Displaying 20 results from an estimated 3000 matches similar to: "“Stripped-down” SSH (no encryption or authentication, just forwarding)"
2019 Oct 16
6
Re: “Stripped-down” SSH (no encryption or authentication, just forwarding)
On 2019-10-15 20:00, asymptosis wrote:
> On Tue, Oct 15, 2019 at 07:43:00PM -0400, Demi M. Obenour wrote:
>> On 2019-10-15 19:11, Job Snijders wrote:
>>> The S in SSH stands for secure. You are asking the wrong group of people.
>>> You?ll have to resolve your issue in some other way.
>>>
>> This tool would only support running on stdin/stdout. Indeed,
2019 Oct 15
2
Re: “Stripped-down” SSH (no encryption or authentication, just forwarding)
On 2019-10-15 19:11, Job Snijders wrote:
> The S in SSH stands for secure. You are asking the wrong group of people.
> You?ll have to resolve your issue in some other way.
>
This tool would only support running on stdin/stdout. Indeed,
an idiomatic use-case would be to use it as the command argument
to ssh(1). The assumption I am making is that anyone that can pass
arbitrary data to
2023 Feb 26
1
ssh host keys on cloned virtual machines
On Sat, Feb 25, 2023 at 12:14?PM Demi Marie Obenour
<demiobenour at gmail.com> wrote:
>
> On 2/25/23 07:50, Nico Kadel-Garcia wrote:
> > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote:
> >>
> >> On 24.02.23 12:58, Keine Eile wrote:
> >>> does any one of you have a best practice on renewing ssh host keys on
>
2023 May 21
2
SFTP support for subsecond times
On 5/10/23 08:50, Lucas Holt wrote:
> On 5/10/23 4:36 AM, Antonio Larrosa wrote:
>> Hello,
>>
>> This is probably a long email, but please bear with me. I plan to
>> submit a patch and would like to explain what I will do before doing
>> it so I don't lose time if there's some flaw in my plan.
>>
>> I currently use sshfs to mount directories
2023 May 16
4
[Bug 1680] New: Trying to delete offloaded flow with conntrack results in EBUSY
https://bugzilla.netfilter.org/show_bug.cgi?id=1680
Bug ID: 1680
Summary: Trying to delete offloaded flow with conntrack results
in EBUSY
Product: nftables
Version: unspecified
Hardware: All
OS: other
Status: NEW
Severity: major
Priority: P5
Component: kernel
2023 Feb 25
1
ssh host keys on cloned virtual machines
On 2/25/23 07:50, Nico Kadel-Garcia wrote:
> On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote:
>>
>> On 24.02.23 12:58, Keine Eile wrote:
>>> does any one of you have a best practice on renewing ssh host keys on
>>> cloned machines?
>>> I have a customer who never thought about that, while cloning all VMs
>>>
2023 Apr 18
1
FIPS compliance efforts in Fedora and RHEL
On 4/18/23 05:05, Norbert Pocs wrote:
> Hi OpenSSH mailing list,
>
> I would like to announce the newly introduced patch in Fedora rawhide [0]
> for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9
> version.
Why does Fedora care about FIPS 140? To me, this seems like it
should be specific to RHEL and maybe CentOS Stream, not Fedora.
My understanding
2017 Jan 05
5
Tail calls and portability
I have been working on adding proper tail (via `become`) to rustc. I was
able to make them work (some parts of the type checker aren't implemented
yet). However, I ran into an LLVM-related problem.
LLVM claims to support proper tail calls when fastcc is used — but only on
i386, x86-64 and PowerPC. Is this accurate? Will proper tail calls be
supported on WebAssembly? Are they supported on
2018 Aug 22
2
LLVM and heap-allocated thread stacks
In some language implementations, such as the Glasgow Haskell Compiler
(GHC) and the reference implementation of Go, a thread’s stack is
allocated as a data structure on the garbage-collected heap. The
garbage collector is free to move this data structure whenever it is
invoked.
Currently, GHC’s LLVM backend does not use the C stack. However, there
have been discussions about whether using the
2017 Apr 26
3
LLDB security and the use of an IPC library
LLDB currently uses a client-server architecture. That appears fine,
but runs into an annoying security problem: other users on the same
machine can connect to the TCP socket and take over LLDB and thus the
user’s system. This means that LLDB is useless in multiuser
enviromnents on Linux, such as academic computer labs.
