Entry 22943 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 22943

WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`

2025/05/24 [General] UID:1000 Activity:popular

5/24

2001/11/5-6 [Computer/SW/Security] UID:22943 Activity:high

11/5    In ssh1, I can make passphraseless keys that let me login from one
        place to another without typing a password/phrase (yes, yes, I know).
        How can I do this with ssh2?  My man pages aren't helping with what
        I need to put into what files to use passphrases instead of passwords.
        I know how to make the key, just not what to do with it.  Thanks!
        \_ copy .ssh/id_dsa.pub from your local machine to
           .ssh/authorized_keys2 on the foreign machine. - danh
           \_ And chmod 600 ~/.ssh/authorized_keys2 --dbushong
                \_ Did both of these things and it still falls back to the
                   password auth... help?  Does it have something to do with
                   either the IdentityFile or AuthorizationFile settings in
                   sshd2_config?
        \_ add the "-v" flag when sshing, does that tell you
           anything useful?
        \_ Ok, I got it, thanks all.  Our machines had the http://www.ssh.com version
           installed which works a little differently than soda.  I needed to
           specify the dsa and pub files in the identification and
           authorization files with some trivial syntax.  This is from a pdf
           off <DEAD>www.ssh.com's<DEAD> support website.  Nothing in the man pages about
           it.  I guess that's how they make money with support and services.
           What danh and dbhushong said worked perfectly with soda which had
           me confused for a bit.  And -v was pretty useless, unfortunately.

ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/05/24 [General] UID:1000 Activity:popular

5/24

You may also be interested in these entries...

2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil

8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...

2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil

8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...

2012/9/24-11/7 [Computer/SW/Languages, Computer/SW/Unix] UID:54484 Activity:nil

9/24    How come changing my shell using ldapmodify (chsh doesn't work) doesn't
        work either? ldapsearch and getent show the new shell but I still get
        the old shell on login.
        \_ Scratch that, it magically took my new shell now. WTF?
           \_ probably nscd(8)
	...

2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil

8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...

2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil

7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...

2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil

4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...

2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil

11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...

Cache (156 bytes)

www.ssh.comCompany 10 Products 11 Services 12 Solutions 13 Support 14 Partners 15 Investors 16 SSH Communications Security is a leading provider of security solutions.