similar to: “Stripped-down” SSH (no encryption or authentication, just forwarding)

On 2019-10-15 20:00, asymptosis wrote: > On Tue, Oct 15, 2019 at 07:43:00PM -0400, Demi M. Obenour wrote: >> On 2019-10-15 19:11, Job Snijders wrote: >>> The S in SSH stands for secure. You are asking the wrong group of people. >>> You?ll have to resolve your issue in some other way. >>> >> This tool would only support running on stdin/stdout. Indeed,

On 2019-10-15 19:11, Job Snijders wrote: > The S in SSH stands for secure. You are asking the wrong group of people. > You?ll have to resolve your issue in some other way. > This tool would only support running on stdin/stdout. Indeed, an idiomatic use-case would be to use it as the command argument to ssh(1). The assumption I am making is that anyone that can pass arbitrary data to

On Sat, Feb 25, 2023 at 12:14?PM Demi Marie Obenour <demiobenour at gmail.com> wrote: > > On 2/25/23 07:50, Nico Kadel-Garcia wrote: > > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: > >> > >> On 24.02.23 12:58, Keine Eile wrote: > >>> does any one of you have a best practice on renewing ssh host keys on >

On 5/10/23 08:50, Lucas Holt wrote: > On 5/10/23 4:36 AM, Antonio Larrosa wrote: >> Hello, >> >> This is probably a long email, but please bear with me. I plan to >> submit a patch and would like to explain what I will do before doing >> it so I don't lose time if there's some flaw in my plan. >> >> I currently use sshfs to mount directories

https://bugzilla.netfilter.org/show_bug.cgi?id=1680 Bug ID: 1680 Summary: Trying to delete offloaded flow with conntrack results in EBUSY Product: nftables Version: unspecified Hardware: All OS: other Status: NEW Severity: major Priority: P5 Component: kernel

On 2/25/23 07:50, Nico Kadel-Garcia wrote: > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: >> >> On 24.02.23 12:58, Keine Eile wrote: >>> does any one of you have a best practice on renewing ssh host keys on >>> cloned machines? >>> I have a customer who never thought about that, while cloning all VMs >>>

On 4/18/23 05:05, Norbert Pocs wrote: > Hi OpenSSH mailing list, > > I would like to announce the newly introduced patch in Fedora rawhide [0] > for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 > version. Why does Fedora care about FIPS 140? To me, this seems like it should be specific to RHEL and maybe CentOS Stream, not Fedora. My understanding

I have been working on adding proper tail (via `become`) to rustc. I was able to make them work (some parts of the type checker aren't implemented yet). However, I ran into an LLVM-related problem. LLVM claims to support proper tail calls when fastcc is used — but only on i386, x86-64 and PowerPC. Is this accurate? Will proper tail calls be supported on WebAssembly? Are they supported on

In some language implementations, such as the Glasgow Haskell Compiler (GHC) and the reference implementation of Go, a thread’s stack is allocated as a data structure on the garbage-collected heap.  The garbage collector is free to move this data structure whenever it is invoked. Currently, GHC’s LLVM backend does not use the C stack.  However, there have been discussions about whether using the

LLDB currently uses a client-server architecture.  That appears fine, but runs into an annoying security problem: other users on the same machine can connect to the TCP socket and take over LLDB and thus the user’s system.  This means that LLDB is useless in multiuser enviromnents on Linux, such as academic computer labs. The immediate problem can be solved by using either HMAC authentication of

On 2019-10-16 08:07, Nico Kadel-Garcia wrote: > > stunnel? https://www.stunnel.org/static/stunnel.html ? > stunnel doesn?t support multiplexing. As I mentioned in another email, my connection may not be over a network at all ? it may be over a serial line, Xen vchan, or other such stream. Using a full VPN is overkill here. The HPN patches for OpenSSH are the closest to a solution I

I have not been able to get scp(1) to download a file with a newline in its name. I know that scp(1) requires that remote filenames be escaped for the shell, but that leads to protocol errors. I am also unable to get sftp(1) to handle such files. It fails with an ?unterminated quoted argument? error, no matter how I try to quote the newline. Furthermore, the SFTP CLI is not well-suited to

On 6/19/23 20:20, Damien Miller wrote: > > On Fri, 16 Jun 2023, Ronan Pigott wrote: > >> This adds support for systemd socket-based activation in the ssh-agent. >> When using socket activation, the -a flag value must match the socket >> path provided by systemd, as a sanity check. Support for this feature is >> enabled by the --with-systemd configure flag.

Has anyone considered moving all LLVM development over to Phabricator? Phabricator includes - Code review (Differential) - A bug tracker (Maniphest) - Project management software - A wiki (Phriction) - Many more applications LLVM already has a Phabricator instance.

On Fri, 16 Jun 2023, Ronan Pigott wrote: > This adds support for systemd socket-based activation in the ssh-agent. > When using socket activation, the -a flag value must match the socket > path provided by systemd, as a sanity check. Support for this feature is > enabled by the --with-systemd configure flag. > > --- > Something tells me upstream would not be interested in

On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: > > On 24.02.23 12:58, Keine Eile wrote: > > does any one of you have a best practice on renewing ssh host keys on > > cloned machines? > > I have a customer who never thought about that, while cloning all VMs > > from one template. Now all machines have the exact same host key. >

On 5/10/23 4:36 AM, Antonio Larrosa wrote: > Hello, > > This is probably a long email, but please bear with me. I plan to > submit a patch and would like to explain what I will do before doing > it so I don't lose time if there's some flaw in my plan. > > I currently use sshfs to mount directories from some computers and a > NAS into other computers. I recently

using "synchronized" subsecond timestamps imho only makes sense with synchronized time (ntp) through that ssh tunnel, too. and with this assumption a "full VPN ssh usage" instead of "only filesystem timestamps" [maybe trying with target systems without subsecond timestamps?] seems impractical to me. or at least "... [sry, didnt have internet to send, incomplete

Hi OpenSSH mailing list, I would like to announce the newly introduced patch in Fedora rawhide [0] for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 version. The patch targets OpenSSL support of OpenSSH, specifically the usage of old low level API. The new OpenSSL version 3.0 introduces a FIPS module (going through FIPS 140-2 validation and to be FIPS 140-3

Hi, I've been encountering some problems with bridging under linux 2.6.12-9 (ubuntu Breezy Badger). Apologies for the newbie-ish email: problem is likely a config issues, but docs appear to be sparse and I can't find much reference to the problem/solution on the 'net; trial and error really isn't working... Am attempting to bridge an offsite network to the central