similar to: cert-authority and authorized_keys file

Hi all openssh devs out there. I have quite a few Host-stanzas in my .ssh/config to keep track of all the different settings and credentials needed to access all different hosts I connect to. Now I have ran in to a problem where I need to switch settings based on what user I'm trying to login to a host as. A simple case is: ssh -i rootkey root at host123 vs. ssh -i userkey username at

On 11/15/23, 10:51 AM, "openssh-unix-dev on behalf of Marian Beermann" <openssh-unix-dev-bounces+iain.morgan=nasa.gov at mindrot.org <mailto:nasa.gov at mindrot.org> on behalf of public at enkore.de <mailto:public at enkore.de>> wrote: On 11/15/23 18:09, Chris Rapier wrote: > On 11/11/23 9:31 PM, Damien Miller wrote: > >> It's not discouraged so much as

https://bugzilla.mindrot.org/show_bug.cgi?id=2305 Bug ID: 2305 Summary: sshd does not accept @cert-authority when doing host based authentication. Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component:

Hi, OpenSSH 5.7 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of large and intrusive features and changes and quite a number of bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD:

https://bugzilla.mindrot.org/show_bug.cgi?id=1745 Summary: Matching @cert-authority entries when using unqualified hostnames Product: Portable OpenSSH Version: -current Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

This patch against OpenBSD -current adds a simple form of PKI to OpenSSH. We'll be using it at work. See README.certkey (the first chunk of the patch) for details. Everything below is BSD licensed, sponsored by Allamanda Networks AG. Daniel --- /dev/null Wed Nov 15 15:14:20 2006 +++ README.certkey Wed Nov 15 15:13:45 2006 @@ -0,0 +1,176 @@ +OpenSSH Certkey + +INTRODUCTION + +Certkey allows

Hi, I am using Factory girl with rspec and capybara for testing my rails appliction. I have the below code FactoryGirl.define do factory :user do |f| f.email "sss1 at gmail.com" f.userkey "12ssd345q62" end end When I run the test it is failing as "Validation Failed: Userkey has already been taken, Email has already been taken". What could be the reason for

No, I just think 15 years or so is more than enough time to have addressed the issue. On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote: > So, this isn't your problem and you don't respect the people's whose > problem it is. > > On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan at nas.nasa.gov> wrote: > > > On Thu, Mar 26, 2015 at 11:55:18

Hi. On http://openssh.org/manual.html I think there should be authorized_keys(5) known_hosts(5) Can an authorized_keys entry say something like from=192.168.1.32,192.168.1.33 command=/bin/foo ... or do I need to make a separate entry for each IP address? Thanks Dave

https://bugzilla.mindrot.org/show_bug.cgi?id=1039 Iain Morgan <imorgan at nas.nasa.gov> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |imorgan at nas.nasa.gov --- Comment #13 from Iain Morgan <imorgan at nas.nasa.gov> --- My apologies for

Thanks, Iain. I am willing to hear from other users whether anyone else sees this as a bug before filing it. -- Vincenzo Romano Il giorno ven 2 nov 2018, 20:03 Iain Morgan <imorgan at nas.nasa.gov> ha scritto: > If you truly intend this as a bug report, you should file it at > bugzilla.mindrot.org. > > On Fri, Nov 02, 2018 at 12:25:22 +0100, Vincenzo Romano wrote: > >

hi guys, I am having an unusual behaviour in puppet with AIX (client node) while copying ssh key from puppet-server to client. here is what i am trying to do; $username = "xyz" $group = "system" $home = "/home" $sshDir = ".ssh" $pub_key = "id_rsa.pub.xyz" 1. creating all users virtually in one go 2. realize them all and copy each of

https://bugzilla.mindrot.org/show_bug.cgi?id=2297 Bug ID: 2297 Summary: EDD25519 Signature verification failed on Solaris Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Solaris Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-bugs at

> > Message: 8 > Date: Tue, 30 Jul 2013 12:46:50 -0700 > From: Iain Morgan <imorgan at nas.nasa.gov> > To: Damien Miller <djm at mindrot.org> > Cc: "openssh-unix-dev at mindrot.org" <openssh-unix-dev at mindrot.org> > Subject: Re: Call for testing: OpenSSH-6.3 > Message-ID: <20130730194649.GC18047 at linux124.nas.nasa.gov> >

My apologies to the list for inadvertently taking this offline. As info: -----Original Message----- From: Iain Morgan [mailto:Iain.Morgan at nasa.gov] Sent: Friday, November 04, 2011 8:15 PM To: wfdawson at bellsouth.net Subject: Re: Help with CA Certificates for user authentication? On Fri, Nov 04, 2011 at 11:53:25 -0500, wfdawson at bellsouth.net wrote: > > Thanks for the

On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote: > You're right. My argument the is the next build of OpenSSH should be > OpenSSH 7, and the one after that 8, then 9, then 10. No minor releases? > Sure, go ahead. Deprecate the point, > > Do you manage any machines running SSHv1? > If by "running" you mean accepting SSH1, of course not. From a

Hi, I would like to make it impossible for users to change the contents of the authorized_keys-file. I just found out about the sshd_config setting: AuthorizedKeysFile /etc/ssh/authorized_keys/%u But even in that case that file has to be owned by the user, unless I set ``StrictModes no'' which would allow other nastyness. I would like to request that that file could also be owned by

Hello, I would like to know whether OpenSSH supports x509 certificate based authentication. It looks like OpenSSH has dependency on OpenSSL so does this mean that OpeSSH also supports x509 certificate based authentication. If it does support, can you please point me to the necessary documentation. Thanks Naitik

https://bugzilla.mindrot.org/show_bug.cgi?id=2137 Bug ID: 2137 Summary: progress meter shows wrong speed during resume Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: sftp Assignee: unassigned-bugs at

On 29 September 2017 at 11:05, Iain Morgan <imorgan+openssh at nas.nasa.gov> wrote: [...] > This is due to my shell being csh, which is pickier about undefined > variables than the Bourne-style shells. The attached patch fixes the > issue. Thanks for figuring this out. > - 'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present" > +