Displaying 20 results from an estimated 4000 matches similar to: "Question about host certificates"
2020 Jun 17
3
client host certificates and receiving host configuration
On 17/06/20, Damien Miller (djm at mindrot.org) wrote:
> > Firstly, given a host CA signing key on the sshagentca server, would an
> > appropriately constructed host certificate added to a forwarded agent
> > replace the necessity for a '@cert-authority' line in a user's known_hosts
> > file?
>
> I'm not sure I want to add yet another path (the agent)
2020 Jun 16
2
client host certificates and receiving host configuration
I'm working on a small server written in Go to add short-lived user
certificates to the forwarded agents of authorized users.
https://github.com/rorycl/sshagentca
This seems to work quite well for accessing sshd servers with the
appropriately configured "TrustedUserCAKeys" directive.
I have been in a debate about how similarly adding host certificates to
forwarded agents could
2010 May 26
2
hostbase authentication of hostcertificate
Dear All,
I am trying to use the hostcertificate to do the hostbaed authentication with the steps in the regress/cert-hostkey.sh
But it seems that it can not login with the hostcertificate.:
Here is debug message from the ssh client :
ssh -2 -oUserKnownHostsFile=/opt/ssh/etc/known_hosts-cert \
> -oGlobalKnownHostsFile=/opt/ssh/etc/known_hosts-cert sshia3 -p 1111 -vvv
debug1: checking
2010 Apr 20
1
Hostbased authentication and certificates
Hi,
Based on some experimentation with 5.4p1 and a cursory examination of
the source code, it doesn't look like hostbased authentication takes
advantage of certificates other than to authenticate the server. Is that
correct?
In cluster environments, hostbased authentication is still useful but
the size of the ssh_known_hosts file can become unwieldy in large
clusters. As an example, a few
2019 Oct 21
2
Multiple Signatures on SSH-Hostkeys
Hello, OpenSSH-wizards.
In our company, we have looked into SSH-HostKey-signing in order to
realize automated access without the need to accept the server's
hostkey, manually.
I got it to work with the HostCertificate-directive inside the
sshd_config.
Now, I was wondering whether it is possible to have multiple
signatures, so I can, for example, sign the hostkey once with a
2009 Jun 24
1
Qualified parameters in SOAP body using .SOAP
Hello,
I am trying to reach a web service using the SOAP package. I succeeded
calling the web service, but not sending parameters to it. After much
research and tries, I think I found that the problem lies in the
namespace including the parameters in the SOAP body.
In short, my question is: how can I send unqualified parameters in the
SOAP body of a call produced through the SOAP package?
2006 Aug 08
5
Samba 3.0.23b Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==============================================================
"Where does he get those wonders toys?"
-- The Joker (Batman 1989)
==============================================================
Release Announcements
=====================
This is the latest stable release of Samba. This is
2011 Aug 26
1
[LLVMdev] Build breaks in lib/CodeGen
I checked recent revisions 138624 and 138620 and both produce this log
with gcc-4.6.0 on FreeBSD-8.2-STABLE amd64:
gmake[2]: Entering directory
`/usr/home/yuri/llvm-svn/llvm-objects/lib/CodeGen'
llvm[2]: Compiling LLVMTargetMachine.cpp for Release build
/usr/home/yuri/llvm-svn/llvm/lib/CodeGen/LLVMTargetMachine.cpp:253:3:
error: ‘AsmStreamer’ does not name a type
2008 Nov 12
1
Two problems with Samba in AD realm
Hello list.
I recently moved to an AD environment. I'm still keeping a samba servers
to make my cups-managed printers available to windows users, rather than
duplicating configuration with a Windows print service. But I'm facing
two problems, probably due to the way we manage AD.
First, all my host belong to a Unix-managed DNS domain
(msr-inria.inria.fr), not to the windows-managed
2014 Jan 19
1
For the default of CanonicalizeFallbackLocal
Hi,
The default value for the option CanonicalizeFallbackLocal.
In the manual, The default value "no".
CanonicalizeFallbackLocal
Specifies whether to fail with an error when hostname canonical-
ization fails. The default, ?no?, will attempt to look up the
unqualified hostname using the system resolver?s search rules. A
value
2014 Apr 08
2
[LLVMdev] C++ 11 explicit keyword error
Hi,
I’m on Mac OS X 10.9.2 with all last updates; if I have this source:
class xxx explicit
{
};
int main (int argc, char **argv)
{
return 0;
}
and I compile it with clang++ -std=c++11 -Wall -pedantic -c I obtain this error:
nn:1: error: expected unqualified-id
{
^
1 error generated.
