Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
Package: wnpp
Severity: wishlist Owner: Jerome Benoit <g6299304p@rezozer.net> * Package name : libpam-ssh Version : 1.97 Upstream Author : Akorty Rosenauer * URL : http://pam-ssh.sourceforge.net/ * License : BSD Programming Lang: C Description : Authenticate using SSH keys This PAM module provides single sign-on behavior for SSH. The user types an SSH passphrase when logging in and is authenticated if the passphrase successfully decrypts the user's SSH private key. In the PAM session phase, an ssh-agent process is started and keys are added. For the entire session, the user can SSH to other hosts that accept key authentication without typing any passwords. -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 20120816010133.21735.66903.reportbug@nen.dnsalias. org">http://lists.debian.org/20120816010133.21735.66903.reportbug@nen.dnsalias. org |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
On Thu, 16 Aug 2012 03:01:33 +0200
Jerome Benoit <g6299304p@rezozer.net> wrote: > Package: wnpp > Severity: wishlist > Owner: Jerome Benoit <g6299304p@rezozer.net> > > * Package name : libpam-ssh > Version : 1.97 > Upstream Author : Akorty Rosenauer > * URL : http://pam-ssh.sourceforge.net/ > * License : BSD > Programming Lang: C > Description : Authenticate using SSH keys > > This PAM module provides single sign-on behavior for SSH. > The user types an SSH passphrase when logging in and is > authenticated if the passphrase successfully decrypts the > user's SSH private key. In the PAM session phase, an ssh-agent > process is started and keys are added. For the entire session, > the user can SSH to other hosts that accept key authentication > without typing any passwords. Is this about using removable media to store the SSH private key to login to machines which only have the public key? That would be useful (but isn't that covered by existing PAM support?) Is this some form of hot-desking support? If not, why is this better than a user having a different password for login and for the SSH key? Why tie login to one of my SSH private keys? The homepage doesn't make this clear, it sounds like the module just maps the user login via a graphical desktop manager to a particular SSH key the private key for which has to live on the system behind the login anyway. What's the point? -- Neil Williams ============= http://www.linux.codehelp.co.uk/ |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
It would be nice if your initial upload would resolve the multiple issues
that were the cause for the package removal, rather than simply reintroduce them. -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20120816083916.GA8134@debian |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
On 08/16/2012 09:01 AM, Jerome Benoit wrote:
> Package: wnpp > Severity: wishlist > Owner: Jerome Benoit <g6299304p@rezozer.net> > > * Package name : libpam-ssh > Version : 1.97 > Upstream Author : Akorty Rosenauer > * URL : http://pam-ssh.sourceforge.net/ > * License : BSD > Programming Lang: C > Description : Authenticate using SSH keys > > This PAM module provides single sign-on behavior for SSH. > The user types an SSH passphrase when logging in and is > authenticated if the passphrase successfully decrypts the > user's SSH private key. In the PAM session phase, an ssh-agent > process is started and keys are added. For the entire session, > the user can SSH to other hosts that accept key authentication > without typing any passwords. > As much as I can see, the package is still in Debian (though removed from Wheezy). You shouldn't open an ITP for a package that is already in the archive. If your intention is to adopt the package, then you should follow the MIA process, have the package orphaned, then rename the orphaned bug as ITA (Intention To Adopt) adopt it by uploading new versions. And for that, there's no need for an ITP. Thanks for your intention to adopt this package, Cheers, Thomas Goirand (zigo) -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 502CBD76.6080701@debian.org">http://lists.debian.org/502CBD76.6080701@debian.org |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
Hello:
