similar to: Passwordless SSH messes with escaped spaces

Displaying 20 results from an estimated 6000 matches similar to: "Passwordless SSH messes with escaped spaces"

2006 Aug 24
2
files-from and filter from one file?
Hi, I'm sorry if this is a dumb question, but I have tried millions of combinations of settings. Is it possible to somehow combine --files-from and --filter into one file, so that I can use one here-document? Using the + directive in --filter seems to always give me slightly different results. What I do now is without --files-from, but it means the directory tree is not recreated on the
2014 Jul 08
2
[Bug 2253] New: No "$@"-like SSH_ORIGINAL_COMMAND leads to escaping, arg-sep and metachar issues
https://bugzilla.mindrot.org/show_bug.cgi?id=2253 Bug ID: 2253 Summary: No "$@"-like SSH_ORIGINAL_COMMAND leads to escaping, arg-sep and metachar issues Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5
2017 Mar 08
2
Logging with ForceCommand and SCP
Hello List, I'am using the ForceCommand in my sshd configuration to log all the user actions on my device. ForceCommand /usr/bin/log-session.sh The Log Session Script itself is working fine for logging. But now I want also use SCP to copy files and this won't work together with the ForceCommand above. The copied file is created but its zero byte on the target. scp file.tar.gz
2014 Feb 05
1
Make SSH_ORIGINAL_COMMAND available in AuthorizedKeysCommand context
Hi Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to know if it might be possible to access it in the AuthorizedKeysCommand context (via env ?). Is this possible ? can anybody give me advice on going into this ? If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics information to the AuthorizedKeysCommand script. Currently, the only alternative
2012 Sep 11
1
setup git in my godaddy server
Hello everyone, I know this is not correct place to ask this question but please help if you know As mentioned some tutorial, i install git version 1.7.3.4 in home directory (/var/chroot/home/content/xx/xxxxxxx/git). then I initialize git repository by git init --bare in my samplerepo.git then i add code in .bashrc file as follow export GIT_BIN=${HOME}/git export
2005 Jun 09
1
need good wrapper
I'm having trouble with the rsync wrapper's I've found online: rsync_wrapper[8458]: SSH_ORIGINAL_COMMAND environment variable apparently not set rsync: connection unexpectedly closed (0 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(189) I'm not sure if this is a problem of incompatibility between my RHES3 and the wrappers I've found or
2007 Jan 28
3
has this been asked about before ? multilple exclude files
I'm was wondering if this has been asked about/for multiple exclude-from files ? Where I could find this useful is say I had a common or base exclusion list for all my AIX boxes --exclude-from=/foo/aix_base Then be able to add for say all my AIX boxes that are running SAP --exclude-from=/foo/aix_base --exclude-from=/foo/sap or --exclude-from=/foo/aix-base,/foo/sap and so on ...
2023 Sep 19
1
Subsystem sftp invoked even though forced command created
This is a new branch of an old thread, made necessary because the email system here purges sent messages after a period of time so I can't reply to the last message in the thread. The operative portion of that last message (retrieved from the archives and dated July 3, 2023) follows: /*****/ So I set up a fresh key to use for this test, and gave it similar parameters. I wasn't aware of
2013 May 21
2
SSH users authentication depending on their public key.
Hi everyone. I'm looking for a way to identify my SSH's users according to their public key; I mean I would like to have their name logged in my bash session (in a shared unix account). I put this in my .profile: export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S - $SSH_USER] " So now I'm trying to make OpenSSH fill the "SSH_USER" variable. First I have to exclude the
2023 Nov 12
1
restrict file transfer in rsync, scp, sftp?
On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not
2023 Nov 12
2
restrict file transfer in rsync, scp, sftp?
On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and not to > allow access to other parts of the system. > >
2020 Oct 21
6
"Semi-Trusted" SSH-Keys that also require PAM login
Hello all, in order to connect to my SSH servers from untrusted devices like company computers or my smartphone, I set up 2FA with google-authenticator hooked into PAM. However, this is not really 2FA at least for the smartphone, since I use the same device for generating the TANs and it is also at least inconvenient to always require a new TAN for each connection. I do not want to solely rely
2003 Jan 05
2
restricting rsync over ssh on the server side.
I was wondering if it's possible to restrict rsync in various ways on the server side when it is invoked via ssh. Two restrictions I had in mind are disallowing deletes and/or restricting all actions to a particular subdirectory. I was hoping to be able to do this without having to be root (for a chroot) or having to set up special sshd server instances/chroots. If there's not already a
2023 Jul 05
1
Subsystem sftp invoked even though forced command created
On 05.07.23 02:50, Damien Miller wrote: > Some possibilities: > 1. the receive.ksh script is faulty in some way that causes it to invoke > sftp-server How would the script even *know* that the client requested the SFTP subsystem? Is a subsystem's executable/path, supposedly internally overwritten with the forced command at that point, exposed through $SSH_ORIGINAL_COMMAND ?
2018 Oct 18
1
Security issues when rsyncing directories as root
Hi, I am using rsync to keep two directores on two servers in sync. Machine A, the "client" is the one where the rsync process is invoked, which then logs into Machine B, the "server" as root with ssh and a key. The key is restricted in /root/.ssh/authorized_keys to a script that checks wither $SSH_ORIGINAL_COMMAND matches the rsync --server command that I expect, such as, for
2023 Jul 03
1
Subsystem sftp invoked even though forced command created
On 30.06.23 17:56, MCMANUS, MICHAEL P wrote: > The actual command is similar to the following (parameters inserted to protect the source): > (print ${FQDN} ; print ${Environment} ; cat ${OutFileXML}) | \ > ssh -Ti ${EmbeddedPrivateKey} \ > -o HostKeyAlias="${Alias}" \ > -o
2002 Nov 18
2
Rsync and ssh with passwordless authentifikation
Is it possible to konfigure a passwordless authentifikation in kombination with ssh. for example: to a specific folder on a server named server1 has only user1 access. the user1 only exists on server1. server2 wants to replicate a foler from server1 to himself. the rsync process uses the rsync_user, which exists on both machines. the rsync process asks every time the job runs for the password
2002 Nov 05
1
Security Question: passwordless machine accounts
Hi folks, Finally got Samba up and running after many oplock issues and I'm very pleased. One "detail" left that bothers me. I'm running FreeBSD 4.7-STABLE on our PDC and every night I'm (root) is emailed a security report. Among the items reported is: Checking for passwordless accounts: . . CLIENT01$::1134:1134::0:0:Machine CLIENT01:/dev/null:/sbin/nologin . Should I
2014 Jul 23
1
samba4 passwordless ssh
hi all i have samba4 ad setup and working, i am currently trying to set up passwordless ssh on my client servers, i have read this page https://wiki.samba.org/index.php/Authenticating_other_services_against_AD i have a properly configured krb5.conf file, i have a keytab from the samba dc and i can kinit and obtain a valid ticket. the only thing i have not done is to join my client which is a
2018 Jul 24
3
[Bug 2886] New: ssh-copy-id appears to hang indefinitely when ssh multiplexing is enabled, and it permits passwordless login
https://bugzilla.mindrot.org/show_bug.cgi?id=2886 Bug ID: 2886 Summary: ssh-copy-id appears to hang indefinitely when ssh multiplexing is enabled, and it permits passwordless login Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW