similar to: Request for generic engine support

Add private key protection information extraction to shh-keygen using -v option on top of -y option which is already parsing the private key. Technically, the passphrase isn't necessary to do this, but it is the most logical thing to do for me. Adding this to -l option is not appropriate because fingerprinting is using the .pub file when available. An other idea is to add a new option, I

Hi, I needed to convert a public RSA key to autorized_keys format and found ssh-keygen lacking this feature. I made the option -Q publicfile to allow an conversion like ssh-keygen -Q pubrsa.pem -y The patch is produced using unified diff and made on latest release. If you like it and can make a patch for the man-page also! Regards, /Lars -------------- next part -------------- diff -u

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

ssh-add on OpenBSD current (with malloc -S enabled) crashes ("chunk is already free") when loading my password-protected SSHv1 key (used only for testing). "ssh-add ~/.ssh/identity" also fails to format the prompt properly ("Enter passphrase for :"). The issue is as follows: Starting at ssh-add.c:158 in add_file(ac, filename = "~/.ssh/identity"), we call

Hello, I need to allow for some people to execute ssh with one shared private key for remote executing command on various machines. However, it is not possible to set group permissions for private keys and it is possible to have just one private key file for one user. Please, is it possible to add patches into openssh development tree like these, so that standard behavior of ssh is not changed,

Add a xen command-line parameter, sched_credit_tslice_ms, to set the timeslice of the credit1 scheduler. Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com> diff -r 4a4882df5649 -r 782284c5b1bc xen/common/sched_credit.c --- a/xen/common/sched_credit.c Wed Aug 31 15:23:49 2011 +0100 +++ b/xen/common/sched_credit.c Thu Sep 01 16:29:50 2011 +0100 @@ -41,15 +41,9 @@ */ #define

From: Nate Studer <nate.studer@dornerworks.com> Add a utility function to update the rest of the timeslice accounting fields when updating the timeslice of the credit scheduler, so that capped CPUs behave correctly. Before this patch changing the timeslice to a value higher than the default would result in a domain not utilizing its full capacity and changing the timeslice to a value lower

Hi all, Since Xen 4.2.0, users can change time slice of the scheduler at runtime via xl command line, a very nice feature. However, it is not *correctly* implemented. Problem description -------------------- say you set the ''cap'' of one VM to 50 (a half core), -when setting the time slice to be *greater* than 30ms, the VM gets much *less* CPU cycles than its allocation -when

After getting OpenSSH 7.7 to build :), the initial test fails as follows: test_kex: ............................................................................ ............................................................................ ............................................................................ ............................................................................

On 05/03/2024 01:24, Damien Miller wrote: > > Hi, > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > Running the testsuite on Solaris 9 I see this: set -xe ; if /export/home/tgc/buildpkg/openssh/src/openssh-git/ssh -Q key | grep -q ^ssh-rsa ; then \

After a user changes their password (CTRL-ALT-DEL) in our Samba 4 domain (4.1.12) they lose access to any stored passwords on their Windows PC. I've set the log level in smb.conf to 4 and enabled the GPO to record DPAPI log entries in Windows to get the below log data. My reading of the two is that the Windows PC believes it is failing to reset the access to its DPAPI store (where the saved

I have been killing myself on this issue over the last 2 weeks. I have setup pam AD authentication using winbind on our companies email servers. That part is currently working. I have been trying to add an existing "Trusted" child domain and allow authentication from that domain as well. I am part of the way there, but not quite to the functional point as of yet. Our primary domain

I'm having problems using smbldap-tools 0.8.2 from idealix, I'm using the following entry in my smb.conf file: add machine script = smbldap-useradd.pl -w -g 553 %u Then, while I try to add a workstation to my domain, the script adds a posixAccount, and then I get this error: ------ [2004/01/14 18:15:49, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1173) ldapsam_modify_entry: Failed to

On Sat, 9 Mar 2024, Tom G. Christensen wrote: > On 05/03/2024 01:24, Damien Miller wrote: > > > > Hi, > > > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > > > Running the testsuite on Solaris 9 I see this: [snip] > + ssh-rsa > /bin/sh:

Engine keys are keys whose file format is understood by a specific engine rather than by openssl itself. Since these keys are file based, the pkcs11 interface isn't appropriate for them because they don't actually represent tokens. The current most useful engine for openssh keys are the TPM engines, which allow all private keys to be stored in a form only the TPM hardware can decode,

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

Hi list, we have a forest trust of two domains. One domain in US (us.root.prv) running exclusively on Windows 2012 R2 and one in EU (spreadshirt.private) running exclusively Sernet Samba 4.8.2-11. Both domains run functional level "2008 R2". The trust validates successful using "samba-tool domain trust validate" and in "Domains and trusts". My problem is: I

Hi I keep getting these messages on this one box. There are issues with at least one of the drives in it, but since there are some 80 drives in it, that''s not really an issue. I just want to know, if anyone knows, what this kernel message mean. Anyone? Feb 5 19:35:57 prv-backup scsi: [ID 365881 kern.info] /pci at 7a,0/pci8086,340e at 7/pci1000,3140 at 0 (mpt1): Feb 5 19:35:57

Hello I run dovecot 2.0.6 on a two-machine cluster using OCFS2 as the file system. I have some error messages like these in my log: Oct 25 01:07:50 box5 dovecot: lmtp(8886, suporte=100br.com at lmtp1.prv.f1.k8.com.br): Error: Corrupted transaction log file /var/lib/imap/user/a3/suporte=100br.com/stor age/dovecot.map.index.log seq 29: Transaction log corrupted unexpectedly at 21536: Invalid size

https://bugzilla.mindrot.org/show_bug.cgi?id=1989 Bug #: 1989 Summary: SCP wihout a source path Classification: Unclassified Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: scp AssignedTo: unassigned-bugs