On 16/08/12 10:39, Jon Dowland wrote: It would be nice if your initial upload would resolve the multiple issues that were the cause for the package removal, rather than simply reintroduce them. I am totally agree with you, and I am working on it. I guess that you understand that I wanted to make a ``reservation' before to revisit the Package. Cheers, Jerome -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 502CFDC1.8040101@rezozer.net">http://lists.debian.org/502CFDC1.8040101@rezozer.net |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
Hello:
On 16/08/12 11:29, Thomas Goirand wrote: On 08/16/2012 09:01 AM, Jerome Benoit wrote: Package: wnpp Severity: wishlist Owner: Jerome Benoit<g6299304p@rezozer.net> * Package name : libpam-ssh Version : 1.97 Upstream Author : Akorty Rosenauer * URL : http://pam-ssh.sourceforge.net/ * License : BSD Programming Lang: C Description : Authenticate using SSH keys This PAM module provides single sign-on behavior for SSH. The user types an SSH passphrase when logging in and is authenticated if the passphrase successfully decrypts the user's SSH private key. In the PAM session phase, an ssh-agent process is started and keys are added. For the entire session, the user can SSH to other hosts that accept key authentication without typing any passwords. As much as I can see, the package is still in Debian (though removed from Wheezy). You shouldn't open an ITP for a package that is already in the archive. If your intention is to adopt the package, then you should follow the MIA process, have the package orphaned, then rename the orphaned bug as ITA (Intention To Adopt) adopt it by uploading new versions. And for that, there's no need for an ITP. The situation is ambiguous as I posted before in the debian-devel@lists.debian.org list: the package is not orphaned, was removed but it is still present. There is a void here, and it is why I asked on the list: it was suggested to make an ITP since it was removed. It appears that the Maintainer has retired from Debian. According to him, his Debian packages are orphaned, and he has no more access to his Debian account. Thanks for your intention to adopt this package, Cheers, Best wishes, Jerome Thomas Goirand (zigo) -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 502D002F.9060109@rezozer.net">http://lists.debian.org/502D002F.9060109@rezozer.net |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
Hello:
On 16/08/12 08:40, Neil Williams wrote: On Thu, 16 Aug 2012 03:01:33 +0200 Jerome Benoit<g6299304p@rezozer.net> wrote: Package: wnpp Severity: wishlist Owner: Jerome Benoit<g6299304p@rezozer.net> * Package name : libpam-ssh Version : 1.97 Upstream Author : Akorty Rosenauer * URL : http://pam-ssh.sourceforge.net/ * License : BSD Programming Lang: C Description : Authenticate using SSH keys This PAM module provides single sign-on behavior for SSH. The user types an SSH passphrase when logging in and is authenticated if the passphrase successfully decrypts the user's SSH private key. In the PAM session phase, an ssh-agent process is started and keys are added. For the entire session, the user can SSH to other hosts that accept key authentication without typing any passwords. Is this about using removable media to store the SSH private key to login to machines which only have the public key? NO ! That would be useful (but isn't that covered by existing PAM support?) Is this some form of hot-desking support? If not, why is this better than a user having a different password for login and for the SSH key? Why tie login to one of my SSH private keys? Let say that I used it to launch ssh-agent when I login (from console or desktop). The homepage doesn't make this clear, it sounds like the module just maps the user login via a graphical desktop manager to a particular SSH key the private key for which has to live on the system behind the login anyway. What's the point? I am agree that the descriptions on the homepage and within the Debian package are confusing: I will try to improve this part as well. Thanks, Jerome -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 502D02FA.8020307@rezozer.net">http://lists.debian.org/502D02FA.8020307@rezozer.net |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
On Thu, Aug 16, 2012 at 04:14:07PM +0200, Jerome BENOIT wrote:
