Hello, I'm checking out the changes coming along openbsd 7.6, and
I'm having trouble with openssh's "Invalid-User" Match.
Add a new sshd_config(5) "invalid-user" Match predicate that allows
matching on invalid usernames, e.g. to allow penalisation of
account/password guessers.
Now i might very
On 2024-09-11, WATANABE Takeo wrote:
> on Tue, 10 Sep 2024 20:22:40 +0200
> Mike Fischer wrote:
>
>> The easiest way to test whether pf(4) is interfering with your YubiKey is to
>> temporarily turn off pf(4) (`doas pfctl -d`) and test. If the problem
>> persists then pf(4) is not the cause.
>>
on Tue, 10 Sep 2024 20:22:40 +0200
Mike Fischer wrote:
> The easiest way to test whether pf(4) is interfering with your YubiKey is to
> temporarily turn off pf(4) (`doas pfctl -d`) and test. If the problem
> persists then pf(4) is not the cause.
> Turn pf(4) back on again after your test (`doa
The easiest way to test whether pf(4) is interfering with your YubiKey is to
temporarily turn off pf(4) (`doas pfctl -d`) and test. If the problem persists
then pf(4) is not the cause.
Turn pf(4) back on again after your test (`doas pfctl -e` or `doas reboot`).
Note: Turning off pf(4) should cau
on Tue, 10 Sep 2024 16:08:07 +0200
"Peter N. M. Hansteen" wrote:
> On Tue, Sep 10, 2024 at 08:32:05PM +0900, WATANABE Takeo wrote:
>> I found out that I can log in with normal public key
>> cryptography authentication (ed25519) in the same pf.conf environment,
>> and that I can log in with ed255
On Tue, Sep 10, 2024 at 08:32:05PM +0900, WATANABE Takeo wrote:
> I found out that I can log in with normal public key
> cryptography authentication (ed25519) in the same pf.conf environment,
> and that I can log in with ed25519-sk key authentication if I stop pf.
>
> It occurred to me again that
have noticed that one problem has arisen.
> I used to use ‘Yubikey(FIFO2)’ to log in via SSH,
> but now I can't log in.
>
> Starting with OpenSSH 8.2,
> hardware authentication using U2F/FIDO2 devices is supported.
> We have been using one of these devices, the ‘Yubikey’,
>
can't log in.
Starting with OpenSSH 8.2,
hardware authentication using U2F/FIDO2 devices is supported.
We have been using one of these devices, the ‘Yubikey’,
for key authentication using ed25519-sk.
I found out that I can log in with normal public key
cryptography authentication (ed25519) i
e are two same update manuals for OpenSSH 9.5 and 9.6[1].
> Link to the tarball and the second shell command should be updated.
>
> Cheers,
> Alex
>
> [1] https://www.openssh.com/openbsd.html
>
Hey,
It seems there are two same update manuals for OpenSSH 9.5 and 9.6[1].
Link to the tarball and the second shell command should be updated.
Cheers,
Alex
[1] https://www.openssh.com/openbsd.html
On 2023-08-29, myml...@gmx.com wrote:
> My question is there any recent documentation / information on setting
> up an openssh server with non-hardware based two factor authentication?
> This does NOT have to be google authenticator, any similar service will
> suffice.
if an ssh
On 2023-08-29, Daniel Jakots wrote:
> You can also want to look at sysutils/login_oath (which I've been using
> for years), but maybe for new setups, the login_totp from base makes
> more sense.
you might be thinking of login_yubikey which is in base, but it has no
way to sync the counter between
On Tue, 29 Aug 2023 13:18:53 -0400, Dave Voutila wrote:
> > You can also want to look at sysutils/login_oath (which I've been
> > using for years), but maybe for new setups, the login_totp from
> > base makes more sense.
> >
>
> login_totp is in base?
