similar to: (rfc) too many keys, usecase?

On Thu, 14 Apr 2016, Jakub Jelen wrote: > On 04/14/2016 01:19 PM, Cristian Ionescu-Idbohrn wrote: > > There is no /root/.ssh/authorized_keys on remote host, so I have to > > authenticate with password. > > > > On the remote host: > > > > # /usr/sbin/sshd -T | egrep permitroot > > permitrootlogin yes > > > > Attempting: > > > >

> Hello, > I have rsync process which is a crontab job: > 0 0-23 * * * /bin/rsync -rvg /net/server1/local/filesys1/userhomedir/project_dir /local/filesys1/userhomedir/project_dir > which sync the user project dir on localsystem from another machine called server1 via nfs, but the weird thing its coping all files every time it syncs am I using the wrong flags? is it possible to copy

Since my power problems that resulted in a re-install I have a problem which I've failed to locate up to now. The logs show daily.cld updated (version: 8950, sigs: 72593, f-level: 38, builder: ccordes) Database updated (510565 signatures) from db.gb.clamav.net (IP: 163.1.3.8) WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket I've been

On 05/01/2017 04:48 PM, Cristian Ionescu-Idbohrn wrote: > On Mon, 1 May 2017, Cristian Ionescu-Idbohrn wrote: >> >> Example, 'Macs'. >> >> On the man page I read: >> >> "Multiple algorithms must be comma-separated. >> ... >> If the specified value begins with a '-' character, then the >> specified algorithms (including

On Tue, May 02, 2017 at 06:17:47PM +0200, Cristian Ionescu-Idbohrn wrote: > $ ssh -vvv -oMacs=umac-64 at openssh.com localhost : 2>&1 | egrep -i 'macs|umac' > debug2: MACs ctos: umac-64 at openssh.com > debug2: MACs stoc: umac-64 at openssh.com > debug2: MACs ctos: umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha1-etm

Hi, I understand MaxAuthTries is a parameter used to restrict the maximum number of authentication attempts. But I notice a difference in behavior when run from different client versions. The MaxAuthTries at the server side is 6. The server side is running OpenSSH 6.6 version. When wrong password is given from an openssh client 6.1 version, it disconnects after 3 attempts. When wrong

Example, 'Macs'. On the man page I read: "Multiple algorithms must be comma-separated. ... If the specified value begins with a '-' character, then the specified algorithms (including wildcards) will be removed" It seems that just one algo name is supported on such a line, example: Macs -umac-64* But this form is not supported: Macs -umac-64*,-hmac-sha1* nor is

Hi list! I have some machines running openssh 3.9p1. AllowUsers is set to my users, that are allowed to login. If I set PermitRoot without-password, but do not include root in AllowUsers, root is not able to login with pubkey. I do not want to set root in AllowUsers, since the without-password option should check this allready, I think... So I made a small patch that allows me to login as root

https://bugzilla.mindrot.org/show_bug.cgi?id=2715 Bug ID: 2715 Summary: for more flexibility, please support a comma ',' separated list of patterns to add to/remove from the defaults Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Linux Status: NEW

Hi developers, the current setup when doing a make (even a make -s) is very noisy, and makes it very easy to miss warnings from gcc. I would like to add a --slient option to libtool. How do the rest of you feel about that? /Niels -- Niels Baggesen - @home - ?rhus - Denmark - nba@users.sourceforge.net The purpose of computing is insight, not numbers --- R W Hamming

I'm migrating from C7 to C8.? I'm currently using autofs, but alas autofs has been dropped in C8 for the AMD automounter. I have some very ancient knowledge of AMD, I used it when it was first introduced many years ago on Solaris and moved to Sun's automounter when it was introduced. So now it's back to square one. I used automount2amd to convert one of my existing maps,

I want to use sshd together with pam_abl to reduce that logfile spamming with ssh attacks. So the problem is as follows: Setting maxAuthTries to 0 or any other values smaller than the default of 6 changes the behaviour of pam_abl. First, but this also happens with not using maxAuthTries option, is: if the clientside closes connection after for example one failed authentication try then the

This is frustrating: $ export LIBVIRT_DEFAULT_URI=qemu+ssh://remotehost/session $ virsh list error: failed to connect to the hypervisor error: no valid connection error: Operation not supported: Connecting to session instance without socket path is not supported by the ssh connection driver Has there been any thought given to making this easier? It seems that having a simple helper

We try to run a reliable ssh tunnel vis systemd. This is the unit configuration file: {{{ [Unit] Description=Tunnel For %i After=network.target [Service] User=autossh ExecStart=/usr/bin/ssh -o "ExitOnForwardFailure yes" -o "ServerAliveInterval 60" -N -R 40443:installserver:40443 -R 8080:installserver:8080 ExecStartPre=-/usr/bin/ssh tunnel@%i "for pid in $$(ps -u

Hi ? I put the rsync in cronjob but it won't work ? in root user cron ? */30? * * * *? /home/chloe/rsy.sh >/dev/null 2>&1 ? 1/ why it needs pw when I run this rsy.sh in root? but if I run it in chloe user, it doesn't need pw as I put authoized_key in remote host chloe ? 2/ why this root cronjob is not working? what wrong? I can't see this cron in message ? the rsy.sh is

Hi All! I am puzzled. I am using openssh 5.3p1 on RHEL/CentOS but am seeing the same behaviour for osx and debian: ssh -R xxx:yyy:yyy:yyy remotehost Will effectively drop the first (xxx) argument and result in ssh -R 127.0.0.1:yyy:yyy:yyy remotehost ssh -R yyy:yyy:yyy remotehost I had a look at the source code where apparently all 4 values are ready and handed down to the appropriate

https://bugzilla.mindrot.org/show_bug.cgi?id=1432 Summary: MaxAuthTries is not used correctly Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: bitbucket at mindrot.org

I maintain a directory structure containing dirs and files that I regularly push to ~50 hosts, which are divided into 3 groups that have slightly different needs (minor mods in a couple of files). So ideally I would have 4 directories: /path/to/sync/common/ <- common files /path/to/sync/group1/ <- group1 specific only /path/to/sync/group2/ <- group2 specific only

Hi, Been using rsync for many years but I'm stuck with this problem. I'ts a simplistic backup using rsync from a Windows 2k3 machine to a Linux box out on the 'net, using pre-shared ssh keys. In this case I'm saving, files belonging to various users, using the administrator account on the windows machine and the destination is a normal user account and its home file area.

Debian GNU/Linux 2.2 (potato), openssh-2.2.0p1 Configured with: --prefix=/usr/local/openssh --enable-gnome-askpass --with-tcp-wrappers --with-ipv4-default --with-ipaddr-display My goal here is to, as root, forward a local privileged port over an ssh tunnel to another host using a normal user's login, i.e.: root:# ssh -2 -l jamesb -i ~jamesb/.ssh/id_dsa -L 26:localhost:25 remotehost So far,