similar to: Unable to use 8192bit keypair for Tinc VPN 1.0.22

Hello, I am testing mail_crypt plugin with per account encryption and wanted to generate a new keypair for an account but noticed that I now end up with 2 keypairs where one is active and the other inactive as you can see below: $ doveadm mailbox cryptokey list -u email at domain.tld -U Folder Active Public ID yes 7b140b4f3d6d68eed2c59259ac5e6f6a280dc82990292dc415b4100d6c797f67

Hello. I am a newcomer to rsync so please forgive me if this question is dumb. I'm still learning rsync and I didn't find anything on this topic elsewhere. Is it possible to run the rsync client on windows with a passworded keypair using Pageant or SSH Accession? When I attempt to run these commands I receive errors. I am trying the following: rsync -e "ssh2 -l myusername -p

??????? Original Message ??????? On Thursday, July 4, 2019 11:17 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote: > > Is it possible to delete the inactive keypair? if yes how? > > Wouldn?t you then be unable to *unencrypt* previous emails? That's also what I thought but based on my understand and on the documentation of the "mailbox cryptokey generate"

Hi Lars, Once I modify the firewall FORWARD rule to ACCEPT. I can ping and access my company PC at home. All traffic can pass through that. But I think it is not a good practice to change the FORWARD rule to ACCEPT. Any idea to check and just allow the tinc VPN traffic only? Instead of allow everything pass through the FORWARD rule. Regards, Eric -----Original Message----- From: Lars Kruse

Dear C?dric, If I am using windows version of tinc, how can I check the connection list? Regards, Eric -----Original Message----- From: tinc-bounces at tinc-vpn.org [mailto:tinc-bounces at tinc-vpn.org] On Behalf Of tinc-request at tinc-vpn.org Sent: Wednesday, April 18, 2012 6:00 PM To: tinc at tinc-vpn.org Subject: tinc Digest, Vol 90, Issue 17 Send tinc mailing list submissions to tinc at

Is any of the password schemes supported or is there a reason you chose pkcs5? 4. Sep. 2019, 08:45 von aki.tuomi at open-xchange.com: > > It should pick up the password used by the user, there is a caveat here though. The keypair is created on first use, so password will be initialized to empty string going thru pkcs5. This is slightly inconvenient. > > > To avoid

In the u2f protocol, my understanding is in the normal case, the web browser seeds the keypair process with the hostname of the remote server. In the case of ssh, the hostname is probably not what I would want to do. But the u2f protocol seems to have a way to handle this. It just needs to be exposed to the user. The content of the private keyfile in ssh is generated somehow. Where is that done?

Hello folks, I am new here, so please be gentle :), and any help will be appreciated. Essentially what I am trying to do is, to use Jsch ( the java implementation of SSH client). it has support for Public key based authentication. Since there is a requirement for FIPS enablement, we are trying to use the Algorithm SHA256withRSA, instead of SHA1withRSA. When the code tries to verify the

On 06.07.23 23:37, MCMANUS, MICHAEL P wrote:> So changing the forced command as stated will break the application. I > would need to create a test bed to simulate the listener rather than > use the server as is, where is. That may produce false or misleading > results. Since the forced command is tied to the specific keypair in the authorized_keys, you could -- test with a different

Do I have to replace the "password" part with the actual password or can I just copy it like that? Will dovecot create the keypair automatically or do I have to use doveadm? 4. Sep. 2019, 08:33 von aki.tuomi at open-xchange.com: > > > > On 4.9.2019 9.21, **** **** via dovecot wrote: > >> Hello there, >> >> is there a way to make the

When using openssh with a u2f key, you generate a key via: ssh-keygen -t ecdsa-sk Each time you run it, it gives a different key pair. (Randomly seeming). A differently generated key pair is not valid with the first's public key. All good so far, but you run into a problem if: You generate a keypair (A). You register your public key for (A) on a bunch of ssh servers. You take

I've uploaded Xapian 1.0.22 (including Search::Xapian 1.0.22.0), which as usual you can download from: http://xapian.org/download The 1.0 branch is firmly in maintenance mode now. This release fixes some minor bugs and improves portability a little. The full lists of user-visible changes are linked to from here, and from the "[news]" links on the download page:

Hi, all. So, in reviewing my OpenSSH keypairs and evaluating the size my RSA keys should be, i realized that, if i update my 2048-bit keypairs to 4096 bits, it really doesn't matter that much, because they're still only encrypted with 3DES, which provides an effective 112 bits of symmetric encryption strength: $ head -4 ~/.ssh/id_rsa -----BEGIN RSA PRIVATE KEY----- Proc-Type:

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

Hi People, I know this may seem off topic, but I thought for those of us who might have Debian users generating key pairs that they put on CentOS systems people should be aware that everybody who generated a public/private keypair or an SSL cert request on Debian or Ubuntu from 2006 on is vulnerable http://it.slashdot.org/it/08/05/13/1533212.shtml

Hi All, I am trying to setup the site-to-site VPN with TINC for connect my home network to company network. Here is the IP allocation and configuration for your reference. Home PC (192.168.1.2) ?-----? Home (OPENWRT Router, 192.168.1.1, 10.0.0.1) ?----------------? INTERNET ?-------------? COMPANY (Windows 7 PC,192.168.2.1, 10.0.0.2) ?------------? COMPANY (SERVER ZONE) ?----? SERVER A

>From my understanding, somehow a website talking through the web browser is able to get the same keypair used no matter which computer the keyfob is plugged into. I'm wondering if we can use the same mechanism there. If application is part of the process, maybe allowing the application to be specified by the user rather then being randomly generated by openssh would be enough? Thanks,

Aki really thanks for reply,, I hope for continue the conversation, >> Do you have advice about Dovecot plugins for mail encryption: >> >> https://wiki2.dovecot.org/Plugins/MailCrypt >> https://0xacab.org/riseuplabs/trees >> >> I like NaCL based encryption but the MailCrypt plugin is better >> because it's maintained by Dovecot developers (is this

I am trying to find out how I can use the new self-signed certificates So what I read in the man pages, it should be something like: client: 1) ssh-keygen -f ca_rsa # generate a ssh keypair for use as a certificate Server(s): 2) make sure your /etc/ssh/sshd_config has TrustedUserCAKeys assigned TrustedUserCAKeys /etc/ssh/sshcakeys # or whatever name or location you like 3) edit

> On 11 April 2019 00:49 David Salisbury via dovecot <dovecot at dovecot.org> wrote: > > > >>> > >> Yes. I gave it a try here, and it seems to work. Does it give any extra > >> information if you include -i flag? > >> > >> Aki > >> > > > > Yes, I had tried that, and it doesn't give much extra information, at