Wow, I was sure https://github.com/reyk/l
Daniel Jakots writes:
> On Tue, 29 Aug 2023 10:07:18 -0500, "myml...@gmx.com"
> wrote:
>
>> Hi All,
>>
>> I want to secure an openssh server with two factor authentication and
>> have seen the hardware token methods, most recently i've been se
On Tue, 29 Aug 2023 10:07:18 -0500, "myml...@gmx.com"
wrote:
> Hi All,
>
> I want to secure an openssh server with two factor authentication and
> have seen the hardware token methods, most recently i've been seeing
> yubi/FIDO methods.
>
> Ideally I would
Hi All,
I want to secure an openssh server with two factor authentication and
have seen the hardware token methods, most recently i've been seeing
yubi/FIDO methods.
Ideally I would like to avoid having to depend on a usb size device that
could easily be lost.
I looked around and found me
Since the project is based in Canada I don't know if anyone on this list
would have an ECCN. Unless there's someone on this list from one of the US
companies that exports OpenSSH.
On Fri, Mar 11, 2022 at 12:38 PM wrote:
> Hello,
>
> Our company is exporting a computer with O
Hello,
Our company is exporting a computer with OpenSSH 8.8 software installed.
We would like to confirm the ECCN of this software. Would you please reply
with US ECCN?
Regards,
[Icon Description automatically generated]
Marella Abraham
Import/Export Compliance Analyst
Email
For sure I mean OpenSSH 8.7, so it should be
# tar zxvf .../openssh-8.7.tar.gz
Cheers,
Alex
On Tue, Aug 24, 2021 at 10:29 PM Alex Naumov
wrote:
> Hello,
> update instructions for OpenSSH 6.7 has this line:
>
> # tar zxvf .../openssh-8.6.tar.gz
>
> It should be 6.7
>
> Cheers,
> Alex
>
>
Hello,
update instructions for OpenSSH 6.7 has this line:
# tar zxvf .../openssh-8.6.tar.gz
It should be 6.7
Cheers,
Alex
ling lists.
Christopher Johns wrote:
> Good Evening,
>
> Recently it has been brought to my attention that we may have several Linux
> hosts that may have the same problem ssh-rsa key pairs.
>
> Is it possible if I use a server template to create Linux servers, for
> OpenS
Good Evening,
Recently it has been brought to my attention that we may have several Linux
hosts that may have the same problem ssh-rsa key pairs.
Is it possible if I use a server template to create Linux servers, for
OpenSSH to create the same host keys in /etc/ssh for the servers created by
my
Good Evening,
Recently it has been brought to my attention that we may have several Linux
hosts that may have the same problem ssh-rsa key pairs.
Is it possible if I use a server template to create Linux servers, for
OpenSSH to create the same host keys in /etc/ssh for the servers created by
my
Hello,
The date of OpenSSH 8.5 release on https://www.openssh.com/openbsd.html
page is wrong.
2020 => 2021
Cheers,
Alex
t;
>> but googling for keys: +openbsd +nitrokey
>>
>> does not indicate anything interesting except a few of my own questions on
>> the Nitrokey support forum.
>
> I had to look up "Nitrokey" to verify that it was what I thought it was, but
> that had m
r suggestion,
>>
>> but googling for keys: +openbsd +nitrokey
>>
>> does not indicate anything interesting except a few of my own questions on
>> the Nitrokey support forum.
>
> I had to look up "Nitrokey" to verify that it was what I thought it was, but
&
itrokey" to verify that it was what I thought it was, but
that had me
do a quick search for "OpenSSH FIDO support", which turned up among other
things this
article: https://undeadly.org/cgi?action=article;sid=20191115064850 as well as
a number
of blog posts and HOWTO-ish pieces that
Hello,
there is one broken link on the openssh/legacy.html page:
OSSH -> ftp://ftp.pdc.kth.se/pub/krypto/ossh/
Cheers,
Alex
gin dcorbe ldap
Password:
...
authorize
And so is ypbind:
aagico-postgres-nextcloud# getent group | grep dcorbe
_dcorbe:*:2001:dcorbe
aagico-postgres-nextcloud# getent passwd | grep dcorbe
dcorbe:*:2001:2001:Daniel Corbe:/home/dcorbe:/bin/sh
What do I need to change about OpenSSH to get this working?
or RFC-4193 ULA IPv6 address.)
