similar to: Good procedure?

On 2018-08-21T06:21, Stef Bon <stefbon at gmail.com> wrote: > Op di 21 aug. 2018 om 06:04 schreef Stef Bon <stefbon at gmail.com>: > > > > Hi, > > > > I'm looking for a procedure (on paper first) to provide users on hosts > > session keys to login to servers providing services like file, print > > or even access to internet or a sql db. >

Hi, I'm very interested in making SSH use UDP for large data chunks. Maybe you know FASP (https://en.wikipedia.org/wiki/Fast_and_Secure_Protocol), but that is proprietary, although the website says it's based upon open source methods. Is it possible to make openssh work with UDP for this purpose? Thanks in advance, Stef Bon

Hi, I discovered when using my fuse fs for connecting to a remote host using sftp that the new server version 7.4 sends a greeter which is not according the format desribed in https://tools.ietf.org/html/rfc4253#section-4 There is written that the greeter "MUST be terminated by a single Carriage Return (CR) and a single Line Feed (LF) character (ASCII 13 and 10, respectively)." Now

I've a server where clients can connect to using direct-streamlocal at openssh.com. I want that the server "knows" the address of the client. I've tried using the peercredentials of the process connecting my server (which is a sshd process) and check the environment. I thought that in the environment the var SSH_CLIENT would be set, but that did not work. This sshd process has

> > Details on these, please? Since that was kind of what I was asking for in > the OP :) netflix's bless has been around for a while. https://github.com/Netflix/bless nial sheridan gave a talk recently at LISA about cashier. https://github.com/nsheridan/cashier and finally i'm hoping to have all the necessary approvals to release ussh early next year. I wrote about ussh here

Hello, I am investigating a data-loss bug in SSHFS (https://github.com/libfuse/sshfs/issues/72). While the root cause is in SSHFS and has already been fixed, there seems to be some unfortunate interaction with what I believe is an OpenSSH bug: As far as I can tell, when sending a SSH_FXP_OPEN request with SSH_FXF_WRITE (i.e., opening the file write only), and then following up with a

Hallo, we run a Redhat samba 3.5.4 PDC with openldap 2.4 as user/passwordbackend. The ldap also contains the posix information for the users to login to some web/mail/etc. servers. I'm faced with the task to implement a 'both worlds' compatible paswword sync process regarding complexity etc. For the posix account password we use a webfrontend, configure to use pam/cracklib checks

On 2018-04-04T17:27, mlrx <openssh-unix-dev at 18informatique.com> wrote: > Le 04/04/2018 ? 13:32, Jan Bergner a ?crit?: > > Good day! > > > > Is it possible to achieve this without nasty workarounds like wrapper > > scripts monitoring the very-verbose output of SSH or doing DPI? > > Alternatively, would it be possible to add a config option, allowing an

https://bugzilla.mindrot.org/show_bug.cgi?id=1953 Stef Bon <stefbon at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |stefbon at gmail.com --- Comment #5 from Stef Bon <stefbon at gmail.com> --- I agree with others: xattr support

When forwarding a Unix-domain socket, the remote socket path must be absolute (otherwise the forwarding fails later). However, guessing absolute path on the remote end is sometimes not straightforward, because the file system location may vary for many reasons, including the system installation, the choices of NFS mount points, or the remote user ID. To allow ssh clients to request remote socket

Hello, I'd like to announce "nutdown", a nut client written using perl UPS::Nut. It's purpose is to enable shutdowns in stages, e.g. "less important servers shut down at 80% charge, the important ones at 10% and the nut server at 5%". To that end, nutdown supports "events" like power_fail, the charge falling below configurable percentages (i.e. every

How about using the existing OpenSSH client's PKCS#11 support to isolate keying material in a dedicated process? A similar approach, "Practical key privilege separation using Caml Crush", was discussed at FOSDEM'15 with a focus on Heatbleed [1][2] but the ideas and principles are the same. Now this is easily done using the following available components: - SoftHSM to store

Hi Alexander Wuerstlein Thank for the information. Now I agree that it's better to save the socket in /tmp/ I checked the source code and found that it is hard-coded. /* Allocate a buffer for the socket name, and format the name. */ auth_sock_dir = xstrdup("/tmp/ssh-XXXXXXXXXX"); It would be nice if openssh provides an option to overwrite this default. Regards Tran

Le 12/05/2017 ? 12:47, Alexander Wuerstlein a ?crit : > On 2017-05-12T12:07, mh at ow2.org <mh at ow2.org> wrote: >> I'm using 7.2p2-4ubuntu2.1 >> >> I have the same exact problem as described in the first comment in >> https://bugzilla.mindrot.org/show_bug.cgi?id=1573 >> >> Initially, my ldap server hostname and IP is only in /etc/hosts, not in

On Dec 6, 2013, at 8:21 AM, Alexander Wuerstlein wrote: > I'd like to announce "nutdown", a nut client written using perl > UPS::Nut. Thanks for posting this. One thing that I would consider changing is to treat "ups.status" as a set (splitting on whitespace, if any), and to not rely on the order of the status flags. Actually, splitting ups.status into an array

Hello, at my universities CS computer pools we're trying to migrate our samba3 based NT domain to AD with samba4-rc1. In the past we had a little script which our users could run on their own from their linux account which created a samba user with their own uid/gid and set their password (via smbpasswd). We're trying to recreate this behaviour with "samba-tool user create"

On 2017-05-18T13:13, mh at ow2.org <mh at ow2.org> wrote: > Le 18/05/2017 ? 12:17, mh at ow2.org a ?crit : > > However, I get uid/gid numbers instead of names within sftp session (ls > > -l) ? I don't know if it's new but I would definitively prefer names... > > It seems the reason is : > > open("/etc/passwd", O_RDONLY|O_CLOEXEC) = -1 EACCES

Hello, When trying out (g)pxelinux using TFTP URLs and the '<host>::<path>' syntax, pxelinux seemed to "hang". Some printf debugging and tcpdump revealed that it looped in the timeout after sending the TFTP RRQ. Further investigation revealed, that if a plain IP address (e.g. "tftp://12.34.56.78/something") is used, the byte order is not converted from host

Hi, how are mails forwarded, if I do have the same alias pointing to two different users like this (two entries, two lines): bon.aqua: coke bon.aqua: pepsi Will coke and pepsi get the mail adressed to bon.aqua or will only the first entry get the mail? I know, that "bon.aqua: coke, pepsi" will forward the mails to coke and pepsi, Cheers, G?tz -- G?tz Reinicke IT-Koordinator

Hola! Para simular matrices de datos normales multivariados con la sentencia rmvnorm (dentro del paquete mvtnorm) se necesita, entre otras cosas, el número de vectores a simular, el vector de parámetros-medias correspondiente a cada variable y su respectiva matriz de Varianza-Covarianza. En este último punto, tengo problemas. En lugar de ingresar una matriz sigma creada por mi, necesito simular