similar to: Help with CA Certificates for user authentication?

Hi All, Just reporting in on how testing has gone. After reducing obs to 32k max and banners to a max of 10000, plus some minor platform changes - root is not 0, for example, all normal tests have passed except for: multiplex - hangs at the end of this output. We had a similar issue that single reads of data were not working in dd but that does not seem to be the case in this test suite. test

Hello, SSH supports ~/.ssh/authorzied_keys for SSH keys and ~/.ssh/authorized_principals for X509 certs. I could not find an equivalent of authorzied_keys using Kerberos authentication. IMHO it should be possible using the Kerberos principal very much like the principal contained inside a X509 certificate. My main use case is assigning a specific command to a user logging in using Kerberos

https://bugzilla.mindrot.org/show_bug.cgi?id=2404 Bug ID: 2404 Summary: scp skips file/directory on permissions error Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: scp Assignee: unassigned-bugs at mindrot.org

I was able to get it to compile but the tests are failing. When I run the test as root I get: run test connect.sh ... Connection closed by 127.0.0.1 ssh connect with protocol 1 failed failed simple connect make[1]: *** [t-exec] Error 1 make: *** [tests] Error 2 However, when I run as a normal user I got: test remote exit status: proto 1 status 0

For a couple of years people have been reporting intermittent problems with rsync over ssh freezing during a large transfer (typically several GB). I have now gotten to the bottom of these problems, and have written a small test program which demonstrates a deadlock in sshd when doing large bi-directional transfers. Luckily the problem is easily solved by modifying sshd to use socketpair() instead

On 8 June 2018 at 11:21, PGNet Dev <pgnet.dev at gmail.com> wrote: > fyi > > add'l -- and looks unrelated -- issue > /usr/include/pthread.h:251:12: note: previous declaration of ?pthread_join? was here > extern int pthread_join (pthread_t __th, void **__thread_return); What included pthread.h? That's explicitly not supported by sshd: $ grep THREAD

Hi, I've discovered that on OpenSSH_3.6.1p1 (the latest SSH available on OSX, but I've also tried a couple of different linux distributions), when you 'sftp' to it, and try to 'chmod' some file or directory, only last three octal digits do actually matter. Example: sftp sshtest at localhost Connecting to localhost... sshtest at localhost's password: sftp> ls -l

Attached is a patch which adds a log= directive to authorized_keys. The text in the log="text" directive is appended to the log line, so you can easily tell which key is matched. For instance the line: log="hello world!",no-agent-forwarding,command="/bin/true",no-pty, no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7" ssh-rsa AAAAB3Nza....xcgaK9xXoU=

https://bugzilla.mindrot.org/show_bug.cgi?id=1904 Summary: sshd refuses certificate-based authentication if password has expired Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hello, [if I'm not in the right mailing list, please advise it to me] I'm using ssh certificates for my servers and my users. I have questions about it: I can use the same CA in order to certify all my hosts. Every clients can use it, and it's a great setup. But, if I use the same CA for all my clients, it means that any clients can log in to any server because hosts trusts my

Hello, Currently OpenSSH has a fixed order on how the key authenticates the user: at first it tries to authenticate against TrustedUserCAKeys, afterwards it does it against the output keys from the AuthorizedKeysCommand and finally against the files as set in AuthorizedKeysFile. I have an use-case where this order is not ideal. This is because in my case the command fetches keys from the cloud

Hi OpenSSH developers; Thank you for your amazing work. I?m emailing to see if any knowledgeable OpenSSH developer is willing to help us review / revamp some patches we have for OpenSSH, and provide advice on some of the more advanced uses of OpenSSH. This would be a for pay contract engagement. We are trying to be super respectful of the process, and are happy to be very creative ? we are

Hi, I'm experimenting with certificates for users, giving access via the TrustedUserCAKeys mechanism. Unfortunately, there seems to be a limit of one certificate per SSH key on the user's side, which prevents using the same key for hosts using different TrustedUserCAKeys. Is there a clean way around this? To make the above clearer, consider the following situation: A collection of hosts

Dear All I have 54000 plots in R, How can I observe them? If I‌ have to save them one-by-one? Soheila [[alternative HTML version deleted]]

I am dealing with a huge matrix in R (20 columns, 54000 rows) and have lots of missing values within the dataset which are currently displayed as the value "-999.00" I am trying to create a new matrix (or change the existing one) to display these values as "NA" so that I can then perform the necessary analysis on the columns within the matrix. The matrix name is temp and the

I would like to know if there is an easy way to transfer all the data from a S+ directory (".Data" or "_data") to an R image? I would like to transfer all the functions and all the data sets (data frames, vectors, lists, etc.). I'm working under Windows NT and am using S+ 3.3 for Windows. Zivan Zivan Karaman Limagrain Genetics Research, B.P. 115, 63203 Riom Cedex,

Dear R-Users, I have a large number of data(54000) and the field of data is 50 to 2.0e9. I want to use normalmixEM (package:mixtools) to fit them in finite mixture narmal distributions,but get some mistakes.I don't know which steps make the error. I have used the following functions before >x<-read.table("data") >log.x<-log10(x$V1) >log.x<-sort(log.x)

From: Ville Syrj?l? <ville.syrjala at linux.intel.com> Get rid of mode->vrefresh and just calculate it on demand. Saves a bit of space and avoids the cached value getting out of sync with reality. Mostly done with cocci, with the following manual fixups: - Remove the now empty loop in drm_helper_probe_single_connector_modes() - Fix __MODE() macro in ch7006_mode.c - Fix DRM_MODE_ARG()

On Thu, May 04, 2017 at 09:37:59AM +1000, Adam Eijdenberg wrote: > Hi Devin, have you looked at using openssh certificates to help manage [...] > While the feature has been around for a while now (and is really > useful), there doesn't seem to be huge amount of documentation around > it. I found the following useful when getting a client of my running Yeah, when I wrote about it

Hello, I try to test joining new RODC (samba-tool domain join unn.global RODC -U Administrator -d5) and it's fail with message: Could not find machine account in secrets database: Failed to fetch machine account password for UNN from both secrets.ldb (Could not find entry to match filter: '(&(flatname=UNN)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No