- Is your OpenSSH server behind a router? Is that configured correctly?
- Is your ISP (for the phone or your home computer) perhaps blocking
ports? Try editing /etc/ssh/sshd_config and change the port to
something high, maybe 2?
--
Stuart Longland (aka Redhat
On Sun, Dec 01, 2019 at 07:13:18PM +0530, putridsou...@gmail.com wrote:
> I am not able to ssh into my home computer connected to
> router, the client device (termux on android) is on a
> mobile network. Is there something I am supposed to
> know?. Because I can ssh into my computer easily when
>
I am not able to ssh into my home computer connected to
router, the client device (termux on android) is on a
mobile network. Is there something I am supposed to
know?. Because I can ssh into my computer easily when
when both devices are on the same router network.
Hello,
it seems like a typo in OpenSSH version number.
Cheers,
Alex
Index: openbsd.html
===
RCS file: /cvs/www/openssh/openbsd.html,v
retrieving revision 1.127
diff -u -p -r1.127 openbsd.html
--- openbsd.html9 Oct 2019 02
Hi,
it seems like a typo in OpenSSH version number: in 7.3 part info about
patch for 7.2.
Cheers,
Alex
Index: openbsd.html
===
RCS file: /cvs/www/openssh/openbsd.html,v
retrieving revision 1.127
diff -u -p -r1.127 openbsd.html
On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/
>
> ESET researchers discovered a set of previously undocumented Linux malware
> families based on OpenSSH. In the white paper, “The Dark Side of th
On Thu, Dec 13, 2018 at 10:02:45AM +0100, Otto Moerbeek wrote:
> On Thu, Dec 13, 2018 at 09:50:31AM +0100, Florian Obser wrote:
>
> > On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> > > Any creative hints to defend against these kind of threats?
> >
> > Your system has been compr
On Thu, Dec 13, 2018 at 09:50:31AM +0100, Florian Obser wrote:
> On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> > Any creative hints to defend against these kind of threats?
>
> Your system has been compromised. The attacker is able to replace
> binaries, you have lost. If your
On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote:
> Any creative hints to defend against these kind of threats?
Your system has been compromised. The attacker is able to replace
binaries, you have lost. If your package manager can still tell you
that the sshd binary has been replaced
"Kollar Arpad" wrote:
> Hello,
>
> How about blacklisting some often used passwords? ex.:
> https://github.com/eset/malware-ioc/tree/master/sshdoor (either used by
> humans often or by backdoors)
>
> When will "passwd" have option to give/generate passwords from 4 random
> english words from
Hello,
just a FYI, maybe you havent seent the study:
https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/
ESET researchers discovered a set of previously undocumented Linux malware
families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”,
they release
Thanks - I just committed a fix (having missed that Otto already
included a patch beyond the bottom of my xterm -- sorry)
On Thu, 5 Apr 2018, Otto Moerbeek wrote:
> On Thu, Apr 05, 2018 at 01:51:51PM +0200, Renaud Allard wrote:
>
> > Hello,
> >
> > The man page for
On Thu, Apr 05, 2018 at 01:51:51PM +0200, Renaud Allard wrote:
> Hello,
>
> The man page for openssh 7.7 for Ciphers specifications mentions:
>
> The default is:
> chacha20-poly1...@openssh.com,
> aes128-ctr,aes192-ctr,aes256-ctr,
> aes128-...@openssh.com,aes256-...@o
Hello,
The man page for openssh 7.7 for Ciphers specifications mentions:
The default is:
chacha20-poly1...@openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-...@openssh.com,aes256-...@openssh.com,
aes128-cbc,aes192-cbc,aes256-cbc
However, ssh doesn't use the last line in that list:
On 7 September 2017 at 16:35, Heiko wrote:
> Hello,
>
> ./config for Portable OpenSSH 7.5p1 with LibreSSL 2.6.1 fails on Debian
> Linux:
As per https://www.openssh.com/report.html this query would be better
directed to the portable list openssh-unix-...@mindrot.org. Please
send a
Hello,
./config for Portable OpenSSH 7.5p1 with LibreSSL 2.6.1 fails on Debian
Linux:
checking OpenSSL header version... not found
configure: error: OpenSSL version header not found.
