On Thursday, 14 July 2022 17:32:07 CEST Grant Taylor wrote:
> On 7/14/22 3:54 AM, J. Roeleveld wrote:
> > For security reasons, I do not want direct login to root under any
> > circumstances. This is disabled on all systems and will stay this way.
>
> +10 for security
>
> > Currently, to login as
On Thursday, 14 July 2022 17:30:28 CEST Grant Taylor wrote:
> On 7/14/22 12:35 AM, J. Roeleveld wrote:
> > Hi All,
>
> Hi,
>
> > I am looking for a way to login to a host and automatically change
> > to root using a password provided by an external program.
>
> Please clarify if you want to /req
On Fri, 15 Jul 2022 09:15:02 +0200, J. Roeleveld wrote:
> I prefer not to use SSH keys for this as they tend to exist for years
> in my experience. And one unnoticed leak can open up a lot of systems.
> This is why I use passwords. (passwords are long random strings that
> are changed regularly)
On Friday, 15 July 2022 09:29:14 CEST Neil Bothwick wrote:
> On Fri, 15 Jul 2022 09:15:02 +0200, J. Roeleveld wrote:
> > I prefer not to use SSH keys for this as they tend to exist for years
> > in my experience. And one unnoticed leak can open up a lot of systems.
> > This is why I use passwords.
On Thursday, 14 July 2022 23:22:46 CEST Steve Wilson wrote:
> On 14/07/2022 07:35, J. Roeleveld wrote:
> > Hi All,
> >
> > I am looking for a way to login to a host and automatically change to root
> > using a password provided by an external program.
> >
> > The root passwords are stored in a va
On Friday, 15 July 2022 10:13:12 CEST J. Roeleveld wrote:
> On Thursday, 14 July 2022 23:22:46 CEST Steve Wilson wrote:
> > On 14/07/2022 07:35, J. Roeleveld wrote:
> > > Hi All,
> > >
> > > I am looking for a way to login to a host and automatically change to
> > > root
> > > using a password pro
On Fri, 15 Jul 2022 09:53:44 +0200, J. Roeleveld wrote:
> > There's no reason you cannot change SSH keys as regularly, and good
> > reasons why you should. It's just that people don't bother to do it.
>
> I agree, but that is a tedious process.
>
> I have multiple machines I use as desktop dep
On Thu, Jul 14, 2022 at 4:53 PM Mark Knecht wrote:
>
>
>
>
> On Thu, Jul 14, 2022, 4:25 PM Wol wrote:
> >
> > On 14/07/2022 18:42, Mark Knecht wrote:
> > > If instead I'm in Linux with a Win10 VM running I can run the same
> > > software in the VM, and it will always see the external DSP when fir
On 7/15/22 1:07 AM, J. Roeleveld wrote:
What I am looking for is:
1) Lookup credentials from password vault (I can do this in
script-form, already doing this in limited form for ansible-scripts,
but this doesn't give me an interactive shell)
ACK You indicated you already had a solution for t
On 7/15/22 1:15 AM, J. Roeleveld wrote:
Yes.
Okay.
That simply means that SSH keys won't be used to authenticate to the
remote system.
How would it not prompt for a password.
There is a PAM module; pam_ssh_agent_auth, which can be used to enable
users to authenticate to sudo using SSH k
On 7/15/22 1:53 AM, J. Roeleveld wrote:
I agree, but that is a tedious process.
Yes, it can be. That's where some automation comes into play.
I have multiple machines I use as desktop depending on where I am. And
either I need to securely share the private keys between them or set
up differ
On 7/15/22 6:44 AM, Neil Bothwick wrote:
I don't share keys, each desktop/laptop has its own keys.
Not if they use their own keys. It should be simple to script
generating a new key, then SSHing to a list of machines and replacing
the old key with the new one in authorized_keys.
+1
Indee
On 7/14/22 3:22 PM, Steve Wilson wrote:
Have you looked at dev-tcltk/expect?
Expect has it's place.
Just be EXTREMELY careful when using it for anything security related.
