similar to: Auth forwarding socket for single auth

On Sun, Aug 30, 2015 at 6:57 AM, Bostjan Skufca <bostjan at a2o.si> wrote: > Nico, > > those were my thoughts, exacly, except that I was thinking about using "dig > +short HOST | ..." which has the cleanest output of all. Excellent point. I like it! It can get a bit confusing with round-robin DNS, which can give multiple responses. > But there is that initial

If I want to specify for LAN addresses that I don't want to deal with host keys, how do I do that? Understanding the risks, knowing almost everyone will say not to do this - it's a horrible idea, but deciding I want to do it anyway. Tired of having to remove entries from known_hosts with the multiple VM's I have that often change fingerprints, and am willing to live with the risks.

Hi there, (context: I was optimizing Roundcube mailbox list server response, and in that 300-400ms response time, around 170ms is spent on single fgets() call which is waiting IMAP repsonse to "SELECT MyMailbox" command) I straced dovecot and of the whole request/response process, around 30ms is spent for everything else, and overwhelming majority of time (150-170ms) is spent for

Thanks for clarification. One question though: As far as I have tested openssh, it logs every unsuccessful authentication attempt on the very moment it becomes unsuccessful, not after the connection is closed (after timeout or when reaching max auth attempts). Is this true or not even for this attack or not? Because if it is true, if there is a IDS system that bans IP after X failed logins,

On Thu, 27 Aug 2015, Bostjan Skufca wrote: > Are you connecting by specifying "ssh HOSTNAME" instead of "ssh IP.IP.IP.IP"? > > If this is the case, then "Host 192.168.*.*" line never matches when > you think it should. > > From ssh_config manpage: > "The host is the hostname argument given on the command line (i.e. the > name is not

On Fri, Aug 28, 2015 at 8:48 AM, Bostjan Skufca <bostjan at a2o.si> wrote: > On 27 August 2015 at 05:01, Damien Miller <djm at mindrot.org> wrote: >> Yeah, it's unfortunately quite difficult to implement address matching >> in ~/.ssh/config because of the interplay of Host matching, Hostname >> directives, hostname canonicalisation*, proxy commands, hosts

I read an article today about keyboard interactive auth allowing bruteforcing. I'm afraid I have minimal understanding of what keyboard-interactive really does. What does it do, and should I have my clients set it to off in sshd_config? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

On Fri, Aug 28, 2015 at 11:51 PM, Walter Carlson <wlcrls47 at gmail.com> wrote: > On Thu, Aug 27, 2015 at 12:26 AM, Walter Carlson <wlcrls47 at gmail.com> wrote: > >> Perfect, thanks. This winds up working for me (as far as I've tested so >> far.) >> >> Match exec "ping -q -c 1 -t 1 %n | grep '192\.168\.'" >>

Hi all, few days ago mongrel start crashing on one of my sites, i upgraded to latest version (1.0.1) but problem still exists. When i try to load page in browser random elements are missing or page is blank (empty html). In mongrel.log i''m getting: Mon Oct 22 01:10:47 +0200 2007: ERROR: stream closed Mon Oct 22 01:10:47 +0200 2007: ERROR: closed stream Mon Oct 22 01:10:47 +0200 2007:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 12 Apr 2016, Bostjan Skufca wrote: > On 12 April 2016 at 10:23, A.L.E.C <alec at alec.pl> wrote: > >> I don't know dovecot's code, but I suppose it uses uidlist file to get >> mailbox statistics that it returns as EXISTS, RECENT, UNSEEN, UIDNEXT, >> UIDVALIDITY, etc, which are required by IMAP standard. I

Hi everyone, I have a problem on samba running on RHEL 3 kernel 2.4.21 with RHEL 3 samba packages - samba-3.0.7-1.3E.1. The problem is, that when people open excel files (with office 97 version of excel) the file modification time is changed (even if the file is only opened and excel closed without saving). This same problem does not occur on the [homes] share (in every test untill now it never

Hi all, my mongrel cluster worked as charm for last 3 months, but in last days some processes are taking all available memory. It goes up to 440Mb per process. Few hours after restart memory usage starts to climb up and cluster became unresponsive. I''m using rails 2.0.2 and mysql server on freebsd 6.2. Any ideas why is that happening ? Thanks, Bostjan

Hi everyone, I am trying to create a couple users (not root) who would be in Domain Admins group, and would have the permissions to add machine to domain. I can confirm that locally (I used sudo without password) as any of the users of ntadm group, and each and everyone of them can add a user to the passwd file. They are also local admins on NT/200X/XP machines when they log in on windows side,

Hi, I have some problems with the following setup: DOM1 (PDC) -> DOM2 (PDC) <->DOM2(Member server) The users and groups from DOM1 (MS WinNT4 domain) are nicely visible on Samba PDC (DOM2) with established trust, but domain member server in DOM2 domain does not show any users from the DOM1 domain (only users from DOM2 are visible), BUT!! users from DOM1 can login to it and access shares

Hello list, This is a patch to rsync 2.5.5, and it serves two purposes. The small patches to batch.c, flist.c and log.c simply add "void" to some function definitions so that all declarations in proto.h have full parameter lists. unsigned char read_batch_flags() OLD unsigned char read_batch_flags(void) NEW The SCO UNIXWare compiler correctly objected to these functions not having a

Hi, is there a particular reason why this feature is "user" based and not "user-pubkey" based? What I mean is that it works for installation with small number of pubkeys per user. But imagine i.e. a GitHub scale - all users logging in as user "git". On each auth request all the keys from database would be fetched and feeded to OpenSSH. Now I am only asking this out

Hi! Does anybody know the limit for filename length on Ext2 filesystem? I suspect, there's no difference under Ext3. Am I right? What about pathname length? Best regards, Bostjan ×××××××××××××××××××××××××××××××××××××××××××××× Bostjan Cargo ~~~~~~~~~~~~~~ SDM - GRAU team ~~~ HERMES Softlab ~~ Nova Gorica office ~~~ ~~~~~~~~~ bostjan.cargo@hermes.si ~~~~~~~~~~

This is a bit of a worry. I did not receive either of Michael's e-mails, only this one from Smoerk. I had to read the archives to read the reply. Is it just me? I'm having trouble reading stderr, it just doesn't seem to work in Windows for some reason. I'll wait for progress functionality when a decent DLL is available. Cheers, Ross Levis. moerk wrote: >On Thu, 21

Hello! I'm using i868 (Pentium III) machine running Windows 2000 and running Linux, installed on dedicated partition, in parallel via VMWare. Linux config is RedHat 7.0 (kernel ) As I'm pretty new to Linux, I'd like to know exact procedure how to install ext3 filesystem support (also which packages do I need). My kernel config is as follows: kernel-headers-2.2.14-5.0

On Mon, 4 Jan 2016, Peter Stuge wrote: > Hi Kaleb, > > Kaleb Himes wrote: > > OpenSSH port Location: https://github.com/kaleb-himes/openssh-portable.git > > I'm afraid this repository is too messy to be useful. :\ > > You need to use the features offered by git to preserve commit ids if > anyone else besides yourself is going to be able to work with this, >