Displaying 20 results from an estimated 500 matches similar to: "need good wrapper"
2007 Apr 18
4
[Bridge] ebtables target to disable an interface
I would like to set up an ACL for an ethernet port using ebtables rules, and
if a security violation occurs, to physically disable the port (i.e.
whatever "ifconfig down" does). I did not see such a feature in the
ebtables man page. Does this exist anywhere, or do I have to create a new
extension for it?
--
Dan Eble <dane@aiinet.com> _____ .
| _
2010 May 07
3
Frequently changing IP addresses
Hi
I am a user of openVPN and am keen to explore tinc to help with a specific
problem.
My example - I have 10 computers all connected to internet via mobile
broadband and public apns. all wan ip addresses are dynamic and change often
- there is no machine or point with a static ip. I am not allowed to use any
third party services like dyndns. I want each computer to continue to be
able to
2017 Nov 03
2
ControlPath versus ProxyCommand
On 03Nov2017 13:07, Damien Miller <djm at mindrot.org> wrote:
>On Fri, 3 Nov 2017, Cameron Simpson wrote:
>> TL;DR: I expect ProxyCommand to have effect in preference to
>> ControlPath.
[...]
>> On reflection, of course these are distinct options and that side of
>> things isn't, of itself, a bug. However, is there a sane use case for
>> using
2008 Jan 09
0
Feature Request - Allow calling of labels from other labels
My config looks as follows:
------------------------------------------
# Default boot option to use
DEFAULT vesamenu.c32
# Prompt user for selection
PROMPT 0
# Time until default is selected
TIMEOUT 100
# Menu Configuration
MENU WIDTH 80
MENU MARGIN 10
MENU PASSWORDMARGIN 3
MENU ROWS 12
MENU TABMSGROW 18
MENU CMDLINEROW 18
MENU ENDROW 24
MENU PASSWORDROW 11
MENU TIMEOUTROW 20
MENU TITLE 32Bit
2005 Feb 01
1
gcc, libkrb4 problem
I'm trying to recompile the source RPM from the FC3 version of cvs
(http://ayo.freshrpms.net/fedora/linux/3/i386/SRPMS.updates/cvs-1.11.17-4.src.rpm),
as the version shipped on RHEL/CentOS/etc has a known bug (version
1.11.2-unix "cvs watch on" doesn't work).
The initial configure is failing with this obscure error:
configure:2257: checking for C compiler default output file
2012 Sep 11
1
setup git in my godaddy server
Hello everyone,
I know this is not correct place to ask this question but please help if
you know
As mentioned some tutorial, i install git version 1.7.3.4 in home directory
(/var/chroot/home/content/xx/xxxxxxx/git).
then I initialize git repository by git init --bare in my samplerepo.git
then i add code in .bashrc file as follow
export GIT_BIN=${HOME}/git
export
2020 Oct 21
6
"Semi-Trusted" SSH-Keys that also require PAM login
Hello all,
in order to connect to my SSH servers from untrusted devices like company computers or my smartphone, I set up 2FA with
google-authenticator hooked into PAM.
However, this is not really 2FA at least for the smartphone, since I use the same device for generating the TANs and it
is also at least inconvenient to always require a new TAN for each connection. I do not want to solely rely
2006 Jul 28
1
PXElinux and Windows RIS
I was trying to use my windows RIS server to deploy linux so as to require
user authentication. After seaching the internet I found that it was
possible but not very well explained after alot of tinkering I eventually
got it to work.
Here is my documentation so hopefully others can do it in less time than
I, feel free to comment and improve..
************************
On RIS Server Create
2006 Jul 10
0
hvm networking with vif-route
Greetings xen gurus...
I''m working with xen-3.0-testing downloaded on July 3, 2006. I have
configured an hvm domain and want to use vif-route and network-route to
configure the communication.
The domU starts up fine. I was able to complete the installation of the OS
(RHES3) and can restart the domain repeatedly. However, I cannot ping the
network interface from dom0 using the
2002 May 22
4
restricting rsync over ssh
Is it true that when running rsync via ssh (i.e. rsync -e ssh ...) the
rsyncd.conf file is not applicable on the remote since rsync is launched
via the ssh exec call once connected rather than from rsyncd as in a
direct connect.
