similar to: Support for merging LPK into mainline openssh?

Hello everybody, I'd like to have LPK (or something like that - getting public keys from LDAP) integrated into mainline OpenSSH. *** First of all, a summary. The project page at http://code.google.com/p/openssh-lpk/ mentions that a few distributions include LPK per default; but reading the various threads at Support for merging LPK and hpn-ssh into mainline openssh?

Hello Are there plans to merge the hpn-ssh (http://www.psc.edu/networking/projects/hpn-ssh/) and the LPK (http://code.google.com/p/openssh-lpk/) into the mainline openssh. Adding lpk has been logged as a bug in bugzilla as They are two patches that I always apply as the performance boost from hpn-ssh is substantial to say the least, and centralisation of the authorized_keys into a LDAP server

> From: Damien Miller <djm () mindrot ! org> > Date: 2009-02-17 4:22:05 > Message-ID: alpine.BSO.2.00.0902171519190.1946 () fuyu ! mindrot ! org > On Tue, 17 Feb 2009, Peter Lambrechtsen wrote: > >> On Tue, Feb 17, 2009 at 3:18 PM, Damien Miller <djm at mindrot.org> wrote: >> > I don't think there are any plans to merge the LPK patch. We

Hi all, At my organisation we have an LDAP infrastructure built on OpenLDAP, between Unix boxes running OpenSSH at multiple sites. It works well but the SSH key management is something of an inconvenience, especially as we would like to implement SSO with ssh-agent and passphrased keys. There is an OpenSSH patch called LPK which can allow the authorized_keys to be stored in LDAP, and that

https://bugzilla.mindrot.org/show_bug.cgi?id=1663 Summary: Allow to use agent for distribution of public keys. Product: Portable OpenSSH Version: 5.3p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org

I have successfully created a packaged version of openssh that has the LPK patch. LPK allows you to store your public keys in LDAP. However when I go to install the package I created it complains about dependencies: [root at VIRTCENT13:/home/bluethundr/rpm]#rpm -Uvh openssh-5.6p1-1.i386.rpm error: Failed dependencies: openssh = 5.5p1-1.el5 is needed by (installed)

Hi All, I've recently upgraded to RC2 (debian package) and now I get the following message in syslog all the time: Jul 14 15:51:04 server01 deliver(alex): saved mail to INBOX This seems to happen for every mail, despite some being filtered into different folders. It goes like this: Mail arrives from Ubuntu mailing list: Jul 14 15:53:49 server01 postfix/qmgr[19023]: D51A95C023:

http://bugzilla.mindrot.org/show_bug.cgi?id=1316 Summary: Add LDAP support to sshd Product: Portable OpenSSH Version: 4.6p1 Platform: All URL: http://dev.inversepath.com/trac/openssh-lpk OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: PAM support AssignedTo:

Hello, My is Dmitri Pal and for the last two years I have been working on SSSD and IPA open source projects. SSSD is effectively a replacement for PAM/NSS combination with offline caching. The details about the project can be read here: https://fedorahosted.org/sssd/ Quick overview of features is here: https://fedorahosted.org/sssd/attachment/wiki/Contribute/sssd%20overview%20slides.2.pdf SSSD

Hi, Could someone please post an example of a /etc/init.d/dovecot startup script? (We use fedora core 5, if that makes any difference.) Ours seems to be missing. Cheers, Pid

Hi, I'm still getting the errors below on Debian Etch with Dovecot 1.0.8-4 and Dovecot LDA. Is this something that's fixed in 1.0.9? It doesn't seem to have an effect but I'm wary of messages I don't recognise! Regards, Alex Jun 20 14:13:04 server01 deliver: entered bc_action_emit with filelen: 16 Jun 20 14:13:04 server01 deliver: entered bc_action_emit with filelen: 112

I would like to implement a feature whereby users can write their own plugins for authorizing use of a public key. I've got a private branch of this working, but would like feedback before submitting a patch (starting with whether the community would want this). Essentially, I've added a line in sshd_config like: PubKeyPlugin

Hi, I''ve been using puppet for about a week and a half now, and it''s definitely making my life a lot easier. I''m using 0.24.1 and I''ve run into a small snag. I''m trying to write some code to make sure user home directories exist for users in LDAP. I''m trying to get their uid, gid and home directory from getent with something like: $uid =

Discussion to the https://bugzilla.mindrot.org/show_bug.cgi?id=1663 > 1) you lose the ability to specify key restrictions. I.e. you can't > force commands on a per-key basis, disable port-forwarding, etc. This extension is designed to provide some non kerberos possibility to create domains for groups of roughly equivalent users. It distributes the authorized keys from a single point in

Hi there is unpaired brackets in port_linux_compat.c in ssh_selinux_setfscreatecon if (path == NULL) setfscreatecon(NULL); return; } -- JFCh <jchadima at redhat.com>

Hi Rob, Can you comment on exactly what the problem is you want to solve? Is it a performance issue with LoadLibraryPermanently, or do you simply not want the external symbols to be resolved from within the JIT? - Daniel On Wed, Jul 22, 2009 at 11:22 PM, Evan Cheng<evan.cheng at apple.com> wrote: > > On Jul 22, 2009, at 9:43 PM, Rob Grapes wrote: > >> Hi, >> >>

Hi, I've been kicking this idea around, and the problem with it escapes me. I'm looking for someone to tell me why this is a bad idea. The new OpenSSH includes the AuthorizedKeysCommand, which was mostly added to let people use a command to look up user keys in LDAP. LDAP key lookup have some limitations -- specifically, the common openssh-lpk_openldap schema won't let you add

Hi Daniel, In my case ExecutionEngine::create() loads 40 modules, then each time I try to resolve a symbol that I know is in a DLL that I supply, it looks through all 40 modules first. This is on Windows, so I get the following modules loaded: ntdll.dll, kernel32.dll, USER32.dll, GDI32.dll, SHELL32.dll, ADVAPI32.dll, RPCRT4.dll, Secur32.dll, msvcrt.dll, SHLWAPI.dll, ole32.dll, OLEAUT32.dll,

Hi, I''m attempting to move from 0.24.x to 2.6.x :) trying to fix all those parts that have changed, and found that the use of plugins we are doing is probably not the best approach hoping you can help me with comments regarding this use case. In our working 0.24.x environment we had to make use of plugins to add an attribute in the package.rb, something like: *newparam(:ignoredeps)*

Hi, OpenSSH 5.7 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of large and intrusive features and changes and quite a number of bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: