similar to: Repost: [patch] Automatically add keys to agent

[ Sorry, I did not see the renamed thread until I'd already replied on the old one. Calling this a phishing attack is exactly right. ] On 2010-01-30, Joachim Schipper wrote: > If I understand you correctly, you argue that connecting to malicious > hosts is currently secure, and will remain secure, but that it will > become easier to convince people to send the passphrase for

Hi, here's a proposal of a new ssh/scp-feature: ------------------------------------------------------- please implement a timeout with non-zero error-returncode on "Are you sure you want to continue connecting (yes/no)?" ------------------------------------------------------- My situation: recently I have implemented a cronjob that is using scp. Due to organizational

Hi list, I'm not sure whether this (see below) is a "bug" or a feature but as I cannot find any information on this neither in the INSTALL file nor via ./configure --help or somewhere else, I would like to ask you whether there is an answer to my question. Thanx a lot & kind regards - have a nice day, B. Courtin Question: --------- I lately updatet from OpenSSH 3.0.1p1 to

Hello list, I am currently testing a setup for a PoC wit this configuration. - 1 x Frontend dovecot for proxying IMAP/POP3/LMTP/ManageSieve/Submission - 2 x Backend dovecot with local mail storage The frontend does the user authentification and communicate with the backends using a master password The fronted accepts PLAIN and LOGIN auth mechanisms and talk with backends using PLAIN auth

I have recently found the "fsh" program (http://www.lysator.liu.se/fsh/) which offered exactly what I needed. It is a great program but it is not maintained and was even thrown out of Debian because it was claimed that OpenSSH provided anything FSH offers. In fact, however, I miss a few features in OpenSSH that could easily be added inspired by FSH and make a very valuable addition in

Hi, This (hopefully!) might be a case of user error, as I'm new to dovecot... Alternatively it might be some confusion in an index, since I've been mucking about trying different things in my configuration files and had frequent crashes. I'm trying to sync 2 (LAN) hosts, ideally to have full automatic replication happening. They both have hybrid mbox INBOX and maildir++ folders,

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

https://bugzilla.mindrot.org/show_bug.cgi?id=1693 Summary: ssh prompts for passphrase even when identity file is unreadable Product: Portable OpenSSH Version: 5.3p1 Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: unassigned-bugs

Hi, I'm sorry if this has already come up on the list, I did a quick search of the archive and didn't notice it. I noticed IMHO strange behavior in read_passphrase: If readpassphrase returns NULL and sets errno to ENOTTY, then read_passphrase returns an empty passphrase to the caller instead of error, now what happens with password authentication is that if readpassphrase fails every

http://bugzilla.mindrot.org/show_bug.cgi?id=989 Summary: openssh-3.9p1 on Solaris 8 - multiplex.sh NOK Product: Portable OpenSSH Version: 3.9p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Keywords: patch, help-wanted Severity: normal Priority: P5 Component: Build system

Hi all, I used to execute ftp in batch mode to dowload files. In my case, password authentication is the only way to get remote access. Could anyone tell me how can i accomplish the same task using sftp under batchmode as what i have done with ftp ? Meanwhile, how can i specify the password securely ? Is there anyother alternatives ? -- Thanks M.P

Debian GNU/Linux 2.2 (potato), openssh-2.2.0p1 Configured with: --prefix=/usr/local/openssh --enable-gnome-askpass --with-tcp-wrappers --with-ipv4-default --with-ipaddr-display My goal here is to, as root, forward a local privileged port over an ssh tunnel to another host using a normal user's login, i.e.: root:# ssh -2 -l jamesb -i ~jamesb/.ssh/id_dsa -L 26:localhost:25 remotehost So far,

Hi, I've got the following command that works fine; it prompt for a password then runs okay: "rsync -az -e ssh myserver.ac.uk:/var/lib/mysql /www/rsynctagsassets/databases" I wanted to run it as a script so put it into a file called rsync.sh and chmod +x 'd it. It runs as a script okay but still prompts for a password. I read "man ssh" and the bit about

The included patch adds a new option to the ssh client: -d fd Read the password from file descriptor fd. If you use 0 for fd, the passphrase will be read from stdin. This is basically the same as GPG:s parameter --passphrase-fd. Flames about why this is a bad idea goes into /dev/null. I really need to do this. There are lots of ugly Expect-hacks out there, but I want a more clean

Hi, I've just created a small directory as an example, it holds a file and two symlinks that don't point to anything, and another symlink going nowhere in a subdirectory. rsync (2.5.5) is happy to copy these but produces an error. I can't see why it considers this an error? It's not even aborting after it first encounters this 'error'. $ ls -lR /var/tmp/rsync.test

Hello, I just installed the openssh 4.0 for Solaris. The users have reported a difference in behavior when using the batch mode of sftp client. Previously they could issue the following command sftp -b batchfile user at hostname and in the absence of publickey authentication they would be issued the password prompt and they could enter password and the process would continue. After upgrading from

Hi Chris, > > > What do you mean by "keypair authentication"? > > > > That's the authentication you use when you have ssh-keygen provide you > > with a private key and a public key, and distribute the public key to all > > the different authorized_keys files. > > But he says not to use passphrases, I'm confused. I'm not sure which

What Marco and Robert already did say.   This is what i mean ( and Robert ). Marco's option to disable though kernel is also an option.   Maybe a bit cryptic but like this.   HOST              - CONTAINER - SambaDC- samba-AD distibuting time to PC's. ||                         ||| HOST_its_NTP_Service  => get Internet time  |||| OTHERHOSTS NTP Client - COINTAINER - SambaMember  -

Remove sshkey_load_private(), as this function's role is similar to sshkey_load_private_type(). --- Dependency: This change depends over recently merged change in openbsd: https://github.com/openbsd/src/commit/b0c328c8f066f6689874bef7f338179145ce58d0 Change log: v1->v2 - Remove declaration of sshkey_load_private() in authfile.h authfile.c | 38

On Fri, May 25, 2001 at 02:21:06PM +0200, Nigel Kukard wrote: > Hi, > > [nkukard at wigglytuff .ssh]$ ssh-keygen -pf test_id > Enter old passphrase: > 'ey has comment 'ii > Enter new passphrase (empty for no passphrase): > Enter same passphrase again: > Segmentation fault (core dumped) > [nkukard at wigglytuff .ssh]$ > > > That is the error