The immediate problem can be solved by using either HMAC authentication
of
2019 Oct 16
2
Re: “Stripped-down” SSH (no encryption or authentication, just forwarding)
On 2019-10-16 08:07, Nico Kadel-Garcia wrote:
>
> stunnel? https://www.stunnel.org/static/stunnel.html ?
>
stunnel doesn?t support multiplexing. As I mentioned in another
email, my connection may not be over a network at all ? it may be
over a serial line, Xen vchan, or other such stream. Using a full
VPN is overkill here.
The HPN patches for OpenSSH are the closest to a solution I
2019 Nov 03
2
scp, sftp, and special characters in filenames
I have not been able to get scp(1) to download a file with a newline
in its name. I know that scp(1) requires that remote filenames be
escaped for the shell, but that leads to protocol errors.
I am also unable to get sftp(1) to handle such files. It fails with
an ?unterminated quoted argument? error, no matter how I try to
quote the newline. Furthermore, the SFTP CLI is not well-suited to
2023 Jun 20
1
[PATCH] ssh-agent: add systemd socket-based activation
On 6/19/23 20:20, Damien Miller wrote:
>
> On Fri, 16 Jun 2023, Ronan Pigott wrote:
>
>> This adds support for systemd socket-based activation in the ssh-agent.
>> When using socket activation, the -a flag value must match the socket
>> path provided by systemd, as a sanity check. Support for this feature is
>> enabled by the --with-systemd configure flag.
2017 Feb 09
2
Using Phabricator for all LLVM development
Has anyone considered moving all LLVM development over to Phabricator?
Phabricator includes
- Code review (Differential)
- A bug tracker (Maniphest)
- Project management software
- A wiki (Phriction)
- Many more applications
LLVM already has a Phabricator instance.
2023 Jun 20
1
[PATCH] ssh-agent: add systemd socket-based activation
On Fri, 16 Jun 2023, Ronan Pigott wrote:
> This adds support for systemd socket-based activation in the ssh-agent.
> When using socket activation, the -a flag value must match the socket
> path provided by systemd, as a sanity check. Support for this feature is
> enabled by the --with-systemd configure flag.
>
> ---
> Something tells me upstream would not be interested in
2023 Feb 25
1
ssh host keys on cloned virtual machines
On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote:
>
> On 24.02.23 12:58, Keine Eile wrote:
> > does any one of you have a best practice on renewing ssh host keys on
> > cloned machines?
> > I have a customer who never thought about that, while cloning all VMs
> > from one template. Now all machines have the exact same host key.
>
2023 May 10
2
SFTP support for subsecond times
On 5/10/23 4:36 AM, Antonio Larrosa wrote:
> Hello,
>
> This is probably a long email, but please bear with me. I plan to
> submit a patch and would like to explain what I will do before doing
> it so I don't lose time if there's some flaw in my plan.
>
> I currently use sshfs to mount directories from some computers and a
> NAS into other computers. I recently
2023 Jul 16
1
SFTP support for subsecond times
using "synchronized" subsecond timestamps imho only makes sense with synchronized time (ntp) through that ssh tunnel, too.
and with this assumption a "full VPN ssh usage" instead of "only filesystem timestamps" [maybe trying with target systems without subsecond timestamps?] seems impractical to me. or at least "...
[sry, didnt have internet to send,
incomplete
2023 Apr 18
3
FIPS compliance efforts in Fedora and RHEL
Hi OpenSSH mailing list,
I would like to announce the newly introduced patch in Fedora rawhide [0]
for
FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9
version.
The patch targets OpenSSL support of OpenSSH, specifically the usage of
old low level API. The new OpenSSL version 3.0 introduces a FIPS
module (going through FIPS 140-2 validation and to be FIPS 140-3
2007 Apr 18
1
[Bridge] <kernel BUG> generated on bridge up/down & other issues
Hi,
I've been encountering some problems with bridging under linux
2.6.12-9 (ubuntu Breezy Badger). Apologies for the newbie-ish email:
problem is likely a config issues, but docs appear to be sparse and I
can't find much reference to the problem/solution on the 'net; trial
and error really isn't working...
Am attempting to bridge an offsite network to the central