Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sat, Jul 26, 2014 at 09:05:37PM -0700, tony mancill wrote: Package: wnpp Severity: wishlist Owner: tony mancill tmanc...@debian.org * Package name: ssh-cron Version : 0.91.01 Upstream Author : * URL : * License : GPL-2+ Programming Lang: C++

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sat, 26 Jul 2014 21:05:37 -0700, tony mancill tmanc...@debian.org wrote: * Package name: ssh-cron Version : 0.91.01 Upstream Author : * URL : * License : GPL-2+ Programming Lang: C++ Description : cron-like job scheduler than handles ssh key

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sun, Jul 27, 2014 at 06:57:24PM +1200, Chris Bannister wrote: Presume you mean ... scheduler that handles ... It may even be proper English to say ... scheduler which handles ... We got the advice to always use which with comma and that without comma. Especially for non-native speakers the

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Hi Marc, On Sun, Jul 27, 2014 at 4:54 AM, Marc Haber mh+debian-de...@zugschlus.de wrote: Why would one use such a tool? passphraseless keys exist, and can be configured to be secure. This sounds interesting. Do you have a link to some documentation on this technique? Jonathan

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Sorry for the double-post. Upon reflection, it looks like I was asking about information about passphraseless keys -- I was curious about the latter part, how they can be configured to be secure. On Sun, Jul 27, 2014 at 8:31 AM, Jonathan Yu jaw...@cpan.org wrote: Hi Marc, On Sun, Jul 27, 2014

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Hi, Jonathan Yu jaw...@cpan.org writes: On Sun, Jul 27, 2014 at 4:54 AM, Marc Haber mh+debian-de...@zugschlus.de wrote: Why would one use such a tool? passphraseless keys exist, and can be configured to be secure. This sounds interesting. Do you have a link to some documentation on this

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sun, Jul 27, 2014 at 9:27 PM, Ansgar Burchardt wrote: It is possible to restrict keys in .ssh/authorized_keys so that they are only allowed to run specific commands, see the 'command=command' bit in man:sshd(8). One probably wants to combine this with no-port-forwarding and similar

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

/me mutters something about being incompatible with reportbug... The upstream author and URL should have been in the original report (corrected below). On 07/27/2014 01:54 AM, Marc Haber wrote: On Sat, 26 Jul 2014 21:05:37 -0700, tony mancill tmanc...@debian.org wrote: * Package name :

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Bastian Blank wa...@debian.org writes: On Sun, Jul 27, 2014 at 06:57:24PM +1200, Chris Bannister wrote: Presume you mean ... scheduler that handles ... It may even be proper English to say ... scheduler which handles ... We got the advice to always use which with comma and that without

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sun, Jul 27, 2014 at 08:40:03AM -0700, tony mancill wrote: It seems like with Ganneff's trigger mechanism, one attack vector is to steal a backup of the passphraseless key and spoof the source IP - now you can run the trigger at will. Having a passphrase on the key could at least slow the

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On Sun, Jul 27, 2014 at 10:45:37AM -0700, Russ Allbery wrote: Bastian Blank wa...@debian.org writes: On Sun, Jul 27, 2014 at 06:57:24PM +1200, Chris Bannister wrote: Presume you mean ... scheduler that handles ... It may even be proper English to say ... scheduler which handles ... We got

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Bastian Blank wa...@debian.org writes: On Sun, Jul 27, 2014 at 10:45:37AM -0700, Russ Allbery wrote: Bastian Blank wa...@debian.org writes: We got the advice to always use which with comma and that without comma. Especially for non-native speakers the number of variations with slightly

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

]] Philipp Kern On Sun, Jul 27, 2014 at 08:40:03AM -0700, tony mancill wrote: It seems like with Ganneff's trigger mechanism, one attack vector is to steal a backup of the passphraseless key and spoof the source IP - now you can run the trigger at will. Having a passphrase on the key

Re: Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

On 2014-07-27 11:39:58 +0200, Bastian Blank wrote: On Sun, Jul 27, 2014 at 06:57:24PM +1200, Chris Bannister wrote: Presume you mean ... scheduler that handles ... It may even be proper English to say ... scheduler which handles ... We got the advice to always use which with comma and that

Bug#756172: ITP: ssh-cron -- cron-like job scheduler than handles ssh key passphrases

Package: wnpp Severity: wishlist Owner: tony mancill tmanc...@debian.org * Package name: ssh-cron Version : 0.91.01 Upstream Author : * URL : * License : GPL-2+ Programming Lang: C++ Description : cron-like job scheduler than handles ssh key