similar to: Trick user to send private key password to compromised host

We had an incident recently where an openssh client and server were replaced with trojanned versions (it has SKYNET ASCII-art in the binary, if anyone's seen it. Anyone seen the source code ?). The trojan ssh & sshd both logged host/user/password, and probably had a login backdoor. Someone asked me what was their exposure if they used public/private keys instead of passwords. My

I'm not really a developer, but was considering if there is a key vulnerability in geli given that when you change a key there isn't a disk update. Consider the scenario where a new file system is created and populated with some files. At a later time the original key is changed because someone has gained access to the key and passphrase. A new key is generated and attached, but none of

On Mon, Jan 18, 2010 Joachim Schipper wrote: > What this patch does can be described as follows: > > Without: > you at local$ ssh somehost > Enter passphrase for RSA key 'foo': > you at somehost$ exit > $ ssh otherhost > Enter passphrase for RSA key 'foo': > you at otherhost$ > > With: > you at local$ ssh somehost > Enter passphrase for RSA

I have been beating my head against a wall attempting to get virsh to migrate a simple VM from one host to another. I have two systems running Ubuntu 14.04 with libvirt 1.2.2. Yes, they are bridged. Non-shared storage. Modest guest VM that only requires 100G of disk space; there is far more available. In trying to accomplish even the simplest migration (per every page I can find from both the

Hi People, The Linux Environment I am responsible for is using ssh key pairs to allow access to a number or accounts on a number Linux Servers. I currently have the opportunity to re-design some of this. So I would like to tap into peoples experiences to see what might be some good changes to make. Specifically I have a couple of questions 1. Currently all of the key pairs we are using

After a list element has been assigned from a vector variable, assigments to elements of the original vector variable modify the copy stored in the list as well. Here's a transcript illustrating the problem: R : Copyright 2001, The R Development Core Team Version 1.3.0 (2001-06-22) [ . . . ] > x _ list() > y _ 10 > x[[1]] _ y

Debian GNU/Linux 2.2 (potato), openssh-2.2.0p1 Configured with: --prefix=/usr/local/openssh --enable-gnome-askpass --with-tcp-wrappers --with-ipv4-default --with-ipaddr-display My goal here is to, as root, forward a local privileged port over an ssh tunnel to another host using a normal user's login, i.e.: root:# ssh -2 -l jamesb -i ~jamesb/.ssh/id_dsa -L 26:localhost:25 remotehost So far,

On 05/17/2018 11:38 AM, Frank Vanoni wrote: > On Thu, 2018-05-17 at 11:18 -0400, sean darcy wrote: > >> 3. How do I set up the server to block these ? >> >> 4. Can I stop the retransmitting of the 401 Unauthorized packets ? > > I'm happy with Fail2Ban protecting my Asterisk 13. Here is my > configuration: > > in /etc/asterisk/logger.conf: > >

http://bugzilla.mindrot.org/show_bug.cgi?id=979 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From dtucker at zip.com.au 2005-04-24 10:23 ------- It turns out that HP's HP-UX Secure

Hey all, Let's make an assumption: 1) I am a root user on a system. 2) I don't want said system being used as a jumping-off point if either a user account or the root account is compromised. Given an unencrypted private key, plus a known_hosts file, plus bash_history, it's a pretty easy avenue of attack once you're in the front door. And it's happened before*. Thus,

Btrfs had some issues with fsync()''ing directories and fsync()''ing after renames. These three new tests cover the 3 different issues we were seeing. This breaks out the dmflakey stuff into a common helper to be shared between generic/311 and generic/321. Thanks, Signed-off-by: Josef Bacik <jbacik@fusionio.com> --- V1->V2: rename test to generic/321 -removed an

Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old

I'm afraid I'm not at all involved with OpenSSH development, so perhaps this attack has been discussed in the past. It's something that seems difficult to search for in mailing list archives. I found myself reflecting on the following, mildly serious, protocol weakness at the user-interface level. In a nutshell, the OpenSSH client (at least as of version 1.2.2) fails to provide

There is a new version of RODBC, 0.9-1, with a new maintainer (me) now on CRAN (Vienna) which works with R 1.6.x. The Windows binary will be there tomorrow, and both will then propagate around CRAN. This has been tested on Linux under unixODBC against MySQL and Postgresql (thanks to Dirk Edelbuettel), and on Windows against Access, MySQL and Excel. The CRAN compilation checks were against

There is a new version of RODBC, 0.9-1, with a new maintainer (me) now on CRAN (Vienna) which works with R 1.6.x. The Windows binary will be there tomorrow, and both will then propagate around CRAN. This has been tested on Linux under unixODBC against MySQL and Postgresql (thanks to Dirk Edelbuettel), and on Windows against Access, MySQL and Excel. The CRAN compilation checks were against

Hello! I'd just like to run this by some people who are more familiar with the RSA and DSA algorithms and their use within (Open)SSH. I've been using OpenSSH happily with the assumption that using key-based authentication (RSA or DSA public keys pushed to .ssh/authorized_keys on remote hosts) provides a number of benefits, including an important security-related one -- Logging in to a

My wife's office server was compromised today. It appears they ssh'ed in through account pcguest which was set up for Samba. (I don't remember setting up that account, but maybe I did.) At any rate, I found a bazillion "ftp_scanner" processes running. A killall finished them off quickly, I nuked the pcguest account, and switched ssh to a different port (which I normally do

Hi! I have some MP3 audio material which is basically speech with some background noises, essentially > 120Hz and < 5kHz. I had the idea to reduce the file size by recoding the material to Opus at 56kbps. Unfortunately the result is a file sampled at 48kHz much larger than the original. I hope you agree that it does not make sense to create a file larger than the original (MP3). Of course

I have not, I'll look into that one, thanks! On 11/14/2019 9:48 AM, SternData wrote: > Do you run rkhunter? > > On 11/14/19 9:40 AM, Christopher Wensink wrote: >> How do you know when a Linux system has been compromised?? >> >> Every day I watch our systems with all the typical tools, ps, top, who, >> I watch firewall / IPS logs, I have logwatch setup and

Hi, We have clients with various security & compliance requirements. Although not required, it would be ideal to have messages encrypted at rest. We already use SSL/TLS to secure the transmission of most email. However, it would be nice to have them encrypted sitting on our server. Is anyone doing this? I think that ideally, rather than full-disk encryption, we should use an encryption that