Displaying 20 results from an estimated 1000 matches similar to: "RT/Linux SCHED_RR/_FIXED to combat latency?"
2023 Aug 10
1
RT/Linux SCHED_RR/_FIXED to combat latency?
On Thu, 10 Aug 2023, Cedric Blancher wrote:
>We're experiencing rather very bad latency spikes on busy Linux
>systems, for example if one machine is the jumphost (ssh -J) for a few
>hundred connections, while at the same time handles CPU intensive
>tasks.
>
>Would RT/Linux SCHED_FIXED or SCHED_RR be of help in such a case, e.g.
Did you already check the old and tried method
2018 Jan 02
2
Legacy option for key length?
On 2 January 2018 at 17:08, Marc Haber <mh+openssh-unix-dev at zugschlus.de> wrote:
> On Tue, Jan 02, 2018 at 04:03:34PM +1030, David Newall wrote:
>> On 02/01/18 03:29, Michael Str?der wrote:
>> > How high is the risk that this unmaintained device is added to
>> > yet-another-bot-net in the Internet-of-shitty-devices or is used to
>> > enter parts of your
2014 Apr 23
3
hackers celebrate this day: openssh drops security! was: Re: heads up: tcpwrappers support going away
On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote:
> On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote:
>> A slightly better solution would be a PAM module that uses the same
>> syntax as libwrap. Possibly someone has already written such a module.
>
> Possibly, but only for platforms which use for PAM.
Pam is executed so late in the chain that any
2016 Feb 04
3
Evaluating a port to RTEMS (embedded OS with single address space and no processes)
Hello,
I am searching a SSH server for remote administration of an embedded
application running on RTEMS (https://www.rtems.org). This environment
has neither virtual memory nor user and kernel space. So this is like an
application running in kernel mode only.
Would it be possible to run (a very basic version of) OpenSSH in such an
environment using e.g. threads instead of forking new
2018 Jan 02
3
Legacy option for key length?
On Fri, 29 Dec 2017, Daniel Kahn Gillmor wrote:
> On Thu 2017-12-28 21:31:28 -0800, Dan Mahoney (Gushi) wrote:
> > Why not make minimum key length a tunable, just as the other options are?
>
> Because the goal of building secure software is to make it easy to
> answer the question "are you using it securely?"
This is a nice summation of our approach. It's the
2012 Jun 22
2
Custom CentOS DVD, isolinux.bin, and isohybrid...
I was given a custom CentOS 5.4 DVD, containing some Digium software for one of our customers. I need to turn this burned DVD into an image that can be written to a USB thumb drive. First, I ripped the DVD to an ISO image. That part works OK, my testing VM can load and run the custom kickstart script on the image. After totally frying my unetbootin install, I decided to try and use isohybrid
2024 Mar 08
1
Call for testing: OpenSSH 9.7
Hi,
/bin/sh can be very different....
Ubuntu 22.04:
:; ls -hal /bin/sh /bin/bash
-rwxr-xr-x 1 root root 1,4M Jan 6 2022 /bin/bash
lrwxrwxrwx 1 root root 4 Mar 23 2022 /bin/sh -> dash
OpenIndiana (old OpenSolaris reincarnation)
:; ls -hal /bin/sh /bin/bash
-r-xr-xr-x 1 root bin 1,4M Jan 25 09:42 /bin/bash
lrwxrwxrwx 1 root root 9 Apr 6 2021 /bin/sh -> i86/ksh93
On
2023 Nov 11
2
OpenSSH on Windows, ssh cannot |bind()| localport to port < 1023
Hi!
----
I'm doing some testing with the ssh client OpenSSH on Windows 10
(10.0-19045) but due to firewall restrictions I need to run my
experiments from a local port < 1024 (not negotiable).
I thought that this was no problem... but ssh |bind()| fails with
"address in use" (yes, I checked netstat, no one is there) for any
port < 1023.
Then I checked $ netstat # and $ netsh
2012 Oct 09
1
Asterisk 1.4.13 Now Available
The Asterisk Development Team has announced the release of libpri 1.4.13.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/libpri
The release of libpri 1.4.13 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
* --- Outgoing
2005 Sep 23
1
ChanSpy performance sub-optimal
I'm trying to get ChansSpy to work. It works, in the pass/fail sense, but it
is difficult to understand the various speakers. I can hear users on our end
just fine, but the other end sounds like their going through a vocoder, if I
can understand them at all. Otherwise it is just garbled. We are using the
following setup: all of our phones are SIP phones; for our outgoing calls we
make use of a
2018 Jan 02
3
Legacy option for key length?