$ openssl version
LibreSSL 2.6.1
I did it with this options:
./configure --without-openssl
If a client (openssh, putty) insists on nistp521 as openssh offers in
the debug dialogue then the connection fails or falls back to nistp256.
If you create a nistp521 host key and add it to sshd_config then
nistp521 is used successfully.
Not sure if nistp256 could use a nistp521 key or if this
Hi,
there seems to be a version info discrepancy
in the OpenBSD 6.1 ANNOUNCEMENT.
It states OpenSSH 7.4 and LibreSSL 2.5.3.
However, in 6.1(/amd64) release fresh install, i have
OpenSSH 7.5 and LibreSSL 2.5.2:
$ ssh -V; openssl version
OpenSSH_7.5, LibreSSL 2.5.2
LibreSSL 2.5.2
If it is
On 3/20/17, Darren Tucker :
> On Sun, Mar 19, 2017 at 11:47 PM, Lars Noodén wrote:
>> Looking at a recent snapshot, see dmesg at the bottom, I have two
>> questions about OpenSSH logging.
>>
>> 1) The entry in sshd_config(5) for MaxAuthTries states the fol
Sorry. That previous message got mangled.
> $ ssh-add -l
> The agent has no identities.
On the server it looks like it says the client is asking for
'keyboard-interactive' first of all things:
> debug1: userauth-request for user fred service ssh-connection method
> none [preauth]
> debug1: atte
>> 2) The client gets disconnected before MaxAuthTries is reached. If I
>> have it set to 6, I get 5 only tries:
>
> Your log level isn't high enough to see it, but I suspect you have a
> failed pubkey attempt before the password attempts. You should be
> able to see it if you add "-vvv" to the c
On Sun, Mar 19, 2017 at 11:47 PM, Lars Noodén wrote:
> Looking at a recent snapshot, see dmesg at the bottom, I have two
> questions about OpenSSH logging.
>
> 1) The entry in sshd_config(5) for MaxAuthTries states the following
> about log entries:
>
> ..
Looking at a recent snapshot, see dmesg at the bottom, I have two
questions about OpenSSH logging.
1) The entry in sshd_config(5) for MaxAuthTries states the following
about log entries:
... Once the number of failures reaches half this
value, additional failures are
The point was to use ps on the *server* not on the client.
So I was thinking you should use ps *on that server* to
see if you could see signs of another connection attempt reaching it
and then for some reason failing to give you an interactive shell.
Ah ok. Yes I totally misunderstood you- I
On Sun, Aug 2, 2015 at 7:02 AM, Quartz wrote:
> I know how ps works :)
Ok, good, then the problem lies elsewhere...
> On OSX, an outbound ssh connection spawns a single 'ssh' process, which is a
> child of bash. bash is a child of login. login is a child of Terminal.
Perhaps here.
The point wa
Exactly. Probably ps -l (or maybe install and use pstree). Do you get
new processes with sshd as a parent?
I never get that. When ssh-ing into another machine I just get a single ssh
process that's a direct child of the bash for that tty, there's never an
sshd anywhere.
