similar to: proxy_maybe and IPv6

Displaying 20 results from an estimated 4000 matches similar to: "proxy_maybe and IPv6"

2008 Dec 05
1
proxy and master user
Hi For some application we need a master user on our IMAP servers. We use dovecot 1.1.7 in proxy mode, with proxy_maybe (some mailboxes are on the proxy itself, others are on remote servers, also running dovecot). But the proxy removes the '*master' suffix from the username when using the master user to log in on the proxy. So the base name of the user with the master password are
2020 Oct 04
3
UpdateHostkeys now enabled by default
On Sun, Oct 04, 2020 at 10:50:32PM +1100, Damien Miller wrote: > On Sun, 4 Oct 2020, Matthieu Herrb wrote: > > > On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote: > > > On Sun, 4 Oct 2020, Damien Miller wrote: > > > > > > > No - I think you've stumbled on a corner case I hadn't anticipated. > > > > Does your configuration
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, Oct 04, 2020 at 09:24:12PM +1100, Damien Miller wrote: > On Sun, 4 Oct 2020, Damien Miller wrote: > > > No - I think you've stumbled on a corner case I hadn't anticipated. > > Does your configuration override CheckHostIP at all? No. > > > > What are the known_hosts entries for the hostname and IP? > > Also, do you use HashKnownHosts? or do
2013 Nov 27
1
proxy_maybe & director incompatibility
Hi Folks, I spent quite some time yesterday understanding how proxy works along with the director. I came to the conclusion that proxy_maybe and director cannot be used together, but this isn?t a true incompatibility so much as caused by the way things are handled and the order they are processed in. The way proxy_maybe works is that it is processed by the auth provider once it gets the
2007 Aug 10
1
xorg-announce@lists.freedesktop.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alan Coopersmith (2): Sun Bug 6504978: xman on Solaris x86 does not render correctly, nroff visible renamed: .cvsignore -> .gitignore Matthieu Herrb (1): Bump version for release git tag: xman-1.0.3 http://xorg.freedesktop.org/archive/individual/app/xman-1.0.3.tar.bz2 MD5: 3d3a4b310a65ccce82472ef83acbbf97 xman-1.0.3.tar.bz2
2008 Nov 19
2
CRAM-MD5 and proxy_maybe
When using proxy_maybe CRAM-MD5 authentication fails when the connection is proxied. Is this expected behavior? Is proxy_maybe too simplified for this case? We're using SQL so I could rewrite the query with IFs to fake proxy_maybe and return the password as NULL and nologin as Y, but if it works that way couldn't it work with proxy_maybe? This works: password_query = \ SELECT NULL AS
2013 Feb 19
3
Dovecot 2.2. proxy_maybe and twice SSL connections
Hello. 1. I have two identically hosts 2. I have set up replication between two hosts 3. I have 'Y' AS proxy_maybe in password_query. 4. password_query returns one of this one hosts 5. I set this parameters in dovecot config: disable_plaintext_auth = yes ssl = yes auth_mechanisms = plain login for enforce use encrypted connections by client programs.
