> +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it
> +# so we do it unconditionally on sshd_enable.
Are you sure ssh requires a host key? I could have sworn this was
entirely related to sshd and could thus be lumped into the same
"if sshd_enable=YES" clause.
- Jordan
To
Kris Kennaway <[EMAIL PROTECTED]> writes:
> Does this patch fix the problems people are seeing? It also generates the
> hostkey if it doesnt exist.
>
> Oops, the NO_DESCRYPT line in the /etc/defaults/make.conf patch shouldn't
> be committed yet..I'm still testing that one.
> +# Generate SSH host
> Does this patch fix the problems people are seeing? It also generates the
> hostkey if it doesnt exist.
It works, but I'd prefer to see the launch of sshd in rc.network somewhere,
not in rc.
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to [EMAIL
Mark Murray <[EMAIL PROTECTED]> writes:
> > Does this patch fix the problems people are seeing? It also generates the
> > hostkey if it doesnt exist.
>
> It works, but I'd prefer to see the launch of sshd in rc.network somewhere,
> not in rc.
Since the start of sshd enables logins almost all st
yOn Sat, 26 Feb 2000, Jordan K. Hubbard wrote:
> > +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it
> > +# so we do it unconditionally on sshd_enable.
>
> Are you sure ssh requires a host key? I could have sworn this was
> entirely related to sshd and could thus be lumped
> > Are you sure ssh requires a host key? I could have sworn this was
> > entirely related to sshd and could thus be lumped into the same
> > "if sshd_enable=YES" clause.
>
> The code does not lie :-)
>
> >From ssh.c:
>
> /*
> * If we successfully made the connection, load the
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote:
> But this means that ssh must be setuid root. Some of us insist on *not*
> using rsa-rhosts authentication, and install ssh without any privileges.
>
> Looks to me like we need a couple of alternatives here.
If you want to tinker with the file permi
> If you want to tinker with the file permissions, can't you deal with the
> fact that the startup scripts will create a host key for you the first
> time you boot with it installed?
As long as there is an easy way of running ssh without any special privs,
I'm happy.
Steinar Haug, Nethelp consul
Kris Kennaway <[EMAIL PROTECTED]> writes:
> yOn Sat, 26 Feb 2000, Jordan K. Hubbard wrote:
>
> > > +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it
> > > +# so we do it unconditionally on sshd_enable.
> >
> > Are you sure ssh requires a host key? I could have sworn this
Hello Bill Paul,
After all the troubles I had trying to get several PCCards to workin
my Compaq Laptop (who all work 100% with Linux).
I went out and looked for the cheapest USB->Ethernet adapter I get
my hands on.
And what I hoped for, I works perfectly with 4.0-CURRENT!
No messing with ir
Hi all,
Quick question, how does the new ata driver handle bad blocks?
I've been tracking -current since around Nov 99 but haven't
seen this come up.
I have a drive which I know has some bad blocks. I install 3.2 (just
cause its laying around), use bad block scan in sysinstall everything's
fine
> Since the start of sshd enables logins almost all stuff from the rc
> files should have been run (mounting homedirs, raising securelevels
> etc.) before sshd is started.
OK- fair enough!
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to [EMAIL PR
In message <[EMAIL PROTECTED]>, kibbet writes:
>This message is in MIME format
>--_=XFMail.1.3.p0.FreeBSD:000227023903:2009=_
>Content-Type: text/plain; charset=us-ascii
>
>Hi all,
>
>Quick question, how does the new ata driver handle bad blocks?
>I've been tracking -current since around Nov 99 bu
Kris Kennaway <[EMAIL PROTECTED]> writes:
> On Fri, 25 Feb 2000, Ollivier Robert wrote:
>
> > I just saw that openssh (thanks Mark!) is using /etc/ for its configuration
> > file. As the author of the "--with-etcdir" option of SSH (back in '96) and
> > for the sake of consistency, I'd like to cr
On Sun, Feb 27, 2000 at 02:39:03AM +1030, kibbet wrote:
> Hi all,
>
> Quick question, how does the new ata driver handle bad blocks?
> I've been tracking -current since around Nov 99 but haven't
> seen this come up.
ad does not any longer support bad144 (IIRC). Soeren can tell you more.
--
Wil
Seeing that -current now supports USB network devices, I got a Linksys
100TX "dongle". Question is: what kind of speed is reasonable to
expect with this thing?
Some unsophisticated tests show that I get around 3.7 Mbit/sec under
FreeBSD, and about 5.5 Mbit/sec under Windogs98. This is on a Tos
On Sun, 27 Feb 2000, kibbet wrote:
> Hi all,
>
> Quick question, how does the new ata driver handle bad blocks?
> I've been tracking -current since around Nov 99 but haven't
> seen this come up.