> The situation is ambiguous as I posted before in the debian-devel@lists.debian.org list: > the package is not orphaned, was removed but it is still present. There is no ambiguity. The package is present in unstable and thus is not "removed" in the sense that word is commonly used without qualifiers. (The proper way to describe what happened to the package is "removed from testing" - a release engineering action that doesn't imply any change in a package's maintainership.) > There is a void here, and it is why I asked on the list: it was suggested to > make an ITP since it was removed. An ITP is inappropriate so long as the package is present in unstable or experimental. > It appears that the Maintainer has retired from Debian. In that case, the package likely is available for salvaging (that is, for taking over maintainership without going throug a period of formal ITA or O period). -- Antti-Juhani Kaijanaho, Jyväskylä, Finland http://antti-juhani.kaijanaho.fi/newblog/ http://www.flickr.com/photos/antti-juhani/ -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 20120816153138.GB2585@kukkavihko.kaijanaho.fi">htt p://lists.debian.org/20120816153138.GB2585@kukkavihko.kaijanaho.fi Thu Aug 16 18:30:01 2012 Return-Path: <bounce-debian-user=tom=linux-archive.org@lists.debian.org> X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eagle542.startdedicated.com X-Spam-Level: X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIM_SIGNED,FSL_RCVD_USER, RCVD_IN_DNSWL_HI,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-Original-To: tom@linux-archive.org Delivered-To: tom-linux-archive.org@eagle542.startdedicated.com Received: from bendel.debian.org (bendel.debian.org [82.195.75.100]) by eagle542.startdedicated.com (Postfix) with ESMTP id EBD4220E05FB for <tom@linux-archive.org>; Thu, 16 Aug 2012 17:32:36 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by bendel.debian.org (Postfix) with QMQP id E9F4F205; Thu, 16 Aug 2012 15:32:13 +0000 (UTC) Old-Return-Path: <debian-user@list-post.mks-mail.de> X-Original-To: lists-debian-user@bendel.debian.org Delivered-To: lists-debian-user@bendel.debian.org Received: from localhost (localhost [127.0.0.1]) by bendel.debian.org (Postfix) with ESMTP id D78CCB1 for <lists-debian-user@bendel.debian.org>; Thu, 16 Aug 2012 15:32:00 +0000 (UTC) X-Virus-Scanned: at lists.debian.org with policy bank en-ht X-Amavis-Spam-Status: No, score=-7 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FOURLA=0.1, LDO_WHITELIST=-5] autolearn=ham Received: from bendel.debian.org ([127.0.0.1]) by localhost (lists.debian.org [127.0.0.1]) (amavisd-new, port 2525) with ESMTP id EY7JtmN2bxmJ for <lists-debian-user@bendel.debian.org>; Thu, 16 Aug 2012 15:31:52 +0000 (UTC) X-policyd-weight: DYN_NJABL=SKIP(0) NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_FROM_MX=-3.1; rate: -6.1 Received: from mail.ddt-consult.de (mail.ddt-consult.de [176.9.143.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bendel.debian.org (Postfix) with ESMTPS id A62B4205 for <debian-user@lists.debian.org>; Thu, 16 Aug 2012 15:31:51 +0000 (UTC) Received: from ddt-filter.ddt-consult.intern (ddt-filter.ddt-consult.intern [192.168.1.116]) by mail.ddt-consult.de (Postfix) with ESMTP id 6CC722CA9BC for <debian-user@lists.debian.org>; Thu, 16 Aug 2012 17:31:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d= list-post.mks-mail.de; h=content-transfer-encoding:content-type :content-type:in-reply-to:references:subject:subject :mime-version:user-agent:reply-to:from:from:date:date:message-id :received:received; s=lpm; t=1345131108; bh=+rAImAqtu9wkK981j3wq p4GzE1Ta/J6ovw69ux2LPgk=; b=putv+z2RmzK+AK/kl8sCJmlMOKZg+2L9XQVL I9JCbbE2nvDRtjn42UsOCHcW79I2rD14ugeJhd9/sgnzRRnPAt79khmwwywle/j1 TMk/5LKIphfgu43rJQRQhFBZ36cJsJ7T9rq3J8Nf+gMuf/UxZw1/f9M1Ftqjq32X yALDSvc= X-Virus-Scanned: Debian amavisd-new at ns1 Received: from mail.ddt-consult.de ([192.168.1.101]) by ddt-filter.ddt-consult.intern (ddt-filter.ddt-consult.intern [192.168.1.116]) (amavisd-new, port 20024) with LMTP id q35on_tx2QHH for <debian-user@lists.debian.org>; Thu, 16 Aug 2012 17:31:48 +0200 (CEST) Received: from legolas.home.ddt.intern (p5DC375EE.dip.t-dialin.net [93.195.117.238]) (Authenticated sender: mks@list-post.mks-mail.de) by mail.ddt-consult.de (Postfix) with ESMTPSA id 92D802CA9B9 for <debian-user@lists.debian.org>; Thu, 16 Aug 2012 17:31:48 +0200 (CEST) Message-ID: <502D1263.7060105@list-post.mks-mail.de> Date: Thu, 16 Aug 2012 17:31:47 +0200 From: =?ISO-8859-1?Q?Markus_Sch=F6nhaber?