Displaying 20 results from an estimated 4000 matches similar to: "[Bug 3594] New: PKCS11Provider now requires full paths"
2016 Sep 02
4
[Bug 2610] New: ssh should not complain about "no slots" when PKCS11Provider is specified, but no slot is found nor used
https://bugzilla.mindrot.org/show_bug.cgi?id=2610
Bug ID: 2610
Summary: ssh should not complain about "no slots" when
PKCS11Provider is specified, but no slot is found nor
used
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
2016 Oct 27
11
[Bug 2635] New: Unable to use SSH Agent and user level PKCS11Provider configuration directive
https://bugzilla.mindrot.org/show_bug.cgi?id=2635
Bug ID: 2635
Summary: Unable to use SSH Agent and user level PKCS11Provider
configuration directive
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
2019 Jul 17
2
Preloading shared library with libVirt
Hi,
I am trying to preload two shared libraries while running Qemu using
libvirt. To preload the shared libraries I have added an environment
variable in the $domain.xml file with the following command:
```
virt-xml generic --edit --confirm --qemu-commandline
2017 May 25
2
CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
Hi
We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with
some Windows Clients
The Ubuntu repository not update samba package (last version is 4.3.11).
Please, how am i can fix the CVE-2017-7494 (Remote code execution from a
writable share) in my SAMBA server?
Should option 'nt pipe support = no' will influence how SAMBA_AD works?
Anderson Hoffmann
2019 Nov 03
4
Recent inability to view long filenames stored with scp via samba mount
Greetings Samba team,
It has been a long time since I needed to ask a Samba technical question.
Server and workstation are both running the latest Samba packages via Ubuntu 16.04 LTS. I recently applied the security updates... actually that was yesterday I applied them.
> samba (2:4.3.11+dfsg-0ubuntu0.16.04.23) xenial-security; urgency=medium
>
> * SECURITY UPDATE: client code can
2019 Jul 18
0
Re: Preloading shared library with libVirt
On Wed, Jul 17, 2019 at 13:33:08 -0500, Probir Roy wrote:
> Hi,
>
> I am trying to preload two shared libraries while running Qemu using
> libvirt. To preload the shared libraries I have added an environment
> variable in the $domain.xml file with the following command:
>
> ```
> virt-xml generic --edit --confirm --qemu-commandline
>
2017 May 25
0
CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
According to the changelog from Ubuntu (
http://changelogs.ubuntu.com/changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.7/changelog)
this fix has been backported into the Ubuntu 4.3.11 packages.
samba (2:4.3.11+dfsg-0ubuntu0.16.04.7) xenial-security; urgency=medium
* SECURITY UPDATE: remote code execution from a writable share
- debian/patches/CVE-2017-7494.patch: refuse to
2023 Jan 26
1
samba 4.13.17 ubuntu 20.04
We have the same issue with Samba 4.13.17.
For Ubuntu 20.04 with Samba 4.13.17 there seems to be only a workaround to solve the login problem:
Modifying the Local Security Policy -> Local Policies -> Security Options -> Network security:
"Configure encryption types allowed for Kerberos" Check only DES_CBC_CRC, DES_CBC_MD5 and RC4_HMAC_MD5.
?
This worked for us to login again.
?
2006 Mar 09
2
DO NOT REPLY [Bug 3594] New: --delete doesn't delete destination files that don't exist at the source
https://bugzilla.samba.org/show_bug.cgi?id=3594
Summary: --delete doesn't delete destination files that don't
exist at the source
Product: rsync
Version: 2.6.7
Platform: PPC
OS/Version: Mac OS X
Status: NEW
Severity: normal
Priority: P3
Component: core
AssignedTo:
2012 Aug 01
5
[Full-disclosure] nvidia linux binary driver priv escalation exploit
Hi all!
I found this today on FD:
http://seclists.org/fulldisclosure/2012/Aug/4
2023 Jan 26
1
samba 4.13.17 ubuntu 20.04
Hey Andre,?
Sure, we already on the latest Patch Level on Ubuntu with 2:4.13.17~dfsg-0ubuntu1.20.04.4 Installer, but the issue still exist.?
The only way to resolve the issue and to make a login possible again, was the workaround in my previous mail.?
The Windows clients are Windows 10 22H2 with all updates installed.
We also doesn't have any special settings in smb.conf.
If you have any
2010 Apr 06
3
Using OpenSSH with smart cards HOWTO
On Tue, 2010-04-06 at 15:52 +0300, Lars Nooden wrote:
> You might wish to focus on sftp instead of scp.
Okay, I will have a look.
I had some problems:
1) I would like to store smart card information
-o PKCS11Provider=/usr/lib/opensc-pkcs11.so
in /etc/ssh/ssh-config. Is it possible?
2) ssh-add -s does not seem to work.
Read:
2019 Nov 03
0
Recent inability to view long filenames stored with scp via samba mount
On 03/11/2019 11:37, Michael Lueck via samba wrote:
> Greetings Samba team,
>
> It has been a long time since I needed to ask a Samba technical question.
>
> Server and workstation are both running the latest Samba packages via
> Ubuntu 16.04 LTS. I recently applied the security updates... actually
> that was yesterday I applied them.
>
>
>> samba
2016 Dec 28
2
certificates keys on pkcs11 devices
Hi,
I have not found any way to use a Certificate with ssh-agent when my Key is
stored on a pkcs11 device. I can add my key with
ssh-add -s /usr/local/lib/opensc-pkcs11.so
but
ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub
does not add the certificate to my agent. As far as I undestand, in
ssh-add.c line 580
if (pkcs11provider != NULL) {
if (update_card(agent_fd,
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
Engine keys are keys whose file format is understood by a specific
engine rather than by openssl itself. Since these keys are file
based, the pkcs11 interface isn't appropriate for them because they
don't actually represent tokens. The current most useful engine for
openssh keys are the TPM engines, which allow all private keys to be
stored in a form only the TPM hardware can decode,
2007 Dec 03
1
Missing samba security update
Hi,
In November, upstream released RHSA-2007:1016-4 containing critical
samba updates for v4. I see the CentOS released packages and
announcement for ia64, but none for i386 or x86_64.
Were they overlooked? Am I not looking right?
Thanks!
Marc.
2019 Apr 18
0
Announce: OpenSSH 8.0 released
OpenSSH 8.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2011 Feb 17
1
PKCS11: selecting which key to use
Hello.
Just popping in (not subscribed, please CC) to ask if it's planned to
add "identity selection" when using a PKCS#11 provider.
To be more clear: I have a (working) reader+smartcard, handled by
PKCS11Provider /usr/lib/opensc-pkcs11.so
statement in config file.
Card is "formatted" w/ "pkcs15-init -C", and got a couple PINs, some
mail certs and some keypairs
2013 Mar 06
2
[Bug 2075] New: [PATCH] Enable key pair generation on a PCKS#11 device
https://bugzilla.mindrot.org/show_bug.cgi?id=2075
Bug ID: 2075
Summary: [PATCH] Enable key pair generation on a PCKS#11 device
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component:
2023 Mar 06
1
Feature request: a good way to supply short-lived certificates to openssh
Some systems like to have a CA supply short-lived certificates to ssh clients. The basic idea is that servers enable certificate authentication, clients authenticate to the CA out of band, and the CA issues client certificates that are valid for a short enough time that users don't want to manually drop them into ~/.ssh or otherwise think about them. There are a handful of commercial