similar to: Using multiple certificates for a given private key

hi list, first of all, i''m new to puppet, and i''m evaluating it right now since a few days in my company ( internet, books, etc as sources ). i''ve been using cfengine for a few years now, and trying to get into puppet. i''d install puppet 0.25, because i feel a need to use regular expressions to identify nodes scenario: lets say we do have a few servers to get

Hi? All: I have two physical machines as KVM hosts (clusterA.RHCS and clusterB.RHCS) , an iscsi target set into GFS. All I want is a HA Cluster which could migrate all the virtual machines on a node to another when the first node failed into some error status. So I created a cluster "cluster" using RHCS ,added the two hosts into the cluster . created a fence device . for every virtual

I have two servers identified as `server-1 - 192.168.3.128` and `server-2 - 192.168.3.130`. I am setting up `capifony` for automatic deployment from server-1 to server-2 and this is what I have done so far: 1. In both servers I have created a user `deploy` without password since that's the user I will use for deployment. 2. In server-1 I setup a SSH keys by running the command:

Hello -- We are running the 14.04.3 LTS 64-bit release as a virtual machine on a Vmware appliance. The goal of the installation is to create a Samba server that utilizes Active Directory authentication. To that end I utilized the following procedure:

Hello, part of a usual OpenSSH installation are quite some files containing key material, like private keys (id_rsa, id_dsa, id_ecdsa) and the corresponding public keys (id_rsa.pub, id_dsa.pub, id_ecdsa.pub). Inspired by a recent question on Stack Overflow [1], I had a look at the OpenSSH documentation to see what format these key files have. The sshd man page [2] contains some paragraphs about

Hello -- The output of the getent passwd command was the following: <username>@<domainname>:*:##########:##########::/PHShome/<username>:/bin/PHSshell ________________________________ From: Data Control Systems - Mike Elkevizth [mike at datacontrolsystems.com] Sent: Wednesday, June 08, 2016 6:12 PM To: Kaplan, Andrew H. Cc: samba-technical at lists.samba.org; samba at

On Wed, Jun 08, 2016 at 07:46:00PM +0000, Kaplan, Andrew H. wrote: > Hello -- > > We are running the 14.04.3 LTS 64-bit release as a virtual machine on a Vmware appliance. The goal of the installation is to create a Samba server that utilizes Active Directory authentication. To that end I utilized the following procedure: > >

Hi, If you have the "template = /bin/bash" option, I think it is more likely something wrong with the way ssh is trying to authenticate the username. Do a "getent passwd" and then try "ssh -v '<username exactly as getent returns it (case sensitive)>'@<fqdn of server>. If it doesn't work, post the output of what ssh generates. Mike E. On Thu,

Wondering if it would make sense to have more granular control of trustedUserCAkeys? I have 1 key used to sign root certs, the key is shortlived, and is rotated daily. And I have a 2nd key to sign non- privileged user certs. The non-privileged certs have a longer validity period, and the signing keys are not rotated as frequently. It would be nice to ensure this second signing key's

Hi, Try using the format <domainname><winbind separator><username> to login instead of <username>@<domainname>. I'm not sure why, and don't have time to check into it right now, but ssh doesn't like the <username>@<domainname> format for me either. The default winbind separator is a backslash "\", so you'll have to escape it,

Hello, everybody. I have encountered some strange situations that are driving me crazy. I have 2 DCs which using sernet samba, version 4.7.6. and I use a samba version 4.6.2 as a domain member for file sharing in CentOS7.4. The domain member works well as a file server, but When I login to that domain member using AD authtication. Sometimes, It works OK too, but sometime , I can't login that

I am trying to find out how I can use the new self-signed certificates So what I read in the man pages, it should be something like: client: 1) ssh-keygen -f ca_rsa # generate a ssh keypair for use as a certificate Server(s): 2) make sure your /etc/ssh/sshd_config has TrustedUserCAKeys assigned TrustedUserCAKeys /etc/ssh/sshcakeys # or whatever name or location you like 3) edit

On 23/04/2018 11:49, Michael Felt wrote: > On 21/04/2018 16:21, Michael Felt wrote: > > > Question: I have not dug into the tests yet. Will copy to a "local" > directory, and not build out of tree and see if that fixes it (as it > does for many other packages). However, just in case it does not - how > can I fast-forward the tests to the "agent" tests?

Thanks for your suggestion! It seems to have gone a little further this time, but isn't accepting the key and is failing back on password-based auth. We're double-checking that the public key was correctly configured with the account, and also trying a DSA key to see if it behaves differently. Is there anything you'd suggest we look at or try at this point, and thank you very much

On 10/06/16 12:47, Kaplan, Andrew H. wrote: > Hello -- > > I started a thread on the list that you suggested in your e-mail, and thank-you for the reference. > > Also, I checked the auth.log file on the server, and the following entries were present: > > I checked the auth.log file, and the following entries were present: > > Jun 10 07:10:50 <samba server>

On Thu, Jan 30, 2020 at 7:11 AM Christian, Mark <mark.christian at intel.com> wrote: > > On Thu, 2020-01-30 at 12:27 +0000, Brian Candler wrote: > > As a concrete example: I want Alice to be able to login as "alice" > > and > > "www" to machines in group "webserver" (only). Also, I want Bob to > > be > > able to login as

https://bugzilla.mindrot.org/show_bug.cgi?id=3823 Bug ID: 3823 Summary: SSH on same device ignores MAC restrictions Product: Portable OpenSSH Version: 10.0p2 Hardware: Other OS: Other Status: NEW Severity: major Priority: P5 Component: ssh Assignee: unassigned-bugs at

There is no /root/.ssh/authorized_keys on remote host, so I have to authenticate with password. On the remote host: # /usr/sbin/sshd -T | egrep permitroot permitrootlogin yes Attempting: $ ssh root@<remotehost> shows: Received disconnect from <remotehost> port 22:2: Too many authentication failures for root packet_write_wait: Connection to <remotehost> port 22: Broken

Hello, I'm looking for your insight about the log below. We have an SFTP server (IBM Sterling File Gateway) and we're connecting from an OpenSSH SFTP client but something fails during KEX. Complete client-side debug output is below, but I believe the relevant part is: debug1: kex: server->client cipher: aes192-cbc MAC: hmac-sha1 compression: none debug1: kex: client->server

Hello List, I'am using the ForceCommand in my sshd configuration to log all the user actions on my device. ForceCommand /usr/bin/log-session.sh The Log Session Script itself is working fine for logging. But now I want also use SCP to copy files and this won't work together with the ForceCommand above. The copied file is created but its zero byte on the target. scp file.tar.gz