similar to: scp, sftp, and special characters in filenames

On Mon, 4 Nov 2019, David Newall wrote: > On 4/11/19 3:29 am, Demi M. Obenour wrote: > > I have not been able to get scp(1) to download a file with a newline > > in its name. I know that scp(1) requires that remote filenames be > > escaped for the shell, but that leads to protocol errors. > > I see something much worse: > > $ sudo sh > # echo

On 5/10/23 08:50, Lucas Holt wrote: > On 5/10/23 4:36 AM, Antonio Larrosa wrote: >> Hello, >> >> This is probably a long email, but please bear with me. I plan to >> submit a patch and would like to explain what I will do before doing >> it so I don't lose time if there's some flaw in my plan. >> >> I currently use sshfs to mount directories

On 2019-10-15 20:00, asymptosis wrote: > On Tue, Oct 15, 2019 at 07:43:00PM -0400, Demi M. Obenour wrote: >> On 2019-10-15 19:11, Job Snijders wrote: >>> The S in SSH stands for secure. You are asking the wrong group of people. >>> You?ll have to resolve your issue in some other way. >>> >> This tool would only support running on stdin/stdout. Indeed,

There have been many cases where I have found myself in need of a pure forwarding tool that can forward sockets over a single stream. In my use cases, this stream is already secure, so there is no need for the tool to do any encryption or authentication. One specific use-case was forwarding a Docker socket to another VM over QubesOS qrexec qrexec, which uses Xen shared memory, but there are

On Sat, Feb 25, 2023 at 12:14?PM Demi Marie Obenour <demiobenour at gmail.com> wrote: > > On 2/25/23 07:50, Nico Kadel-Garcia wrote: > > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: > >> > >> On 24.02.23 12:58, Keine Eile wrote: > >>> does any one of you have a best practice on renewing ssh host keys on >

On 2/25/23 07:50, Nico Kadel-Garcia wrote: > On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: >> >> On 24.02.23 12:58, Keine Eile wrote: >>> does any one of you have a best practice on renewing ssh host keys on >>> cloned machines? >>> I have a customer who never thought about that, while cloning all VMs >>>

I have been working on adding proper tail (via `become`) to rustc. I was able to make them work (some parts of the type checker aren't implemented yet). However, I ran into an LLVM-related problem. LLVM claims to support proper tail calls when fastcc is used — but only on i386, x86-64 and PowerPC. Is this accurate? Will proper tail calls be supported on WebAssembly? Are they supported on

In some language implementations, such as the Glasgow Haskell Compiler (GHC) and the reference implementation of Go, a thread’s stack is allocated as a data structure on the garbage-collected heap.  The garbage collector is free to move this data structure whenever it is invoked. Currently, GHC’s LLVM backend does not use the C stack.  However, there have been discussions about whether using the

On 4/18/23 05:05, Norbert Pocs wrote: > Hi OpenSSH mailing list, > > I would like to announce the newly introduced patch in Fedora rawhide [0] > for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 > version. Why does Fedora care about FIPS 140? To me, this seems like it should be specific to RHEL and maybe CentOS Stream, not Fedora. My understanding

LLDB currently uses a client-server architecture.  That appears fine, but runs into an annoying security problem: other users on the same machine can connect to the TCP socket and take over LLDB and thus the user’s system.  This means that LLDB is useless in multiuser enviromnents on Linux, such as academic computer labs. The immediate problem can be solved by using either HMAC authentication of

On 2019-10-15 19:11, Job Snijders wrote: > The S in SSH stands for secure. You are asking the wrong group of people. > You?ll have to resolve your issue in some other way. > This tool would only support running on stdin/stdout. Indeed, an idiomatic use-case would be to use it as the command argument to ssh(1). The assumption I am making is that anyone that can pass arbitrary data to

https://bugzilla.netfilter.org/show_bug.cgi?id=1680 Bug ID: 1680 Summary: Trying to delete offloaded flow with conntrack results in EBUSY Product: nftables Version: unspecified Hardware: All OS: other Status: NEW Severity: major Priority: P5 Component: kernel

On 5/10/23 4:36 AM, Antonio Larrosa wrote: > Hello, > > This is probably a long email, but please bear with me. I plan to > submit a patch and would like to explain what I will do before doing > it so I don't lose time if there's some flaw in my plan. > > I currently use sshfs to mount directories from some computers and a > NAS into other computers. I recently

On Mon, 4 Nov 2019 at 14:07, David Newall <openssh at davidnewall.com> wrote: > [about scp] That's just awful, and I should have > thought it was not at all necessary. Am I missing something? > If you're saying that the scp protocol is an unfixable mess then the openssh team has been agreeing[0] with you for at least a decade and a half. We fix what we can, but some

using "synchronized" subsecond timestamps imho only makes sense with synchronized time (ntp) through that ssh tunnel, too. and with this assumption a "full VPN ssh usage" instead of "only filesystem timestamps" [maybe trying with target systems without subsecond timestamps?] seems impractical to me. or at least "... [sry, didnt have internet to send, incomplete

On 6/19/23 20:20, Damien Miller wrote: > > On Fri, 16 Jun 2023, Ronan Pigott wrote: > >> This adds support for systemd socket-based activation in the ssh-agent. >> When using socket activation, the -a flag value must match the socket >> path provided by systemd, as a sanity check. Support for this feature is >> enabled by the --with-systemd configure flag.

Has anyone considered moving all LLVM development over to Phabricator? Phabricator includes - Code review (Differential) - A bug tracker (Maniphest) - Project management software - A wiki (Phriction) - Many more applications LLVM already has a Phabricator instance.

On Fri, 16 Jun 2023, Ronan Pigott wrote: > This adds support for systemd socket-based activation in the ssh-agent. > When using socket activation, the -a flag value must match the socket > path provided by systemd, as a sanity check. Support for this feature is > enabled by the --with-systemd configure flag. > > --- > Something tells me upstream would not be interested in

On Fri, Feb 24, 2023 at 10:01 AM Jochen Bern <Jochen.Bern at binect.de> wrote: > > On 24.02.23 12:58, Keine Eile wrote: > > does any one of you have a best practice on renewing ssh host keys on > > cloned machines? > > I have a customer who never thought about that, while cloning all VMs > > from one template. Now all machines have the exact same host key. >

I've configured OpenSSH_5.3p1 to only allow sftp connections (openssh chroot functionality). i.e. Subsystem sftp internal-sftp Match group sftpusers ChrootDirectory /chroot/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp So far everything works correctly with sftp but when a user ssh's or scp's to the box the login