similar to: Non-shell accounts and scp/sftp

Displaying 20 results from an estimated 1000 matches similar to: "Non-shell accounts and scp/sftp"

2023 Dec 08
1
Non-shell accounts and scp/sftp
On 07/12/23, Philip Prindeville (philipp_subx at redfish-solutions.com) wrote: > We have a CLI that certain users get dropped into when they log in. One of the things they can go is generate certificates (actually .p12 key/certificate bundles) that they will then scp out of the box from another host. Off topic, and assuming the .p12 bundles need to be post-processed by clients for use by ssh,
2023 Dec 08
2
Non-shell accounts and scp/sftp
On Fri, 8 Dec 2023 at 07:39, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote: [...] > Problem is that if their default shell isn't sh, ash, dash, bash, zsh, etc. then things break. > Is there a workaround to allow scp/sftp to continue to work even for non-shell accounts? sftp should work regardless of the user's shell since it is invoked as a ssh subsystem
2009 Aug 11
3
SIP app for iPhone that works well with Asterisk?
Anyone have a chance to test any of the various iPhone SIP apps? I see there are a few out there, but most of the iTunes reviews aren't sufficiently technical to be useful. Thanks.
2007 Nov 09
4
Wanted: tutorial on troubleshooting SIP issues
For someone that's network-aware, but hasn't sat down and plowed through umpteen SIP-related RFC's and memorized the standards, is there a good primer on troubleshooting SIP issues? I'm seeing a lot of NOTIFY/603 messages on my network between Asterisk and my Sipura 942's, for instance... Not sure what these are... perhaps the qualify keepalives? In which case, I guess
2008 Jan 29
2
When does Asterisk "REFER"?
I was wondering under what conditions Asterisk will hand off a call to another switch. I'm trying to verify that my local PSTN's Coppercom switch operates correctly... and wanted to know how to get a call REFER'd to another end-point. Thanks, -Philip
2023 Apr 25
1
"Bad packet length 1231976033"
On Tue, 25 Apr 2023 at 03:36, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote: > > On Apr 10, 2023, at 7:24 AM, Darren Tucker <dtucker at dtucker.net> wrote: [...] > > Since you're using 9.1, the message could be an "Invalid free", since > > there was a double-free bug in that release :-( > > Forgot to ask: does this bug manifest
2008 Sep 27
3
Troubleshooting one-way voice... how to peek into SIP RTP?
I've got the following situation. I'm running Asterisk 1.4.18 on a firewall/gateway machine, with some SPA-942 (f/w 5.1.15(a)) phones behind it. I'm peering SIP with a Coppercom switch sitting behind an SBC. On outbound calls, I get 2-way voice, no worries. On inbound calls, I get one-way voice (I can hear the caller but they can't hear me). I've looked at tcpdumps of
2007 Nov 19
4
Help: How to configure SIP domain on SPA942
I'm using a bunch of SPA942's, and I'm trying to provision them mostly by DHCP (and what I can't set that way, I try to provision via HTTP interface into the phone). I changed the domain in my AstLinux config from "astlinux" to redfish-solutions.com, and set that in my sip.conf file as well: context=incoming
2017 Mar 12
2
USB card reader causing qemu-kvm SEGV's
Hi. I have a Supermicro 5018D-FN4T (Xeon D-1541 based SBC) that I use for virtualization. I?m running Centos 7.3 on it (updated), with the CentOS-QEMU-EV.repo repository as the source for virtualization packages. I run an Ubuntu 16.04-2 guest VM on it, which is ordinary enough. What?s perhaps less ordinary is that I?ve attached a Lexar Media, Inc. ?Lexar Professional Workflow CR1 CFast 2.0 USB
2023 Apr 24
1
"Bad packet length 1231976033"
> On Apr 10, 2023, at 7:24 AM, Darren Tucker <dtucker at dtucker.net> wrote: > > On Mon, 10 Apr 2023 at 07:07, Peter Stuge <peter at stuge.se> wrote: >> >> Brian Candler wrote: >>>> What's odd is that the length is *always* 1231976033 (which is >>>> 0x496E7661 or "Inva" in ASCII). > > One thing that can cause this is
2007 Oct 30
3
Asterisk 1.4 from RPM
I'm trying to build an Asterisk rpm from the supplied asterisk.spec file. Made numerous changes to get it to work. The architecture of the system I am building on is x86_64. I'd like to build for i686 though. I added a --target i686 to the rpmbuild line in the Makefile, but it looks like it's still requiring 64bit system libraries. When I try to install the rpm on the i686 machine, it
2010 Mar 10
35
[Bug 1733] New: Enhance support for QoS (ToS) by supporting DSCP/CS and adding option
https://bugzilla.mindrot.org/show_bug.cgi?id=1733 Summary: Enhance support for QoS (ToS) by supporting DSCP/CS and adding option Product: Portable OpenSSH Version: 5.4p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:
2011 Feb 09
6
[Bug 1856] New: Wrong QoS naming and obsolete defaults
https://bugzilla.mindrot.org/show_bug.cgi?id=1856 Summary: Wrong QoS naming and obsolete defaults Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org ReportedBy:
2010 May 22
4
US "Truth in caller id act"... and it's impact on services
For the 3rd consecutive term, the US Senate has introduced the "Truth in caller ID Act of 2009". It was passed by the Senate (finally) in January, and has moved to the House for a vote. A lot of states have ambiguous or overly restrictive language on how caller ID may be manipulated. For instance, if you have a PBX, and a call comes in from the PSTN, which you then loop back out
2020 Jun 16
2
client host certificates and receiving host configuration
I'm working on a small server written in Go to add short-lived user certificates to the forwarded agents of authorized users. https://github.com/rorycl/sshagentca This seems to work quite well for accessing sshd servers with the appropriately configured "TrustedUserCAKeys" directive. I have been in a debate about how similarly adding host certificates to forwarded agents could
2011 Dec 18
10
[Bug 1964] New: QoS/DSCP names false translated to ToS hex value
https://bugzilla.mindrot.org/show_bug.cgi?id=1964 Bug #: 1964 Summary: QoS/DSCP names false translated to ToS hex value Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: amd64 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh
2012 Jun 27
3
[Bug 795] New: RELATED doesn't accommodate multicast UDP solicitation resulting in unicast reply
http://bugzilla.netfilter.org/show_bug.cgi?id=795 Summary: RELATED doesn't accommodate multicast UDP solicitation resulting in unicast reply Product: netfilter/iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component:
2023 Apr 09
2
"Bad packet length 1231976033"
On 09/04/2023 02:20, Philip Prindeville wrote: > What's odd is that the length is*always* 1231976033 (which is 0x496E7661 or "Inva" in ASCII). Could you get a tcpdump when this happens? Then maybe more of the error can be captured. I grepped for Inva in the source code. There are lots of error messages which start with this which are sent with error() or fatal() or
2023 Apr 23
1
"Bad packet length 1231976033"
Sorry about taking so long to get back to you. The problem is sporadic and I've had other fires to put out first... Here's a PCAP of authentication failures: https://www.redfish-solutions.com/misc/kvm1.pcap > On Apr 9, 2023, at 1:21 AM, Brian Candler <b.candler at pobox.com> wrote: > > On 09/04/2023 02:20, Philip Prindeville wrote: >> What's odd is that the
2024 Mar 08
3
PrivateKeyCommand config idea
G'day, In our infrastructure we're trying to be more diligent about switching to sk keys (and/or certs backed by sk keys.) However, there are some services like Gerrit and Jenkins which are written in java and I guess they will never support sk keys, or at least, it seems like it won't happen any time soon. For such services, typical practices at the moment include putting