similar to: [PATCH v2v] docs: Fix update-crypto-policies command.

On Wed, Jan 15, 2020 at 11:03:24AM +0000, Daniel P. Berrangé wrote: > On Wed, Jan 15, 2020 at 10:57:36AM +0000, Richard W.M. Jones wrote: > > The command as documented was wrong. We need to use the --set option > > to change the policy. > > > > Fixes commit d5cbe7b4bee5dec9e28b1db03e933c97ef6d11e0. > > Thanks: Xiaodai Wang > > --- > >

On Wed, Jan 15, 2020 at 10:57:36AM +0000, Richard W.M. Jones wrote: > The command as documented was wrong. We need to use the --set option > to change the policy. > > Fixes commit d5cbe7b4bee5dec9e28b1db03e933c97ef6d11e0. > Thanks: Xiaodai Wang > --- > docs/virt-v2v-input-xen.pod | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git

This isn't quite the full thing. I think that Pino is also working on replacing the ssh and scp commands in the v2v/input_vmx.ml file with libssh. Without those changes, -i vmx will still issue raw ssh and scp commands, which will use ssh-agent (or keyboard-interactive). The Xen input method doesn't use raw ssh and scp commands, so that one is OK. Rich.

Hi, I started playing with CentOS8 and I am trying to set default crypto policies for openssh server/client. In CentOS7 I followed the guide from https://infosec.mozilla.org/guidelines/openssh.html and set KexAlgorithms /Ciphers/MACs in sshd_config. In CentOS8 I can edit /usr/share/crypto-policies/$POLICY/opensshserver.txt for the sshd arguments, but editing openssh.txt or even changing default

Thanks: Xiaodai Wang --- v2v/output_rhv_upload.ml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/v2v/output_rhv_upload.ml b/v2v/output_rhv_upload.ml index 6260eaac5..df91a117f 100644 --- a/v2v/output_rhv_upload.ml +++ b/v2v/output_rhv_upload.ml @@ -361,13 +361,13 @@ If the messages above are not sufficient to diagnose the problem then add the *) let nr_disks

Is it possible to mix and match crypto policies using approved tools in CentOS 8? Our environment requires a LEGACY setting for OpenSSL so we can maintain connections with our LDAP servers (which we cannot update at this time), but I'd like especially the OpenSSH settings to use the DEFAULT policy (and maybe even FUTURE on a test host or two). I think it's possible to manually

Hello, I've just installed dovecot to replace courier-imap and I've found out it didn't support some of the typical LDAP userPassword schemes, so I've written some based on OpenSSL API. Furthermore I noticed that the MD5 one seems broken. If it isn't a requirement to ship its own implementation of a crypto algorithm, I would send in a patch to replace schema checks with

We were not considering failures while initializing the transfer. In this case the transfer phase can change to PAUSED_SYSTEM or FINISHED_FAILURE, and transfer_url will be None, which failed the upload with a misleading error: RuntimeError: direct upload to host not supported, requires ovirt-engine >= 4.2 and only works when virt-v2v is run within the oVirt/RHV environment, eg. on

Hello, I tried to find out how about to use the hardware crypto engines under Solaris (Sun Fire T2000). It seems, that its not just a compilation issue: > For operations that are to be offloaded, it is necessary to restrict use to subset > of OpenSSL functions (the EVP_ functions) and explicitly indicate the use of the PKCS11 > engine; something like the following works for bulk

When erroring out about duplicated parameters, say "more than once" instead of "twice", since there can be more than two repeated parameters. Thanks to: Xiaodai Wang --- generator/fish.ml | 2 +- generator/perl.ml | 2 +- resize/resize.ml | 4 ++-- tools/virt-tar | 4 ++-- v2v/input_libvirt_vddk.ml | 2 +- v2v/output_rhv_upload.ml | 4 ++--

