similar to: [PATCH] ssh: Add option to present certificates on command line

https://bugzilla.mindrot.org/show_bug.cgi?id=1981 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2136| |ok+ Flags| | --- Comment #4 from Damien Miller <djm at mindrot.org>

I have renamed all of the patch files to .txt, which should be acceptable for the mailer daemon at mindrot, per Angel's suggestion. I am attaching the patch files to the email, with the extra space removed and a minor correction made. Bill Parker (wp02855 at gmail dot com) -------------- next part -------------- --- port-linux.c.orig 2012-12-19 17:40:53.231529475 -0800 +++ port-linux.c

(I''ve had this patch lying around for a couple of weeks, waiting for Trac to come back up. noradio''s already had a look at it on IRC. What''s the best way to submit patches while Trac is down?) with_scope doesn''t support :order in the presence of :include. For example: {{{ # We''re testing the interaction between :order, :include, and

With an OpenSSH 6.2p1 client with stock ssh_config and one of the following cases: - I don't have any client keys - I have one or more client keys, but not one of each type - I don't have an authorized_keys on the server - I have an authorized_keys on the server, but it does not list any of the keys I have - One of my client keys is listed, but I don't have an agent and

Hello All, In reviewing source code for OpenSSH-6.1p1, I found instances of deprecated library calls still within various source code files. Examples of deprecated calls are: bzero() (replaced with memset() which is ANSI compliant), index() (replaced with strchr() which is also ANSI compliant). In file 'auth2-jpake.c', I've replaced all the bzero() calls with the equivalent

https://bugzilla.mindrot.org/show_bug.cgi?id=1960 Bug #: 1960 Summary: Running sshd in wrong SELinux context causes segmentation fault when a user logs in Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: amd64 OS/Version: Linux Status: NEW Severity: minor

I've been experimenting with dovecot-1.0-stable on Solaris. Storage format is mbox. Dovecot, in test, runs in parallel with an UW IMAP, with dovecot running SSL-only on port 994. It seems to work to some extent: * dovecot runs * authentication works * SSL works * all manual IMAP functionality checks seem to work fine However, I'm running into issues with IMAP clients. * Null

https://bugzilla.mindrot.org/show_bug.cgi?id=2436 Bug ID: 2436 Summary: Add ssh option to present certificates on command line Product: Portable OpenSSH Version: 6.9p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

I can share my notes, we authenticate UniFi clients via Freeradius against Samba AD. We also check group membership which you might or might not need: ## 4 FreeRADIUS ### 4.1 Basics ```bash apt install freeradius freeradius-ldap freeradius-utils # create new DH-params openssl dhparam -out /etc/freeradius/3.0/certs/dh 2048 ``` ### 4.2 Configure Authentication - modify mschap to use winbind,

> I guess we have to look at the conf files then, first these two: Thank you for the config file snippets. I can confirm mine were almost identical, so I've tweaked them so that they are now exactly the same as yours except for the "--require-membership-of=example\authorization_groupname" line in ntlm_auth. Unfortunately it's still erroring out: (7) mschap: Creating

Hello Tim, Hello samba-people, is there an uptodate guide for authenticating via freeradius somewhere? I have some Ubiquiti APs plus a Cloud Key and I want to authenticate WLAN clients via WPA2-Enterprise instead of a (shared) PSK. It seems like https://wiki.samba.org/index.php/Authenticating_Freeradius_against_Active_Directory is missing some steps (basic setup of freeradius). Can you

Hi Alexander, I'm terribly sorry. We didnt have the "ntlm auth" parameter configured on the DCs at all. I added it and it just works. Thanks for your help. Now I just need to figure out how I can make WLAN-specific LDAP-Group authentication. e. g. production WLAN needs LDAP group "wlan_production" and management WLAN needs the "wlan_management" group. I

https://bugzilla.mindrot.org/show_bug.cgi?id=2642 Bug ID: 2642 Summary: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status:

Hello Alexander, thanks Alexander for these configuration snippets. Which version of Samba are you using? Is this on debian bullseye? Is the FreeRADIUS server installed on a DC or on a Domain Member? (I just tested the latter). is "ntlm auth = yes" OK for the DCs and the domain member or does it have to be "mschapv2-and-ntlmv2-only" for all servers (DCs + Member)? It

Hi Matthias, we?re using Debian Bullseye with the backports repo. So version is a mixture of - Samba version 4.17.3-Debian - Samba version 4.17.7-Debian We?ve installed it directly on the DC?s as well. In my opinion using "ntlm auth = yes? should be fine. Did you try using a simple RADIUS secret? In my experience long secrets or ones containing special characters don?t work very well. I

OK, let me go through exactly what you did: you: > Here's the test (I must run mutt not telnet like i mentioned earlier to > get the imap tickets). > > root at server:~# kinit achim > Password for achim at DOMAIN.LOCAL: > [I enter my password] As root on AD/DC mail.hprs.local: me: $ kinit mark Password for mark at HPRS.LOCAL: [I enter my password] you: >

Debug log output please! I think you still miss the gssapi module for dovecot. Am 03.07.2016 um 19:42 schrieb Mark Foley: > Achim, > > This is my most recent effort. If I cannot make progress from here I'm going to give this idea a rest. > > I used easy-rsa to create a cert. Files are: > > /etc/ssl/certs/OHPRS/easyrsa/ca.crt > /etc/ssl/certs/OHPRS/easyrsa/reqs/MAIL.req

Hi, I am still getting strange creation and mailbox lookups from 0.99.11-test7. dovecot creates in ~/Maildir/ .INBOX/ .imap.index .imap.index.cache .imap.index.log .customflags dovecot-uidlist .INBOX seems to be a reference to ~/Maildir/{cur,new,tmp} yet I

Package: dovecot Version: 0.99.10.4-2 I am accessing my IMAP folder on my ~/Maildir using mutt via Dovecot and I have this problem whereby mutt incorrectly reports I have new mail in a "mailboxes" polled mailbox. This happens all the time when I press the key bound to change mailbox. I use courier IMAP at school, and I have not experienced this problem. A bug with dovecot or mutt?

Achim, This is my most recent effort. If I cannot make progress from here I'm going to give this idea a rest. I used easy-rsa to create a cert. Files are: /etc/ssl/certs/OHPRS/easyrsa/ca.crt /etc/ssl/certs/OHPRS/easyrsa/reqs/MAIL.req /etc/ssl/certs/OHPRS/easyrsa/reqs/dovecot.req /etc/ssl/certs/OHPRS/easyrsa/private/ca.key /etc/ssl/certs/OHPRS/easyrsa/private/MAIL.key