When you use ps -l you
On Sat, Aug 1, 2015 at 6:53 PM, Quartz wrote:
>> Exactly. Probably ps -l (or maybe install and use pstree). Do you get
>> new processes with sshd as a parent?
>
> I never get that. When ssh-ing into another machine I just get a single ssh
> process that's a direct child of the bash for that tty,
good day:
"ssh user@server" = works just like it should
What about "ssh -v user@server" on a good day?
That works exactly as expected. ssh-ing in right now
And more specifically, if
you run ssh -v on both a good day and a bad day, what does diff between
the two outputs show?
IIRC, not muc
Thus said Quartz on Sat, 01 Aug 2015 19:00:56 -0400:
> good day:
> "ssh user@server" = works just like it should
What about "ssh -v user@server" on a good day? And more specifically, if
you run ssh -v on both a good day and a bad day, what does diff between
the two outputs show?
Andy
--
TAI64
If you are only creating one ssh connection, does "good day" mean you
have succeeded just once?
No, I mean that I can ssh in without having to pass -v on the command
line. In other words, it works the way it normally should.
More specifically:
good day:
"ssh user@server" = works just like it
ktrace and tcpdump.
I should have mentioned that the laptop is using OpenSSH but it's OSX
not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
so I'll have to look into how to get that set up.
As for tcpdump, I'm not sure what I'd be looking fo
That's a good question, I'm not actually sure if I've ever opened two
connections to it at once. For better or worse today is a "good" day so I'll
have to wait to test this.
If you are only creating one ssh connection, does "good day" mean you
have succeeded just once?
No, I mean that I can ss
Quartz wrote:
> > ktrace and tcpdump.
>
> I should have mentioned that the laptop is using OpenSSH but it's OSX
> not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
> so I'll have to look into how to get that set up.
>
> As for tcpdump
On Sat, Aug 1, 2015 at 10:58 AM, Quartz wrote:
> That's a good question, I'm not actually sure if I've ever opened two
> connections to it at once. For better or worse today is a "good" day so I'll
> have to wait to test this.
If you are only creating one ssh connection, does "good day" mean you
ktrace and tcpdump.
I should have mentioned that the laptop is using OpenSSH but it's OSX
not OpenBSD. ktrace was replaced with I think dtrace on OSX a while ago,
so I'll have to look into how to get that set up.
As for tcpdump, I'm not sure what I'd be looking fo
If you have one connection established to that server which is
functioning (perhaps with -v on the client ssh) can you get the
problem to occur with a second connection to that server?
That's a good question, I'm not actually sure if I've ever opened two
connections to it at once. For better or
Quartz wrote:
> Searching the web for info is worthless because the first thing
> everybody tells you to do when debugging a connection issue is enable
> verbose, which obviously doesn't help me here. Likewise, I can't even
> confirm if anyone else has even experienced this sort of failure befor
If you have one connection established to that server which is
functioning (perhaps with -v on the client ssh) can you get the
problem to occur with a second connection to that server?
If so, can you take a look at whether you are getting any fresh
processes from your second connection attempts wh
I'm not sure if this is the right place to ask about this, but I can't
seem to find an ssh-specific mailing list or web forum anywhere.
I have a bog standard setup between a laptop and a local university that
uses a bog standard id_rsa key for password-less access; to the best of
my knowledge
t; >more knowledgeable will respond:
> > >
> >
>https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authe
ntication-brute-force-vulnerability-maxauthtries-bypass/
> >
> > It is a real issue. Your servers might not see the issue depending
> > on
There's one obvious thing I totally forgot to mention, but the initial spin
put on this issue is *all wrong*.
Calling that an "OpenSSH bug" is, pure and simple, slander.
If anything, it is a PAM bug.
Or you can say it's a system integration bug on FreeBSD.
Calling that
Em 24-07-2015 14:27, Kevin Chadwick escreveu:
> The guidance is to use pubkey or long passwords in which case you
> should either have no problem or notice the cpu cycles if your an admin
> worth any salt.
