Displaying 20 results from an estimated 8000 matches similar to: "Overhaul of Authorized_keys recipe"
2002 Nov 08
1
question: syncing AD and NDS w/ samba?
Hello all,
I'm wondering if samba(TNG?) can offer a solution for keeping NDS in sync with Active Directory? Perhaps, samba would be only be part of a larger solution involving openldap and or other components. Although I've used samba in the past on stand-alone servers, I have am not up to speed on it's ability to plug into an AD environment (act as a DC) so please excuse me if my
2007 Mar 28
3
New Introduction
Hi all,
I''ve just rewritten the Puppet introduction from scratch:
https://reductivelabs.com/trac/puppet/wiki/PuppetIntroduction
I think it''s better, but I''m not convinced it''s a whole heckuva lot
better.
Comments are very much appreciated, especially if you can recommend a
better approach to the document. I tried to organize it how I have
been giving
2007 Dec 19
0
Users module
Puppeteers,
One of the more ... interesting components of our configuration has
been how we''re handling users. We don''t have an LDAP solution (yet),
so we''re using Puppet to handle users. This isn''t overly complex, at
least at first glance. We have three types of users.
* System admins
* Web developers
* R&D developer
The system admins have userids on all
2007 Dec 03
3
certificate issue with Branch Testing
Hello All,
I''m using the "Branch Testing" approach documented at
https://reductivelabs.com/trac/puppet/wiki/BranchTesting and am seeing
an issue with certificates.
On all clients, I can run puppetd --masterport=8141 successfully but see
the following error when I run against the default (8140) port:
err: Could not retrieve configuration: Certificates were not trusted:
2007 Apr 04
5
sshkey
Hello all,
How are you using the sshkey type? Are you using it to list hosts and keys in a class that nodes include in order to manage /etc/ssh/ssh_known_hosts or something else? How does any of this relate to the sshrsakey and sshdsakey facts on the host? I read some stuff about this on the Virtual Resources page but it''s too vague for my simple mind and I''d be reluctant to use
2007 Mar 19
3
ANNOUNCE: Puppet 0.22.2 (grover)
Hi all,
I''m proud to announce that I seem to have pushed a new release of
Puppet out in record time. This is a minor upgrade, mostly bugfixes
and small features, but there are lots of each. See the changelog[1]
for an idea of what this release provides, but keep in mind that this
changelog is my first real attempt at keeping an up-to-date changelog.
Enjoy!
1 -
2007 May 23
12
Odd ssh authorized_keys problem
Hi all,
I''ve just implemented a [crude] manifest to apply a set authorized_keys
file to the root account of a puppet client.
class rootssh_test {
file { "/root/.ssh/authorized_keys":
owner => root, group => root, mode => 0600,
content => template("rootssh_test")
}
}
The template has two ssh id_rsa lines in.
When the client applies
2007 May 09
1
Automatic distribution of ssh public keys and server host keys
I''m in the process of automating the build of Oracle RAC nodes running
on Linux but there''s one part I can''t quite get my head around.
Oracle RAC requires that the oracle user on each node has an
authorized_keys file containing the public keys of the oracle user on
every other node. It also requires that the known_hosts file contains
host keys for all other nodes to
2007 Mar 30
4
Intended behavior of sourceselect => all [Proper]
Hi all, again.
It looks like my last attempt of sending this message got cut off, at least
it looks like that in the archive[1], so I''m trying again:
<rerun>
Luke Kanies suggested that I take this up here since his memory on the
subject was a bit poor.