On Thu, Nov 28, 2019 at 10:58 PM Richard W.M. Jones <rjones@redhat.com> wrote: > > On Thu, Nov 28, 2019 at 09:34:18PM +0200, Nir Soffer wrote: > > We were not considering failures while initializing the transfer. In > > this case the transfer phase can change to PAUSED_SYSTEM or > > FINISHED_FAILURE, and transfer_url will be None, which failed the > > upload

On Mon, 4 Jan 2016, Peter Stuge wrote: > Hi Kaleb, > > Kaleb Himes wrote: > > OpenSSH port Location: https://github.com/kaleb-himes/openssh-portable.git > > I'm afraid this repository is too messy to be useful. :\ > > You need to use the features offered by git to preserve commit ids if > anyone else besides yourself is going to be able to work with this, >

On Tue, 29 Nov 2016 09:25:49 +0000 Stefan Hajnoczi <stefanha at redhat.com> wrote: > On Tue, Nov 29, 2016 at 08:22:58AM +0000, Gonglei (Arei) wrote: > > Hi, > > > > > > > > +source "drivers/crypto/virtio/Kconfig" > > > > > > + > > > > > > endif # CRYPTO_HW > > > > > > diff --git

On Tue, 29 Nov 2016 09:25:49 +0000 Stefan Hajnoczi <stefanha at redhat.com> wrote: > On Tue, Nov 29, 2016 at 08:22:58AM +0000, Gonglei (Arei) wrote: > > Hi, > > > > > > > > +source "drivers/crypto/virtio/Kconfig" > > > > > > + > > > > > > endif # CRYPTO_HW > > > > > > diff --git

Hi, > > > > +source "drivers/crypto/virtio/Kconfig" > > > > + > > > > endif # CRYPTO_HW > > > > diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile > > > > index ad7250f..bc53cb8 100644 > > > > --- a/drivers/crypto/Makefile > > > > +++ b/drivers/crypto/Makefile > > > > @@ -32,3

Hi, > > > > +source "drivers/crypto/virtio/Kconfig" > > > > + > > > > endif # CRYPTO_HW > > > > diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile > > > > index ad7250f..bc53cb8 100644 > > > > --- a/drivers/crypto/Makefile > > > > +++ b/drivers/crypto/Makefile > > > > @@ -32,3

Hello, On Sat, Dec 30, 2017 at 12:16 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net > wrote: > On Thu 2017-12-28 21:31:28 -0800, Dan Mahoney (Gushi) wrote: > > > > Perhaps if you're dead-set on this being so dangerous, > > It's not the developers who are dead-set on weak-keyed RSA being > insecure, it's the cryptanalysts who have shown that to be the

On Thursday, December 15, 2016 8:45 AM, Gonglei (Arei) Wrote: < > > diff --git a/drivers/crypto/virtio/virtio_crypto_core.c < > b/drivers/crypto/virtio/virtio_crypto_core.c < > > new file mode 100644 < > > index 0000000..c0854a1 < > > --- /dev/null < > > +++ b/drivers/crypto/virtio/virtio_crypto_core.c < > > @@ -0,0 +1,474 @@ < >

On Thursday, December 15, 2016 8:45 AM, Gonglei (Arei) Wrote: < > > diff --git a/drivers/crypto/virtio/virtio_crypto_core.c < > b/drivers/crypto/virtio/virtio_crypto_core.c < > > new file mode 100644 < > > index 0000000..c0854a1 < > > --- /dev/null < > > +++ b/drivers/crypto/virtio/virtio_crypto_core.c < > > @@ -0,0 +1,474 @@ < >

On Thu, Dec 01, 2016 at 02:27:19AM +0000, Gonglei (Arei) wrote: > > On Tue, Nov 29, 2016 at 08:48:14PM +0800, Gonglei wrote: > > > diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c > > b/drivers/crypto/virtio/virtio_crypto_algs.c > > > new file mode 100644 > > > index 0000000..08b077f > > > --- /dev/null > > > +++