similar to: Publish PGP signed tarball without generated content?

I think we're going to check in the autoconf-generated files on the release branches instead. On Wed, 17 Apr 2024, Simon Josefsson wrote: > Hi > > What do you think about publishing PGP signed tarballs without the > generated files such as the ./configure script? > > What I'm looking for is for some private key holder of the OpenSSH > portable release key to run

On 2024/04/18 10:06, Damien Miller wrote: > I think we're going to check in the autoconf-generated files on the > release branches instead. That seems a sane approach. > On Wed, 17 Apr 2024, Simon Josefsson wrote: > > and then publish the resulting openssh-9.7p1-src.tar.gz and > > openssh-9.7p1-src.tar.gz.asc files, preferably using a version of git > > that

On Apr 18 08:50, Simon Josefsson wrote: > Damien Miller <djm at mindrot.org> writes: > > > I think we're going to check in the autoconf-generated files on the > > release branches instead. > > Ok that may also achieve the same goal of reproducible release tarballs > built from source code. > > With that approach, the tarball depends on which autoconf

Damien Miller <djm at mindrot.org> writes: > I think we're going to check in the autoconf-generated files on the > release branches instead. Ok that may also achieve the same goal of reproducible release tarballs built from source code. With that approach, the tarball depends on which autoconf version was used by the release manager, and perhaps other things from the

Jochen Bern <Jochen.Bern at binect.de> writes: > (And since you mention "port knocking", I'd like to repeat how fond I > am of upgrading that original concept to a single-packet > crypto-armored implementation like fwknop.) I am reluctantly considering to use some kind of port knocking mechanism on some machines, however I really don't want to carry around shared

Hi, the IETF drafts had to be removed from the Debian package recently because IETF RFCs/drafts are (per default) not conformant to the Debian Free Software Guidelines, see <URL:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390665>. It would be nice if Phil and Luca could dual-license the drafts under a DFSG-free license also ... most straight-forward would be libtheora's own

Thomas Calderon <calderon.thomas at gmail.com> writes: > Hi, > > There is no need to add new mechanism identifiers to use specific curves. > > This can be done already using the CKM_ECDSA mechanism parameters (see > CKA_ECDSA_PARAMS > in the standard). > Given that the underlying HW or SW tokens supports Ed25519 curves, then you > could leverage it even with

I have a two-column table as follows where age is in the 1st column and the number of individuals is in the 2nd. age;no 1;21 2;31 3;9 4;12 5;6 Can I use mean() and sd() to calculate the mean and standard deviation from this or do I have to manually multiplicate 21*1+31*2 etc. / N?

Hi, I have made a patch for enabling the use of ECDSA keys in the PKCS#11 support of ssh-agent which will be of interest to other users. I have tested it with P-256 keys. P-384 and P-521 should work out-of-the box. The code is ready for non-FIPS curves (named or explicit), but OpenSSH currently limits ECDSA to those 3 curves. At high level it works like the support for RSA, but because of

Hi! I’m running glmer (lme4) models with biodiversity data and I’m having trouble with understanding/finding information on how the offset() option is implemented. Explicitly, I’m wondering if the offset is only implemented on the dependent variable (as I think it is), or does it also affect independent variables in the model (was told this by a stat guy at our department)? My data is

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Aug 06, 2005 at 10:39:28AM +0000, samba-bounces@lists.samba.org wrote: > Your mail to 'samba' with the subject > > subscriber only, an opinion > > Is being held until the list moderator can review it for approval. > > The reason it is being held: > > Message has a suspicious header Most likely it

https://bugzilla.mindrot.org/show_bug.cgi?id=2319 Bug ID: 2319 Summary: [PATCH REVIEW] U2F authentication Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at

On 10/8/2015 4:49 AM, Simon Josefsson wrote: > Mathias Brossard <mathias at brossard.org> writes: > >> Hi, >> >> I have made a patch for enabling the use of ECDSA keys in the PKCS#11 >> support of ssh-agent which will be of interest to other users. > > Nice! What would it take to add support for Ed25519 too? Do we need to > allocate any new PKCS#11

All, Please excuse any ignorance in this e-mail as I am not a RH/CentOS/Fedora user and may blunder my way through the correct terminology for my request. I'm tasked with reconstructing the CentOS version of the GlibC library for testing with gethostbyname(). My mission is to show that we are not affected by the latest exploit for the product we are shipping targeted for RHEL and CentOS.

Simon Josefsson wrote in <87jzi1fg24.fsf at kaka.sjd.se>: |Jochen Bern <Jochen.Bern at binect.de> writes: |> (And since you mention "port knocking", I'd like to repeat how fond I |> am of upgrading that original concept to a single-packet |> crypto-armored implementation like fwknop.) | |I am reluctantly considering to use some kind of port knocking

Steffen Nurpmeso wrote in <20240704180538.iV4uex29 at steffen%sdaoden.eu>: |Simon Josefsson wrote in | <87jzi1fg24.fsf at kaka.sjd.se>: ||Jochen Bern <Jochen.Bern at binect.de> writes: ||> (And since you mention "port knocking", I'd like to repeat how fond I ||> am of upgrading that original concept to a single-packet ||> crypto-armored

I was just wondering if anyone knows what could be the problem with my exporting of plots. Below is the error messages I get when trying to export my plots (all error messages at the same time). I do get a file produced which works but I don't know why these messages appear. Doesn't matter if it is a pdf or a png or any other format I export to. Also, when exporting to png I get

I have never used PGP nor GnuPG, but I understand that it has more features beyond using say MD5 to verify my downloads. I noticed Wine has a .sign file (i.e. wine-0.9.40.tar.bz2.sign for wine-0.9.40.tar.bz2). I installed http://macgpg.sourceforge.net/ (which has an MD5 for download verification), and since I never used PGP/GnuPG, the instructions seem to just say to create a keypair, which I

Hi Damien, On Mar 5 11:24, Damien Miller wrote: > > Hi, > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. Tested on Cygwin 3.5.1. I have a testsuite failure in the dynamic-forward testcase. trace: will use ProxyCommand

On Wed, 6 Mar 2024, Corinna Vinschen wrote: > Hi Damien, > > On Mar 5 11:24, Damien Miller wrote: > > > > Hi, > > > > OpenSSH 9.7p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > > Tested on Cygwin 3.5.1. > > I have a testsuite failure in the