As I recall, it doesn't. The reasoning is that modern IDE drives perform bad
block reassignment so
Running 4.0-2214-CURRENT doing a make world on a DEC Alpha 200 4/233 with a
cvsup from last night, I get:
--
===> libpam/modules/pam_cleartext_pass_ok
rm -f .depend
mkdep -f .depend -a
-I/usr/src/lib/libpam/modules/pam_cleartext_pass_ok/../../../../contrib/libpa
William Woods wrote:
> ===> libpam/modules/pam_ssh
> make: don't know how to make log-client.c. Stop
> *** Error code 2
> 1 error
> *** Error code 2
> 1 error
> *** Error code 2
> 1 error
> *** Error code 2
> 1 error
> *** Error code 2
> 1 error
> *** Error code 2
> 1 error
>
> --
Grr..cant say I like that idea, I would like to have them both...
On 26-Feb-00 Ben Smithurst wrote:
> William Woods wrote:
>
>> ===> libpam/modules/pam_ssh
>> make: don't know how to make log-client.c. Stop
>> *** Error code 2
>> 1 error
>> *** Error code 2
>> 1 error
>> *** Error code 2
>>
In article <[EMAIL PROTECTED]>, Bjoern Groenvall <[EMAIL PROTECTED]> wrote:
>
> While you are moving things around you might as well move
> /usr/sbin/sshd to /usr/libexec/sshd where it should have
> resided in the first place.
No, that would be contrary to the conventions documented in hier(4).
> No, that would be contrary to the conventions documented in hier(4).
> /usr/libexec is for things that are executed by other programs.
> Normal persistent daemons such as sshd belong in /usr/sbin. Take a
> look at the current contents of those two directories and you'll see
> the distinction.
Can we please stop cross-posting this? -current alone is a more than
adequate mailing list.
- Jordan
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
William Woods wrote:
> Grr..cant say I like that idea, I would like to have them both...
Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's
the one you need.
--
Ben Smithurst / [EMAIL PROTECTED] / PGP: 0x99392F7D
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "
>> Not with the port. I was installing Qt to /usr/local/qt, and the port
>> was putting the libs in a non-standard place where KDE couldn't find
>> them. :-C I built Qt 1.45 by hand, installed it, set QTDIR, and
>> everything compiled fine. I haven't done much testing on it yet (only
>> ran kd
/usr/share/man/man3/pam_close_session.3.gz ->
/usr/share/man/man3/pam_open_session.3.gz
ln: /usr/share/man/man3/pam_close_session.3.gz: No such file or directory
*** Error code 1
--
Hasan Diwan [[EMAIL PROTECTED]] :)
Rensselaer Polytechnic Institute
Computer Science Department
PGP signat
Sorry for (perhaps) stupid question but how can I get them if I'm using
CTM?
On Sat, 26 Feb 2000, Ben Smithurst wrote:
> William Woods wrote:
>
> > Grr..cant say I like that idea, I would like to have them both...
>
> Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's
On 26 Feb 2000, Bjoern Groenvall wrote:
> Right, the code does not lie (if ssh is setuid root). But, if the host
> key has not yet been created, then no host can have the public key and
> thus rsa-rhosts authentication won't work anyways. It is not required
> to run ssh-keygen to make ssh work, S
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote:
> > If you want to tinker with the file permissions, can't you deal with the
> > fact that the startup scripts will create a host key for you the first
> > time you boot with it installed?
>
> As long as there is an easy way of running ssh without any
This patch revive almost all login.conf and password/account expiration
features, makes OpenSSH more FreeBSD login compatible and fix non-critical
memory leak.
Please review and commit.
--- sshd.c.old Fri Feb 25 08:23:45 2000
+++ sshd.c Sun Feb 27 02:53:33 2000
@@ -37,9 +37,8 @@
#endif /*
On Sat, 26 Feb 2000, Ben Smithurst wrote:
> William Woods wrote:
>
> > Grr..cant say I like that idea, I would like to have them both...
>
> Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's
> the one you need.
You need:
src-crypto
src-secure
Are you still having t
This is something which has been requested a fair bit..it will disable the
building of the DES CRYPT libraries even if you have the crypto sources
installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with
the pitfalls of libdescrypt. It seems to work fine for me..if I hear any
oth
According to Bjoern Groenvall:
> While you are moving things around you might as well move
> /usr/sbin/sshd to /usr/libexec/sshd where it should have
> resided in the first place.