There are tons of info regarding OpenSSH best practices. The link bellow
[1] is on
On Thu, 23 Jul 2015 18:12:28 -0400
Garance A Drosehn wrote:
> > to write software defensively if you want PAM to not fuck you over.
>
> It happens that I'm setting up some new (to me) RHEL 7 systems right
> now,
> and way too much time has been spent fighting with PAM (and I'm not done
> yet).
Em 23-07-2015 18:10, Ted Unangst escreveu:
> Come on. Calling it an oversight is not condescending. I think it's perfectly
> reasonable to say it was an oversight. He did't say it was the hole of the
> century. There's no need to be so defensive.
Yep. Others also told me this off list. I already so
On 23 Jul 2015, at 17:38, Marc Espie wrote:
Not surprisingly, as the patch clearly shows, the problem is right
smack
in the middle of USE_PAM code.
I wouldn't call that an OpenSSH bug. I would call it a systemic design
flaw
in PAM. As usual. LOTS of security holes in authentication sy
On Thu, Jul 23, 2015 at 12:29:37PM -0400, Garance A Drosehn wrote:
> On 23 Jul 2015, at 10:06, Emilio Perea wrote:
>
> >To me it looks like a mistimed April Fools' joke, but hope somebody more
> >knowledgeable will respond:
> >
> >https://kingcope.wordpr
Given that the last (and first) remote exploit against openssh *was* in the
last century, IIRC, he could still be correct to call it the hole of the
century... :)
Heh.
(apologies for the previous blank email :( )
't see this issue due to the way sshd is configured
> > > on their systems.
> >
> > You were condescending, admit it. Quoting you:
> >
> > "I'm also told that there is a patch for the oversight in OpenSSH's code"
> >
> > There was no oversi
.
>
> You were condescending, admit it. Quoting you:
>
> "I'm also told that there is a patch for the oversight in OpenSSH's code"
>
> There was no oversight. There were people using the OpenSSH code in
> unintended ways. The OpenSSH portable is only
.
You were condescending, admit it. Quoting you:
"I'm also told that there is a patch for the oversight in OpenSSH's code"
There was no oversight. There were people using the OpenSSH code in
unintended ways. The OpenSSH portable is only provided by the OpenSSH
project because
On 23 Jul 2015, at 13:33, Theo de Raadt wrote:
>
>> My freebsd boxes do *not* have the problem, but that's because I have
>> set 'ChallengeResponseAuthentication no'.
>> I don't even remember why I set that on my freebsd boxes. I change very
>> few settings, but for some reason I decided to change
On 23 July 2015 at 09:15, Giancarlo Razzolini wrote:
> Em 23-07-2015 11:16, Peter N. M. Hansteen escreveu:
>> However, running that command pinting at a FreeBSD 10.1 box in my care
>> gave more than three tries. I aborted well before reaching 1 for
>> obvious reasons.
> Digging some more, I've
> But it depends on the right (wrong) combination of factors
> which, unfortunately, FreeBSD has.
Exactly.
On 7/23/2015 12:29 PM, Garance A Drosehn wrote:
> On 23 Jul 2015, at 10:06, Emilio Perea wrote:
[snip]
>
> It is a real issue. Your servers might not see the issue depending on
> what
> options have been set for sshd_config. My freebsd boxes do *not* have
> the
> problem, but that's because I
e operating systems to a much larger degree.
Your statements sound like advocacy. I'll throw some back at you for
fun. It seems too easy for FreeBSD folk to throw accusations at
OpenSSH and the greater OpenBSD dev community, when the rich
commercial sphere surrounding FreeBSD has never given
uthentication no'.
> I don't even remember why I set that on my freebsd boxes. I change very
> few settings, but for some reason I decided to change that one.