2020 Oct 04
2
UpdateHostkeys now enabled by default
On Sun, 4 Oct 2020, Matthieu Herrb wrote: > Hi, > > on OpenBSD-current I now get this when connecting to an existing > machine for which I have both ecdsa an ed25519 keys in my existing > known_hosts (but apparently ed25519 keys where added only for the name > previsously by ssh): > > Warning: the ED25519 host key for 'freedom' differs from the key for > the
2011 Dec 29
1
Trouble with proxy_maybe and auth_default_realm
Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the user does include the domain name in the login. (IP's and
2010 Feb 01
1
proxy_maybe regex
Does anyone know if dovecot support regex lookups for proxy/proxy_maybe, rather than mysql/ldap etc? I've been comparing it with perdition to see which one might be better for us to do layer7 username switching. Perdition supports the ability to not have any auth/db looks, but rather just a regex file that parses the usernames as they come in and forwards to the particular machine on the
2020 Jan 11
2
interoperability issue with agent and ecdsa-sk keys
Hi, It seems that some versions of ssh-agent get confused by ECDSA-SK keys. >From my OpenBSD-current laptop, I'm trying to do remote system adminstration on a machine running Debian 8 with the stock ssh package (OpenSSH_6.7p1 Debian-5+deb8u8, OpenSSL 1.0.2l 25 May 2017). I need access to a remote gitlab server to fetch files with git, using an ED25519 key in my ssh-agent. Once connected
2011 Mar 25
1
Ignored proxy_maybe var and no local login when "host = Proxy FQDN"
Hi help is preciated, PROBLEM The dovecot-ldap.conf of "proxy server A" is working when the "host" attribute is the FQDN of other server: pass_attrs = uid=user,userPassword={SSHA}password,\ =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert pass_filter = (&(objectClass=posixAccount)(uid=%u)) CASES When the "host" attribute is the
2006 May 18
1
Building 1.0beta8 on Solaris
The following patch is needed on Solaris, because <sys/stat.h> has a specific macro definition for struct stat. Without this patch the prototype for nfs_safe_stat() changes between the inclusion of nfs-workarounds.h and the definition of the function. -- Matthieu Herrb -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot_lib_nfs-workarounds_c.diff
2000 Aug 28
1
ANNOUNCE: x11-ssh-askpass v1.0.1
x11-ssh-askpass version 1.0.1 is now available from the following locations: http://www.jmknoble.cx/software/x11-ssh-askpass/ http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ x11-ssh-askpass is a passphrase dialog for use with OpenSSH (www.openssh.com) under the X Window System. The important changes since version 1.0 are as follows: - Bugfixes: - If the keyboard or
2018 Feb 23
6
RFC 8305 Happy Eyeballs in OpenSSH
Hello, I use hosts that are dual stack configured (IPv4 and IPv6) and it happens that connectivity through one or the other is broken and timeouts. In these case connection to the SSH server can take quite some time as ssh waits for the first address to timeout before trying the next. So I gave a stab at implementing RFC 8305. This patch implements part of it in sshconnect.c. * It does not do
2020 Oct 03
6
UpdateHostkeys now enabled by default
Hi, I just fixed a couple of corner-cases relating to UpdateHostkeys in git HEAD and have enabled the option by default. IMO this protocol extension is important because it allows ssh clients to automatically migrate to the best available signature algorithms available on the server and supports our goal of deprecating RSA/SHA1 in the future. We would really appreciate your feedback on this
2018 Feb 25
2
RFC 8305 Happy Eyeballs in OpenSSH
Has anyone checked to make sure that this won't upset sshguard? [1] Offhand, it looks like it will [2][3]. [1] https://www.sshguard.net/ [2] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9 [3]
2015 Nov 04
0
ldap and proxy/proxy_maybe
Hello, ???I am trying to setup dovecot director and am receiving a lot of "Aborted login (proxy dest auth failed)" and "error proxying loops to itself" messages in the dovecot log. I don't fully understand the dovecot-ldap.conf file config? could someone please let me know if the following is correct. If so what could be causing the errors mentioned above, if not what
2016 Dec 15
0
[ANNOUNCE] libXpm 3.5.12
Jörg Sonnenberger (1): Fix abs() usage. Matthieu Herrb (1): libXpm 3.5.12 Tobias Stoeckmann (4): Fix out out boundary read on unknown colors Gracefully handle EOF while parsing files. Avoid OOB write when handling malicious XPM files. Handle size_t in file/buffer length git tag: libXpm-3.5.12
2018 Oct 10
0
[ANNOUNCE] libSM 1.2.3
Alan Coopersmith (1): Stop compiling empty sm_auth.c stub Emil Velikov (1): autogen.sh: use quoted string variables Fab (1): Fix callbacks signatures in libSM documentation Jon TURNEY (1): Include unistd.h for getpid() Matthieu Herrb (3): Fix uuid_to_string(3) type Get rid of strcpy() in the HAVE_UUID_CREATE case libSM 1.2.3 Mihail Konev (1):