Always check for what is expected before sending data. Don't assume
that something comes next and blindly send it (possi
On Fri, 15 Jul 2022 10:35:41 -0600, Grant Taylor wrote:
> > However, I will look at scripting regular replacements for SSH keys,
> > for my own peace of mind.
> /me loudly says "SSH /certificates/" from the top atop a pile of old
> servers in the server room.
I'll check that out, but it is al
It looks like www-client/google-chrome just added wayland and jack
audio to the dependancies. So now I have to have Pulse _and_ Jack?
--
Grant
On 7/15/22 1:12 PM, Neil Bothwick wrote:
I'll check that out, but it is also possible to set time limits on SSH
keys, and limit them to specific commands.
Please elaborate on the time limit capability of SSH /keys/. I wasn't
aware of that.
Is it hours of the day / days of the week they can
One of the side effects of using proprietary software : you can't
control with which flags it gets built.
With chromium-bin, there is a wayland USE flag, but nothing for jack.
On 7/15/22 15:28, Grant Edwards wrote:
It looks like www-client/google-chrome just added wayland and jack
audio to the
On Fri, Jul 15, 2022 at 12:28 PM Grant Edwards
wrote:
>
> It looks like www-client/google-chrome just added wayland and jack
> audio to the dependancies. So now I have to have Pulse _and_ Jack?
>
> --
> Grant
Is that truly a Chrome requirement, like the company Google wrote the
ebuild, or is
this
On 2022-07-15, Julien Roy wrote:
> One of the side effects of using proprietary software : you can't
> control with which flags it gets built.
Yep. I didn't used to have the chrome binary package installed, but
there are a couple things that I've never gotten to work in Chromium
(e.g. Webex).
>
On 2022-07-15, Mark Knecht wrote:
> On Fri, Jul 15, 2022 at 12:28 PM Grant Edwards
> wrote:
>>
>> It looks like www-client/google-chrome just added wayland and jack
>> audio to the dependancies. So now I have to have Pulse _and_ Jack?
> Is that truly a Chrome requirement, like the company Google
On Fri, 15 Jul 2022 19:28:07 - (UTC)
Grant Edwards wrote:
> It looks like www-client/google-chrome just added wayland and jack
> audio to the dependancies. So now I have to have Pulse _and_ Jack?
Pipewire will allow you to handle both in a pretty seamless way.
Though it does take a bit of c
On Fri, Jul 15, 2022 at 1:56 PM Grant Edwards
wrote:
>
> On 2022-07-15, Mark Knecht wrote:
> > On Fri, Jul 15, 2022 at 12:28 PM Grant Edwards <
grant.b.edwa...@gmail.com>
> > wrote:
> > I'm curious as the USB disconnect problem seems somehow to be
> > related to using Chrome on the host machine
On Fri, 15 Jul 2022 13:33:45 -0600, Grant Taylor wrote:
> > I'll check that out, but it is also possible to set time limits on SSH
> > keys, and limit them to specific commands.
>
> Please elaborate on the time limit capability of SSH /keys/. I wasn't
> aware of that.
>
> Is it hours of the
On 2022.07.14 18:51, Dex Conner wrote:
Hi all,
I use wayland and I need to screenshare on jitsi. It uses WebRTC to
screenshare. I don't have PipeWire and use just ALSA instead (running
apulse for firefox). Is there any way for me to screenshare without
installing PipeWire?
Thank you!
--
Dex
I
On 7/15/22 4:11 PM, Neil Bothwick wrote:
I've never used it before, mainly because I wasn't aware of its
existence until I re-read the ssh-keygen man page, but it seems to
be simple timestamps passed to valid-before/valid-after.
I'm not sure that's applicable to /keys/ verses /certificates/.
On Fri, 15 Jul 2022 22:33:49 -0600, Grant Taylor wrote:
> > I've never used it before, mainly because I wasn't aware of its
> > existence until I re-read the ssh-keygen man page, but it seems to
> > be simple timestamps passed to valid-before/valid-after.
>
> I'm not sure that's applicable to
26 matches
Mail list logo
