similar to: OpenSSH key signing service?

On Sun, Dec 24, 2017 at 9:54 PM, David Newall <openssh at davidnewall.com> wrote: > On 25/12/17 00:11, John Devitofranceschi wrote: >> >> Besides ssh.com?s PrivX product, has anyone created a web service that can >> be used to issue temporary certkeys to authenticated users? >> >> Any pointers appreciated! > > > I expect that what I'm about to

On Wed, May 17, 2017 at 2:46 AM, Damien Miller <djm at mindrot.org> wrote: > On Mon, 15 May 2017, Adam Eijdenberg wrote: >> https://github.com/golang/go/issues/20273 >> >> By default they are looking for a principal named "host:port" inside >> of the certificate presented by the server, instead of just looking >> for the host as I believe OpenSSH

> Uri (earlier in this thread) does answer this question clearly (that > the principal should be the hostname only), and, now that I've found > PROTOCOL.certkeys, this seems to be spelt out unambiguously there too: In turn this means: One cannot expect several SSH services on a single host to be securely distinguishable from each other by their particular

I'm trying to get veracity (http://www.rocksoft.com/veracity/), a tripwire replacement, working on FreeBSD 5.x. When I try and create a snapshot I get the following error for files sitting on my root partition: -- snip snip -- csh.logout E: Error opening binary (B) stream of file "/etc/csh.logout". (OS error message="File is on the procfs (/proc)

hi all, how can i saving R output to docx or Jpeg format? [[alternative HTML version deleted]]

> (Blargh is right (https://blog.habets.se/2011/07/OpenSSH-certificates.html <https://blog.habets.se/2011/07/OpenSSH-certificates.html>). Googling for this stuff is *hard*:) Does https://www.sweharris.org/post/2016-10-30-ssh-certs/ help at all? Stephen

Hello: I am working to implement certificate-based authentication for some internal applications. It would be very helpful to be able to pass information server-side by specifying some custom options via the Extensions of the signed certificate, allowing the authenticity of the options to be verified readily. However, I have not been able to find too much for specifying behaviors, etc.

Hi, I have a question regarding the binary format of the certificates generated with ssh-keygen, in particular when the critical options of source-address or force-command are present and the correspondence to the certificate format specifications such as http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD . It appears that the string values of the source-address

Hola buenos dias, tengo una duda con RMarkdown que no se si tiene facil apanio. Resulta que para un trabajo que estoy haciendo necesito que se ejecute el siguiente codigo n-veces ```{r echo = FALSE} ANIO_ACTUAL<-2015 i=1 CONFIGURACION <-read.csv("D:\\ … \\CONFIGURACION.csv",sep = ",") AYUNT <- as.character(CONFIGURACION$AYUNTAMIENTO[i]) ``` ##Situación de `r

In an environment where users use smart cards to authenticate on Windows and then use ssh to login to UNIX systems via GSSAPI, it is nigh impossible to renew/refresh the Kerberos credentials in the UNIX session. If the user fails to renew their credentials before they expire, the user is stuck and must log out and log back in to get valid tickets. Meanwhile it is entirely likely that on the

Hola Carlos, creo que no resuelve el problema, de hecho otra de las cosas que no he conseguido aún es generar sencillamente el PDF (con los html para generarlos 1 a 1 sin pb). Siempre suelo obtener el error. Esto me aparece al ejecutar myReport$export(): You may install Pandoc easily with "install.pandoc()" from the "installr" package.Error in Pandoc.convert(fp, format =

Dear R-devel, Recent versions of R CMD check have been flagging apparent S3 methods that are not registered in the NAMESPACE as such. In most situations this is very helpful. However, I have few cases in existing packages where we have unfortunately named functions using a "." in them that makes them appear as S3 methods when they are not. As there is no existing class

Has anyone plotted or is it possible to plot CIE *xy* chromaticity diagram http://en.wikipedia.org/wiki/File:CIE1931xy_blank.svg I need this plot in color. ishida [[alternative HTML version deleted]]

Hola, ¿qué tal? Lo que puedes hacer es que tu fichero Rmd lea el parámetro de un fichero externo. Entonces, creas un script que: 1) Actualice el valor del índice en ese fichero externo. 2) Compile el Rmd y le dé el nombre que te interesa. 3) Vuelva a (1). Salud, Carlos J. Gil Bellosta http://www.datanalytics.com El día 2 de julio de 2015, 16:08, David Duncan <dhduncan1975 en

Hello, All: What facilities exist for plots and tables of data in the standard MediaWiki software beyond the obvious standards? The standard MediaWiki tables and graphics capabilities seem to me to be rather clumsy, and I wonder if I'm missing some available extensions? The standard MediaWiki tables are described in a Wikipedia article on "Help:Table".

https://bugzilla.mindrot.org/show_bug.cgi?id=2389 Bug ID: 2389 Summary: update the PROTOCOL.certkeys spec to avoid confusion regarding encoding of critical options fields Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: All Status: NEW Severity: enhancement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Can anyone reproduce this on a Solaris 8 system with 4.2p1: openssh is configured to use PAM and sshd_config has "UsePam" set to "yes" pam.conf has something like this: other auth required pam_get_authtok other auth sufficient pam_krb5.so.1 use_first_pass other auth required pam_unix.so.1 use_first_pass Now, If I log in via

Hello I have a question. I made an r-script and did a few commands needed to make some new variables. They all work out well, and when I run the commands, the new variables appear in the dataset. I can also work with these new variables to make other new variables from them. Also, when I use summary(dataset), those new variables appear in the summary of the dataset. But, when I do summary(new

Hi all. I've looked at the archives and it seems to be quiet regarding this supposed "0-day" openssh vulnerability and I'm wondering if anyone here may have some insight or further information regarding it. We've been monitoring things and the amount of speculative info flying around is incredible. Some claim it's the CPNI-957037 issue, thus affecting <5.2, others

Dear list members, I have a statistical question, that doesn't belong to this list, and I apologise for that in advance but I would appreciate your help very much. Is there some convention for selecting the a level for significance testing in scientific (e.g. chemical processes) studies? Most people use the 0.05 level but I could not find a reference to justify this. Why not 0.01 or 0.1?