I am trying to cat various files together into one file. According to the
documentation "sourceselect => all" might
2012 Sep 14
5
[Bug 2042] New: Troubleshooting information should be logged when sshd doesn't have permission to read user's authorized_keys file
https://bugzilla.mindrot.org/show_bug.cgi?id=2042
Priority: P5
Bug ID: 2042
Assignee: unassigned-bugs at mindrot.org
Summary: Troubleshooting information should be logged when sshd
doesn't have permission to read user's authorized_keys
file
Severity: enhancement
Classification: Unclassified
2002 Apr 17
0
[Bug 220] New: sshd fails to read other users authorized_keys over nfs as root
http://bugzilla.mindrot.org/show_bug.cgi?id=220
Summary: sshd fails to read other users authorized_keys over nfs
as root
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: All
URL: http://www.hut.fi/cc/
OS/Version: All
Status: NEW
Severity: major
Priority: P1
Component:
2007 Jul 13
1
Cygwin: store authorized_keys in /etc/ssh/user/authorized_keys?
Hi folks,
If I try to login on a Cygwin host via ssh, then my
.ssh on a network drive is unaccessible until I login.
I have to enter my password, even if my authorized_keys
would allow me to login without. This is fatal, since it
forces me to use an interactive session for working on a
Windows host. Unusable for automatic builds and tests
managed from a central machine, for example.
There is no
2003 Aug 19
3
splitting big authorized_keys files
Hello everybody,
I have a problem. You may have the answer :-)
I'd like to use openssh for an authentication service.
But that gives me a user, whose ~/.ssh/authorized_keys file has about 15000
entries.
With about 300 characters per line I'd get 4,5 MB of data.
I believe that this length of file could lead to performance issues; so I'm
looking for solutions.
I already saw the
2011 Oct 30
2
[Bug 1947] New: Log authorized_keys format issues and refuse to accept keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1947
Bug #: 1947
Summary: Log authorized_keys format issues and refuse to accept
keys
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
2002 Apr 07
0
missing corner case in authorized_keys?
I've written up a little HOWTO on how I set up my CVS server to allow
anonymous access via ssh. I did it a little bit differently than the
method documented by Theo and crew. Where their login shell has a lot
of stuff in it, mine is a simple execle() statement. Url is here:
http://reactor-core.org/#code
After following the steps outlined in the HOWTO, I came across the
following
2015 Sep 07
1
[PATCH] customize: Create .ssh as 0700 and .ssh/authorized_keys as 0600 (RHBZ#1260778).
Both ssh-copy-id and ssh create .ssh as 0700. ssh-copy-id creates
.ssh/authorized_keys as 0600.
Thanks: Ryan Sawhill for finding the bug.
---
customize/ssh_key.ml | 4 ++--
src/guestfs.pod | 17 +++++++++++++++++
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml
index 09664bf..dd6056f 100644
--- a/customize/ssh_key.ml
+++
2017 Feb 16
1
[Bug 2678] New: PubKey Authentication fails when more than one user/group ACL is set on any Path component to authorized_keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2678
Bug ID: 2678
Summary: PubKey Authentication fails when more than one
user/group ACL is set on any Path component to
authorized_keys
Product: Portable OpenSSH
Version: 5.3p1
Hardware: amd64
OS: Linux
Status: NEW
2007 Jun 28
5
[Bug 1326] New: Allow non-public-key credentials in authorized_keys file ( Kerberos, etc.)
http://bugzilla.mindrot.org/show_bug.cgi?id=1326
Summary: Allow non-public-key credentials in authorized_keys file
(Kerberos, etc.)
Product: Portable OpenSSH
Version: 4.4p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Kerberos support
2010 Mar 01
2
[Bug 1720] New: would be nice if authorized_keys(5) existed
https://bugzilla.mindrot.org/show_bug.cgi?id=1720
Summary: would be nice if authorized_keys(5) existed
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
URL: http://bugs.debian.org/441817
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Documentation
2011 Dec 15
3
Retrieving authorized_keys via remote script
Here's a simple patch which retrieves authorized_keys via exec'ing a
program, rather than reading a flat file.
I added a simple option, AuthorizedKeysExec, to sshd_config which simply
executes the respective file, passing the username as argv[1].
Keys are returned via stdout.
Notes:
If AuthorizedKeysExec is set and an authorized_keys file exists,
checking the existing authorized_keys