On 02/01/18 03:29, Michael Str?der wrote:
> How high is the risk that this unmaintained device is added to
> yet-another-bot-net in the Internet-of-shitty-devices or is used to
> enter parts of your network.
I think that is what is called a straw-man argument.? If a device can be
compromised in the way you suggest, then I am sure it will be replaced,
but it will be replaced because it
2016 Sep 20
4
[PATCH] Allow scp to copy files that start with a Windows drive name.
On Windows, ?scp C:/foo/bar remotehost:? will attempt to connect to
a remote host ?C? and access file ?/foo/bar?. There is currently no
syntax or flag to allow copying files that start with a drive name.
This patch changes the behaviour (only on Cygwin) by considering
that a single letter followed by a colon is a Windows drive name
and thus an absolute path. This is also more consistent with the
2017 Dec 27
4
What is the ssh_config equivalent to this syntax involving multiple at signs
My company uses a certain product which forces me to use a jumphost / ssh proxy.
When connecting to a server I have to type "ssh myuser at technicaluser@targethost at jumphost" everytime. I tried to simplify this by editing my ssh_config and putting this into the file:
Host targethost
ProxyJump technicaluser at jumphost
These lines are recognized but don't work like intended
2015 Oct 16
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> if the intermediary machine (the "jumphost") is jumphost.example, and
> you are trying to reach bar.example.com (which is behind the firewall),
> you would do:
> ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com
We use jump host, but there are literally hundreds of hosts behind
2015 Oct 20
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
On Tue, Oct 20, 2015 at 01:31:46AM +0200, ?ngel Gonz?lez wrote:
> On 16/10/15 12:46, hubert depesz lubaczewski wrote:
> >On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> >>> if the intermediary machine (the "jumphost") is jumphost.example, and
> >>> you are trying to reach bar.example.com (which is behind the firewall),
>
2015 Oct 15
4
Is there any solution, or even work on, limiting which keys gets forwarded where?
Hi,
I'm in a situation where I'm using multiple SSH keys, each to connect to
different set of servers.
I can't load/unload keys on demand, as I usually am connected to at
least 2 of such sets.
But - some rogue "root", could get access to my agent-forwarding socket,
and in turn, get access to keys loaded to agent (not in terms of
obtaining the key, but being able to use it
2011 Feb 15
2
monitiring cpu usage via cgroup
Hi
I was asking about the fedora 14 kernel if it is good enough for cgroup
usage because
I am trying to set a cgroup under cpu subsytem ( /dev/cgroup/cpu/group1/
) that have /cpu.rt_runtime_us of 100000
while cpu.rt_period_us has a value of 1000000 i.e a ratio of 1/10 . still
when I run a task (endless loop) in that group
(cgexec -g cpu,cpuset:group1 ./test) it gets all the cpu core time
2023 May 26
1
command [argument ...] in ssh(1): a footgun
On Fri, 26 May 2023, Mingye Wang (Artoria2e5) wrote:
> ssh(1) currently affords an argument-passing functionality, but as the manpage
> states, all arguments are simply concatenated by space.
How else would it do that? The arguments are processed by the
shell first then passed as an array of NUL-terminated strings.
> The modest proposal is that we put a giant CAVEATS section in the
2014 Dec 03
4
vesamenu back to text before booting
On Tue, 2 Dec 2014, H. Peter Anvin wrote:
> This is the default unless the "quiet" option is set.
Hmm.
tglaser at luna:/srv/tftp $ fgrep -ri quiet .
Binary file ./hdt.c32 matches
Binary file ./ldlinux.c32 matches
Binary file ./vmlinuz matches
Binary file ./linux.c32 matches
Binary file ./debian-installer/jessie/amd64/linux matches
Binary file ./debian-installer/jessie/i386/linux
2020 Aug 03
6
Deprecation of scp protocol and improving sftp client
I conjecture that only few of the existing use cases rely on remote expansion.
In any case (no pun intended), IMHO it would be better to break a few of the current use cases but leave the majority functional - than kill scp for all.
Regards,
Uri
> On Aug 3, 2020, at 02:50, Jakub Jelen <jjelen at redhat.com> wrote:
>
> ?On Sat, 2020-08-01 at 00:17 +0000, Blumenthal, Uri - 0553