= <debian-user@list-post.mks-mail.de> Reply-To: debian-user@lists.debian.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120717 Thunderbird/14.0 MIME-Version: 1.0 To: debian-user@lists.debian.org Subject: Re: [1/2OT] ssh & wireless related References: <502D0B00.7020409@gmail.com> In-Reply-To: <502D0B00.7020409@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Rc-Virus: 2007-09-13_01 X-Rc-Spam: 2008-11-04_01 Resent-Message-ID: <i1crMAEI6DF.A.HwD.9JRLQB@bendel> Resent-From: debian-user@lists.debian.org X-Mailing-List: <debian-user@lists.debian.org> archive/latest/637669 X-Loop: debian-user@lists.debian.org List-Id: <debian-user.lists.debian.org> List-Post: <mailto:debian-user@lists.debian.org> List-Help: <mailto:debian-user-request@lists.debian.org?subject=help> List-Subscribe: <mailto:debian-user-request@lists.debian.org?subject=subscribe> List-Unsubscribe: <mailto:debian-user-request@lists.debian.org?subject=unsubscribe> Precedence: list Resent-Sender: debian-user-request@lists.debian.org Resent-Date: Thu, 16 Aug 2012 15:32:13 +0000 (UTC) 16.08.2012 17:00, lina: > Strangely once I restarted the network-manager, the connection restore > as normal, I mean the ssh connection is still there. > Is it strange? I thought it's broken, the connection. There's nothing strange with that. A TCP connection is essentially identified by the quadruple (src port, src IP, dest port, dest IP). As long as none of the elements of this quadruple change, the connection may stay "intact" (even if some machine on the route from src to dest is rebooted, for example). Nevertheless, if data is to be transmitted while the other end of the connection is not reachable for some reason, either end may tear down the connection. -- Regards mks -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/502D1263.7060105@list-post.mks-mail.de |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
On Thu, 16 Aug 2012, Antti-Juhani Kaijanaho wrote:
> On Thu, Aug 16, 2012 at 04:14:07PM +0200, Jerome BENOIT wrote: > > The situation is ambiguous as I posted before in the debian-devel@lists.debian.org list: > > the package is not orphaned, was removed but it is still present. > > There is no ambiguity. The package is present in unstable and thus is not > "removed" in the sense that word is commonly used without qualifiers. (The > proper way to describe what happened to the package is "removed from testing" - > a release engineering action that doesn't imply any change in a package's > maintainership.) What let you think this? rmadison libpam-ssh libpam-ssh | 1.92-14 | squeeze | source, amd64, armel, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc W: Archive maintenance is in progress; database inconsistencies are possible. [Date: Fri, 02 Dec 2011 16:51:17 +0000] [ftpmaster: Alexander Reichle-Schmehl] Removed the following packages from unstable: libpam-ssh | 1.92-14 | source libpam-ssh | 1.92-14+b1 | amd64, armel, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc Closed bugs: 650644 Alex -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 20120816154108.GC5733@snow-crash.org">http://lists.debian.org/20120816154108.GC5733@snow-crash.org |
Bug#685042: ITP: libpam-ssh -- Authenticate using SSH keys
On Thu, Aug 16, 2012 at 05:39:50PM +0200, Jerome BENOIT wrote:
> According to its PTS ( http://packages.qa.debian.org/libp/libpam-ssh.html ): > [2011-12-03] libpam-ssh REMOVED from testing (Britney) > [2011-12-02] Removed 1.92-14 from unstable (Alexander Reichle-Schmehl) > > So I guess it must be considered as removed. Yes, you are right. Sorry for my careless reading of that page. In any case, no ambiguity, it seems. I don't think a package's presence in stable or oldstable alone is a problem. -- Antti-Juhani Kaijanaho, Jyväskylä, Finland http://antti-juhani.kaijanaho.fi/newblog/ http://www.flickr.com/photos/antti-juhani/ -- To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: 20120816154232.GD2585@kukkavihko.kaijanaho.fi">htt p://lists.debian.org/20120816154232.GD2585@kukkavihko.kaijanaho.fi |
| All times are GMT. The time now is 03:05 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.