
I compiled OpenSSH 3.6.1p1 on NCR MP-RAS v4.3 (or at least
"uname -a"'s output of 4.0.3.0 suggests v4.3, I'm not positive).
I was able to compile zlib (1.1.4) and openssl (0.9.7a) with little
trouble.
OpenSSH took hand-hacking the includes.h file as follows:
diff -cr openssh-3.6.1p1/includes.h openssh-3.6.1p1-customized/includes.h
*** openssh-3.6.1p1/includes.h Sun Oct 20
2004 Aug 01
1
SSH login attempts: tcpdump packet capture
I got a packet capture of one of the SSH2 sessions trying to log in as a
couple of illegal usernames. The contents of one packet suggests an
attempt to buffer overflow the SSH server; ethereal's SSH decoding says
"overly large value".
It didn't seem to work against my system (I see no strange processes
running; all files changed in past ten days look normal).
I am
2003 Jan 07
1
[Bug 238] sshd.pid file written AFTER key generation causes race condition
http://bugzilla.mindrot.org/show_bug.cgi?id=238
------- Additional Comments From djm at mindrot.org 2003-01-07 17:59 -------
What if the ephemeral key generation fails (e.g. not enough entropy, etc)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2008 Dec 24
1
SSL cert problems.
I'm really racking my brain trying to figure this one out here. I am
running a pop3 server for remote offices on CentOS 5.2. We purchased a
SSL cert from Verisign and installed it on our dovecot server, but I
continue to get failure problems with the cert and I don't know where to
go from here.
here is some info about our config:
dovecot version:
# dovecot --version
1.0.7
hostname:
2006 Apr 24
12
Design Decisions
Hi All,
I am doing some research on how people start with their Rails app.
What design decisions are made and how is it build.
For example:
- do you use scaffolding and go from there? Or do you create everything
from scratch?
- are you using multiple controllers? Or do you put everything in one?
- do you use migrate?
- how do you use migrate? Do you call migrate your self or do you use
the
2020 Mar 14
2
Replace completely an AD PKI authentication with Samba ?
Hi,
I'm currently using an AD with PKI/certificate authentication ( some of my
users are even using smartcards ).
Could I replace my Microsoft AD & certificates with a pure Samba solution ?
any tricks, non features I should know ?
If so , do you know any docker image maybe that I could start with to do my
test ? ( or some VM ? )
Thanks _
--
This email has been checked for
2020 Nov 10
1
samba AD trusted certificate for RADIUS server (MS PKI, for example AD CS)
Hi,
We are running a 3 DC samba AD domain, and use 802.1x authentication for
the win10 workstations to access the wired network.
We are facing the issue where, following windows updates, our windows
clients keep changing back the 802.1x settings to the windows default,
namely: to verify the server identity and do computer authentication only.
The latter is no problem, but the first one
2007 Jan 29
3
tool to manage a PKI
Hello,
this is a little bit off-topic (even if it have to work on CentOS ;-)
I'm looking for a tool to manage a small Public Key Infrastructure, with
creation/revocation of certificates X.509, export in PKCS#12 format and
have the ability to handle CSR (Certificate Signing Request).
I've wrote my own script to perform it (openssl command line based):
it's a good way to
2010 Jan 21
1
[PKI concepts] Why Jboss need (signed cert and) root-cert in PEM format?
Hi folks
[ Please add me CC. Thanks ]
We have here a Jboss app and web server. We signed the SSL-certificate
that end-user don't have ugly error messages. I don't understand why
we need to import the Root-Cert in PEM format?
$ keytool -import -trustcacerts -file rootcert.pem -keystore
myserver.keystore -alias root
The Root-Cert is in web browser, why there is a must to import in
2007 Aug 06
2
used the described Class in a shared behavior
Is it possible to access the described class in a shared behavior? I''m
trying to do something like this:
describe "Siberian feline", :shared => true do
described_class_instance_as :feline, :name => "fluffy", :breed =>
"Siberian"
# or maybe
before(:all) do
@feline = described_class.new(:name => "fluffy", :breed =>
2015 Feb 22
3
PKI host based principal
Hello,
Maybe I did not understand correctly the PKI trust, so forgive me if I am wrong.
For example, I have multiple hosts that all serves as monitoring
server, I would like to trust only these hosts, so I enrol a
certificate for these using "monitoring" principal, so I can connect
only to these.
At first I thought we can do Match statement at ssh_config, however,
the Match is being
2004 Dec 17
2
Time to add exponential backoff for SSH interactive login failures?
I'm accustomed to systems where even the first failed login attempt
incurs a 5 second delay. I don't think that's too harsh, but everyone
has their own needs and considerations. This could be made
configurable.
-Jay
-----Original Message-----
From: Rick Jones [mailto:rick.jones2 at hp.com]
Sent: Wednesday, December 15, 2004 8:09 PM
To: Jay Libove
Cc: openssh-unix-dev at
2008 Sep 30
1
PKI Compliance Dovecot Server
Hello,
I work for an organization that uses a Secure Dovecot server for messaging, and recently we've had to undergo some security screenings for PKI compliance (credit card industry standards). However, the screening returned to us a failure due to the following reason (attributed to our Dovecot server, which runs on port 993 and is the only "open" port on our firewall):
Synopsis
2010 Oct 18
1
Setting up Samba4 - lots of implementation questions esp re. PKI and SSO
I have a LOT of questions!!! This may take a while. I know some of this
stuff is at the edge of what Samba4 is just becoming able to do, so if
anyone who knows feels this is better posted on samba-technical I'd
appreciate a cross-post from someone in a position to know for sure - I did
consider posting it there straight away but I figured it's a dev list and I
could at least get _some_ of
2010 Feb 18
1
using signed certificates for TLS/SSL
Hi,
I have, in one customer, a web server running on a Verisign-signed
certificate SSL certificate. Everything works fine, IE and Firefox
connects on https without asking anything, which usually happens on
self-signed certificates. I'm trying to use that certificate on dovecot,
but clients (Thunderbird basically) keeps saying the certificate is not
valid.
yes i'm using,
2005 Dec 23
3
Verisign Payflow Scripts
Here''s a link to the Verisign scripts we used... We customized ours a bit
but this will get you going.
Graciously provided by Jon at Slantwise Design and posted with permission
(http://www.slantwisedesign.com), these may make it into some other format
someday (gem? Plug in?).
Anyway, of course, no warranty with this code, use at your own risk and
really no support - you''ll have
2006 Feb 14
20
Adding payment to an app: how hard and risky is it?
Hi all.
I have never implemented online payment and it''s the only thing that
keeps me from accepting a project for a UK based client. (I must reply
quickly!)
While I can afford spending an extra week - or 2 - to learn/try/tune the
payment system, I must be sure to succeed before I accept the contract.
If you''ve already been through that path, any hints, links and/or
2006 Mar 03
9
Credit card handling
Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?
Joe