similar to: biometrics in samba 4

Alon, I should have provided more background. You are assuming that I could perform the PKINIT prior to connecting to the SSH server. In this case (and others) there is an interest in not exposing the kerberos servers to the world and thus someone connecting remotely would not be able to obtain a TGT or do a PKINIT. The goal would be for SSH to handle all the auth and only after connecting to

Alon, On 12/18/2018 06:52 PM, Alon Bar-Lev wrote: > OK... So you have an issue... > > First, you need to delegate your smartcard to remote machine, probably > using unix socket redirection managed by openssh. This can be done in > many levels... > 1. Delegate USB device, this will enable only exclusive usage of the > smartcard by remote machine. > 2. Delegate PC/SC, this

I know OpenSSH currently supports PKCS11 devices (such as smartcards) for publickey authentication, but I would love to see PKCS11 extended further. It is currently possible to perform PKCS11 certificate authentication, via pam_krb5.so (on Linux at least and likely something similar on other *NIX) which allows smartcard auth to a Kerberos (including AD) server, where a TGT can also be granted.

[[Sending again, as for some strange reason it is not accepted]] Hello OpenSSH developers, I maintain external patch for PKCS#11 smartcard support into OpenSSH[1] , many users already apply and use this patch. I wish to know if anyone is interesting in working toward merging this into mainline. I had some discussion with Damien Miller, but then he disappeared. Having standard smartcard

Hi all, I was just wondering if any of you are using biometric devices (eg: a fingerprint reader) or smartcards with Samba4 for network logon. Either as a replacement for a password or 'extra' as a 2nd factor. Would be interested in hearing experiences regarding this. Any information would be appreciated. Thanks in advance, Bram. -- Bram Matthys Software developer/IT consultant

Are there any plans on the table to add native support for two-factor authentication, such as password *and* public key? Visa PCI standards require two-factor authentication for remote access and if password+key was available in openssh it would be much easier to maintain and support than a full-blown vpn with all the cross-platform compatibility issues that come with one. Thanks! Jacob

I have a LOT of questions!!! This may take a while. I know some of this stuff is at the edge of what Samba4 is just becoming able to do, so if anyone who knows feels this is better posted on samba-technical I'd appreciate a cross-post from someone in a position to know for sure - I did consider posting it there straight away but I figured it's a dev list and I could at least get _some_ of

Join your colleagues for the 20th highly acclaimed international forum to hear the latest implementations of biometrics... The Winter 2010 BIOMETRICS SUMMIT: -------------------- Practical Implementation Strategies, Market Trends And Best Practices In Government And Business -------------------- February 22-25, 2010 - Miami, FL

JOIN YOUR COLLEAGUES FOR THE 20TH HIGHLY ACCLAIMED INTERNATIONAL FORUM TO HEAR THE LATEST IMPLEMENTATIONS OF BIOMETRICS... THE WINTER 2010 BIOMETRICS SUMMIT: -------------------- Practical Implementation Strategies, Market Trends And Best Practices In Government And Business -------------------- February 22-25, 2010 - Miami, FL

Alright lads, I'm Rick Masters and I know very little about networks, but for some mad reason I have been given the job of setting up a Linux File Server on an NT network. How the dickens does that work? Anyway I need as much help as you can be bothered to give me. And there is a free pizza in it for the guy who helps me get it working :-) You are all super and great fun (I'm sure).

Hi all, I'm new to this mailing list, so I apologize if my question is "obsolete" for you. I'd like to know if anybody has a clear idea about how to connect smartcards to the SSH framework. I yet got a modified ssh-agent (by Stephen Pellicer) that uses SSP-Lite (CyberflexAccess driver by me) in order to use the smartcard instead of the HD files. Instead, I'd like to

Hello, Is there any chance to integrate Biometric in RoR 2.3.8. If yes can you please tell me the process. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to

====================================================== "It does not matter how slowly you go as long as you do not stop." Confucius ====================================================== Release Announcements --------------------- This is the first stable release of the Samba 4.5 release series. UPGRADING ========= NTLMv1

====================================================== "It does not matter how slowly you go as long as you do not stop." Confucius ====================================================== Release Announcements --------------------- This is the first stable release of the Samba 4.5 release series. UPGRADING ========= NTLMv1

I am using Project fedena <http://projectfedena.org/> for School Management software a ROR application. i want to attach a biometric device for students & employee attendance , any one can suggest me how i can do it. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To view this discussion on the web visit

On 2018-05-23 (08:17 MDT), Andr? Rodier <andre at rodier.me> wrote: > Use the default scripts, works well for me. > > https://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration#Visible_Default_Script > > The Dovecot wiki is really helpful, have a look on it ;-) Excellent, that's exactly what I want. Question from that page, my users are (almost) all virtual, so what

Hi, I am not sure if this the right place for the question. Sorry if not ... My System: SuSE 9.2 OpenSSH 3.9p1 I have trouble to use a Smartcard with openssh. If i try to connect directly to the Smartcard, it fails: ssh -I 0:45 localhost card-etoken.c:175:etoken_check_sw: required access right not granted card-etoken.c:631:do_compute_signature: returning with: Security status not satisfied

https://bugzilla.mindrot.org/show_bug.cgi?id=1506 Summary: rationalize agent behavior on smartcard removal/reattachment Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

Dear List, I self-host my e-mail and run Dovecot since ever I do that. Dovecot version is 2.3.4.1 (f79e8e7e4), running on Debian testing. Now I am trying to configure Dovecot for client TLS certificates. I have a self-signed certificate whose private key resides on a smartcard (Yubikey, to be exact). I wanted Dovecot to accept that TLS client certificate instead of a password. So I searched and

Hi. Is is possible to use GPG on the host instead of NSS with virtual smartcards? Please document how or add support for it. Can a virtual smartcard make the host less secure? If there are bugs in GPG/NSS backend on the host can they be abused by untrusted code in the vm?