But the C++ 11 standard permits explicit on classes.
It’s a bug?
-------------- next part
2008 Jan 28
2
appending domain based on port
I am looking for a way to append a domain to unqualified user names
based on the port that the client connected to. Like this:
port 9110 - @test.com
port 9111 - @other.com
port 9112 - @third.com
it looks like auth-default-realm does this, but you can only specify
it once for the whole process.
I know I could do this by running a separate copy of dovecot attached
to each port in question, but I
2008 May 05
2
RODBC and schemas
I have found that the "schema.table" syntax used in Postgresql (and
Oracle) does not work directly with RODBC.
This works
library(RODBC)
con<-odbcConnect("mydb")
d<-sqlQuery(con,"select * from meso.trees")
However this does not.
d<-sqlFetch(con,"meso.trees")
Error in odbcTableExists(channel, sqtable) :
?meso.trees?: table not found on channel
2017 Nov 18
2
Dovecots header files not optimized for external plugins
Making third-party plugins for Dovecot is really hard and frustrating.
Using dovecot 2.2.33.2 and the following sources, the compile errors keep
coming. The use of g++ is mandated as the underlying backend this plugin
will access only has a C++ interface.
== Source 1
/* g++-7 -c a.cpp */
#include <byteswap.h>
#include <dovecot/lib.h>
#include <dovecot/auth-request.h>
#include
2006 Mar 09
4
compile error on mac os x
hello :)
i use Mac OS X 10.4.5 , and ruby 1.8.4 , wxWidgets 2.4.2 ( from cvs ).
i tried to compile wxRuby, but there are always errors around "id" ,
dialog.cpp: In static member function ''static VALUEWxDialog::init(int,VALUE*, VALUE)'':dialog.cpp:60: error: expected unqualified-id before''='' tokenmake: *** [dialog.o] Error 1
like above.
in that case, in
2016 Aug 06
3
Hyper-V Virtual Machines fail to start on Samba shares
Am 06.08.2016 um 18:51 schrieb Rowland Penny:
> On Sat, 6 Aug 2016 18:18:22 +0200
> Reindl Harald <h.reindl at thelounge.net> wrote:
>
>
>> i know who you meant but that person *did not* reserve .local and so
>> stop abuse unrelated people because things they are not responsible
>> for just because you have a problem using their software for whatever
>>
2004 Jun 15
2
import SYSTAT .syd file?
Does anyone know how to read a SYSTAT .syd file on Linux?
(Splus 6 does it, but it is easier to find a Windows box
with Systat than to download their demo. I'm wondering
if there is a better way than either of these options.)
Jon
--
Jonathan Baron, Professor of Psychology, University of Pennsylvania
Home page: http://www.sas.upenn.edu/~baron
R search page:
2019 Sep 18
2
Re: Certificate checking on TLS migrations to an IP address
Daniel P. Berrangé <berrange@redhat.com> writes:
> On Wed, Sep 04, 2019 at 03:38:25PM +0200, Milan Zamazal wrote:
>> Hi, I'm trying to add TLS migrations to oVirt, but I've hit a problem
>> with certificate checking.
>
>>
>> oVirt uses the destination host IP address, rather than the host name,
>> in the migration URI passed to
2020 Oct 14
2
dovecot Digest, Vol 210, Issue 27
I am investigating whether dovecot(https://github.com/dovecot/core/) handles
case insensitive Message-ID headers as per RFC.
I can't raise a support issue with cPanel team
(https://tickets.cpanel.net/review/login.cgi) as that needs an paid account
with them.
There may be an issue with the CPANEL/WHM DKIM module. Is the source code
online?
Rob
2005 Oct 30
4
Yates' correction for continuity in chisq.test (PR#8265)
Full_Name: foo ba baz
Version: R2.2.0
OS: Mac OS X (10.4)
Submission from: (NULL) (219.66.32.183)
chisq.test(matrix(c(9,10,9,11),2,2))
Chi-square value must be 0, and, P value must be 0
R does over correction
when | a d - b c | < n / 2 ,chi-sq must be 0