Yes, it seems so. Going through the source code and the openssh-unix-dev
mail list, I see that it's indeed an issue th
On 23 Jul 2015, at 10:06, Emilio Perea wrote:
To me it looks like a mistimed April Fools' joke, but hope somebody
more
knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
It
> > It seems to affect only FreeBSD. But it's bad, and affect a lot of
> > versions, dating back to 2007. And also, as I guessed, interaction with
> > PAM is the culprit.
>
> That's why Dr. House doesn't allow exotic things to be ported to OpenBSD.
> "You Can't Always Get What You Want".
Seriousl
> It seems to affect only FreeBSD. But it's bad, and affect a lot of
> versions, dating back to 2007. And also, as I guessed, interaction with
> PAM is the culprit.
That's why Dr. House doesn't allow exotic things to be ported to OpenBSD.
"You Can't Always Get What You Want".
Em 23-07-2015 11:16, Peter N. M. Hansteen escreveu:
> However, running that command pinting at a FreeBSD 10.1 box in my care
> gave more than three tries. I aborted well before reaching 1 for
> obvious reasons.
Digging some more, I've found this:
http://seclists.org/oss-sec/2015/q3/156
It see
any
FreeBSD machine available to test it. But it seems to be the only OS
affected. I'm betting that they have some bad interaction between the
openssh configuration and their PAM configuration.
Cheers,
Giancarlo Razzolini
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/23/15 16:06, Emilio Perea wrote:
> To me it looks like a mistimed April Fools' joke, but hope somebody
> more knowledgeable will respond:
>
> https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentic
To me it looks like a mistimed April Fools' joke, but hope somebody more
knowledgeable will respond:
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
On 27 June 2015 at 18:17, Benny Lofgren wrote:
> Let's say you have an open, but idle, ssh session to your remote server
> and there's a short outage in the network somewhere between the two
> endpoints. If there are no keep-alive packets trying to get through and
> the actual session remains idle
Hi Josh,
On 27 June 2015 at 17:59, Josh Grosse wrote:
> On Sat, Jun 27, 2015 at 05:10:54PM -0700, jungle Boogie wrote:
>> Hello All,
>>
>> I know fewer defaults the better for all, but if there a reason
>> TCPKeepAlive in openssh is disabled along with the clientaliv
On 2015-06-28 02:59, Josh Grosse wrote:
>> How do you folks manage ssh sessions not dying? Do you enable these
>> options every time you install openssh on a new machine? Is there a
>> better option?
> The man page continues with, "The client alive mechanism
> i
On Sat, Jun 27, 2015 at 05:10:54PM -0700, jungle Boogie wrote:
> Hello All,
>
> I know fewer defaults the better for all, but if there a reason
> TCPKeepAlive in openssh is disabled along with the clientalive option?
> Is it just too risky and/or unneeded?
Well, Mr. Boogie,
Hello All,
I know fewer defaults the better for all, but if there a reason
TCPKeepAlive in openssh is disabled along with the clientalive option?
Is it just too risky and/or unneeded?
How do you folks manage ssh sessions not dying? Do you enable these
options every time you install openssh on a
ll support and contribute
> to the OpenSSH community - Very excited to work with the OpenSSH community to
> deliver the PowerShell and Windows SSH solution!"
>
> \o/
>
>
unix> ssh windoze.domain.loc
Администратор@windoze.domain.loc's password:
PowerShell>
Profit?
http://blogs.msdn.com/b/looking_forward_microsoft__support_for_secure_shell_ssh1/archive/2015/06/02/managing-looking-forward-microsoft-support-for-secure-shell-ssh.aspx
"I’m pleased to announce that the PowerShell team will support and contribute
to the OpenSSH community - Very excited to
gt; error: expected identifier or '(' before numeric constant
> # define mblen(x, y) 1
>
> The obvious thing to try would be to change that to:
>
> # define mblen(x, y) (1)
>
Didn't change the output at all
In case your interested, I've attached the con
1 - 100 of 415 matches
Mail list logo