If so, I am trying to find the best way to restrict rsync -e ssh on the
remote machine. Prepending the authorized_keys entry with
command='rsync ...' 1024...
2017 Mar 08
2
Logging with ForceCommand and SCP
Hello List,
I'am using the ForceCommand in my sshd configuration to log all the user
actions on my device.
ForceCommand /usr/bin/log-session.sh
The Log Session Script itself is working fine for logging.
But now I want also use SCP to copy files and this won't work together
with the ForceCommand above.
The copied file is created but its zero byte on the target.
scp file.tar.gz
2004 Sep 14
2
RHN-like system for CentOS?
Team,
Is anyone aware of a Red Hat Network alike system of server package
update status that could be adapted for CentOS3? I'm not interested in
the complete management aspect (channels, scheduling remote updates,
etc) but merely the ability to see your list of systems and determine
which are out of date with XXX packages. If you happen to manage a
large-ish number of RHES3 systems, you
2018 Oct 19
2
OpenSSH socket forwarding in ssh_config file?
The ssh command line's -L option has supported socket forwarding for a
while, but as far as I can tell the ssh_config file does not, even in
7.9.
Is this planned? Or is there some reason this isn't reasonable? Oris
there some syntax I've missed?
Cheers,
Cameron Simpson <cs at cskk.id.au>
2014 Feb 05
1
Make SSH_ORIGINAL_COMMAND available in AuthorizedKeysCommand context
Hi
Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to
know if it might be possible to access it in the AuthorizedKeysCommand
context (via env ?). Is this possible ? can anybody give me advice on
going into this ?
If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics
information to the AuthorizedKeysCommand script. Currently, the only
alternative
2014 Jul 08
2
[Bug 2253] New: No "$@"-like SSH_ORIGINAL_COMMAND leads to escaping, arg-sep and metachar issues
https://bugzilla.mindrot.org/show_bug.cgi?id=2253
Bug ID: 2253
Summary: No "$@"-like SSH_ORIGINAL_COMMAND leads to escaping,
arg-sep and metachar issues
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2023 Nov 12
2
restrict file transfer in rsync, scp, sftp?
On Sat, 11 Nov 2023, Bob Proulx wrote:
> I am supporting a site that allows members to upload release files. I
> have inherited this site which was previously existing. The goal is
> to allow members to file transfer to and from their project area for
> release distribution but not to allow general shell access and not to
> allow access to other parts of the system.
>
>
2006 Aug 24
2
Passwordless SSH messes with escaped spaces
Hi,
I'm trying to use rsync through ssh to pull files from PCs that need to be
backup up. I set up the passwordless authentication and things work fine
there.
However there's a problem when I try to seal off the SSH access to restrict
it to limited rsync only using the "command=" in authorized_keys. That by
itself works, however not in combination with spaces in the file names.
2003 Mar 13
3
SSH command when uploading files
Hello
I've searched quite a bit, but have so far been unsuccessful in finding an
answer to a question I have concerning the upload of files via rsync over
SSH.
When downloading, I have been able to make use of SSH's benefits, yet still
keep the rsync server safe from a shell accessible with a private SSH key
lacking a passphrase by restricting the public key used by the rsync client
to
2013 May 21
2
SSH users authentication depending on their public key.
Hi everyone.
I'm looking for a way to identify my SSH's users according to their
public key; I mean I would like to have their name logged in my bash
session (in a shared unix account).
I put this in my .profile:
export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S - $SSH_USER] "
So now I'm trying to make OpenSSH fill the "SSH_USER" variable.
First I have to exclude the
2018 Oct 19
2
OpenSSH socket forwarding in ssh_config file?
On 19Oct2018 17:12, Damien Miller <djm at mindrot.org> wrote:
>On Fri, 19 Oct 2018, Cameron Simpson wrote:
>> The ssh command line's -L option has supported socket forwarding for
>> a while,
>> but as far as I can tell the ssh_config file does not, even in 7.9.
>
>It does, look for LocalForward
Pardon me, I've been unclear.
I don't mean TCP forwards