I disagree. sshd is like named or moused, a daemon running standalone and
not under inetd's control. Most of /usr/lib
Kris Kennaway wrote:
>
> This is something which has been requested a fair bit..it will disable the
> building of the DES CRYPT libraries even if you have the crypto sources
> installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with
> the pitfalls of libdescrypt. It seems to wor
On Sat, 26 Feb 2000, Doug Barton wrote:
> Meanwhile, it seems that to get all the new bits we have to have
> cvs-crypto in the cvsup file, yes? And if we do that currently (before
> your patch) we will end up installing DES, right?
Yes. The downside is that with the DES crypt library any
Mike,
On Fri, Feb 25, 2000 at 03:07:18PM -0500, Michael Lucas wrote:
> I've been offered a deal on a couple of HP servers. Does anyone have
> any experience with the HP Netserver LC3 7/550?
I have just installed a 0222 current on a HP Kayak XU800. This is
one of the latest models. I'm experienc
Hi again,
On 26-Feb-00 Kelly Yancey wrote:
> On Sun, 27 Feb 2000, kibbet wrote:
>
>> Hi all,
>>
>> Quick question, how does the new ata driver handle bad blocks?
>> I've been tracking -current since around Nov 99 but haven't
>> seen this come up.
>
> As I recall, it doesn't. The reasoning is t
I tried installing the linux-netscape-47-communicator port, during the download
it kept printing the download message and the % constantly.
And then when the download was finished (from ftp.netscape.com) it started over
again, deleting the file and downloading it anew from ftp.sunet.se (closer si
I have a somewhat old 486 box I'm using as a dual-homed host. It has two
SMC EtherEZ ISA cards in it, and works fine under 3.4-STABLE. The cards
are on irregular ports/IRQs/et al.
My problem is that in the kernel config, it is only possible to hard code
ed0's settings, but that ed1 is probed (
Oh ho,
I'll blame the lack of sleep, lack of coffee, the heat, a flat tyre...
something :)
Someone has pointed out that bad144 was taken outta the source tree ages ago
so I must have been using an old binary.
No comments required, I have flamed myself privately :)
Kent Ibbetson
[EMAIL PROTEC
On Sat, 26 Feb 2000, Kris Kennaway wrote:
> This is something which has been requested a fair bit..it will disable the
> building of the DES CRYPT libraries even if you have the crypto sources
> installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with
> the pitfalls of libdescry
On Sat, Feb 26, 2000 at 04:21:24PM -0800, Kris Kennaway wrote:
> This is something which has been requested a fair bit..it will disable the
> building of the DES CRYPT libraries even if you have the crypto sources
> installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with
> the p
On Fri, 25 Feb 2000, Will Andrews wrote:
> If you're gonna use a port, use ports for its dependencies too. You'd be
> stupid not to use the ports whenever you can. No one has ever provided
> me a convincing reason why this is not true.
Well when you want to keep multiple versions of kde or qt ar
On Sat, 26 Feb 2000, Alex Zepeda wrote:
> On Fri, 25 Feb 2000, Will Andrews wrote:
>
> > If you're gonna use a port, use ports for its dependencies too. You'd be
> > stupid not to use the ports whenever you can. No one has ever provided
> > me a convincing reason why this is not true.
>
> Well
I have been using cpp on my firewall to expand my local firewall rules and fill
in the local address and subnetmask. This makes things easier my ISP decides to
change my IP address using DHCP. My firewall is running an approximately one
year old version of current and I'm trying to upgrade it to
>From ray Sun Feb 27 01:34:25 2000
Return-Path:
Received: (from ray@localhost)
by rjk191.rh.psu.edu (8.9.3/8.9.3) id BAA00249
for freebsd-current; Sun, 27 Feb 2000 01:34:25 -0500 (EST)
(envelope-from ray)
Date: Sun, 27 Feb 2000 01:34:25 -0500 (EST)
From: Ray
Message-Id:
In general, ports questions should go to freebsd-ports and/or the port's
maintainer.
On Sun, 27 Feb 2000, Johan Mårtensson wrote:
> I tried installing the linux-netscape-47-communicator port, during the download
> it kept printing the download message and the % constantly.
This is because the s
On Sun, Feb 27, 2000 at 12:48:53AM -0500, Jim Bloom wrote:
> I have been using cpp on my firewall to expand my local firewall rules and fill
> in the local address and subnetmask. This makes things easier my ISP decides to
> change my IP address using DHCP. My firewall is running an approximatel
I have been hired to add UDF/DVD-R support to FreeBSD
I will be spending the next few weeks basically doing research
but would like to hear from anyone who is already working in these
areas.
This may impact un the following areas:
SCSI subsystem
ATA subsystem
Filesystems
Raw/Block(sic) device int
> This patch revive almost all login.conf and password/account expiration
> features, makes OpenSSH more FreeBSD login compatible and fix non-critical
> memory leak.
Cool! Thank you!
> Please review and commit.
Will do...
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To
50 matches
Mail list logo
