On Fri 06 May 2011 at 11:54:28 +0300, George wrote:
So the attacker needs to guess my private key instead of my password.
How does that make his life more difficult, assuming my password was
very strong?
It is easy to construct a password which would take 10,000 years to
guess or brute force.
On Fri, May 6, 2011 at 09:06, shawn wilson ag4ve...@gmail.com wrote:
I suppose you could keep your public key with you on a USB drive and
only put it on the computer when you need it, however I'm not sure how
secure that would be :/
Something you have - thumb drive
Something you know - the
On Thu, 05 May 2011 21:08:05 +0100, Tom Furie wrote:
On Thu, May 05, 2011 at 07:21:22PM +, Camaleón wrote:
On Thu, 05 May 2011 18:12:47 +0100, Andrew Wood wrote:
For certain things like removing OpenOffice and replacing it with
LibreOffice this approach works but is time consuming.
On Fri, May 6, 2011 at 12:02, Tom Furie t...@furie.org.uk wrote:
No, the attacker needs to HAVE your private key and KNOW the pass phrase
for that key. Assuming you keep your key secure and have a decent pass
phrase his life should be very difficult indeed.
Yes, but using that key on a
George:
On 5/6/11, Jochen Schulz m...@well-adjusted.de wrote:
You can authenticate to an OpenSSH server using a password, or using a
keyfile. On the client side, simply run 'ssh-keygen' to create a
keypair.
So the attacker needs to guess my private key instead of my password.
Exactly.
On Thu, 05 May 2011 20:18:25 -0700, David wrote:
I may be out of the loop on this. But I just discovered kupfer and was
duly impressed.
I generally stay away from launchers because, with the exception of
gmrun, I find them over-stuffed and awkward.
Although I can't get kupfer completely
On Fri, May 6, 2011 at 12:13, Brian a...@cityscape.co.uk wrote:
You could run Debian Live on a USB stick (or any other live distro,
really). Boot your work machine with that, and you will have a trusted
machine. Use that to ssh to your home machine.
I suppose this 'trusted machine' doesn't
On Fri, May 6, 2011 at 11:43, Brian a...@cityscape.co.uk wrote:
I'm prepared to be wrong here but, aren't the hosts.* configs just for inetd
/ xinetd and (possibly) portmap? And, IIRC, ssh installs as an init script
on debian?
Daemons can also be linked against libwrap. sshd is (ldd
On Fri, May 6, 2011 at 12:57, Heddle Weaver weaver2wo...@gmail.com wrote:
The tinyurl server is giving a 500 error. Why on earth would you add
an unreliable, third-party link to the already fragile chain of HTTP?
It didn't then and it doesn't now.
Still is for me.
I for one do not want
On Friday 6 May, 2011 02:13:52 Brian wrote:
A strong password is no less secure in brute force terms than a key so
there is no reason to disallow it on those grounds. You can also be sure
you have never left it at home or elsewhere.
What you're missing is the difference between someone trying
Hello,
phpBB's new version ( 3.0.8 ) is now available .We recommend that you update
your forum to fix some security bugs in earlier versions .
We provide paid services , Beside updating your forum we can :
+ Design for you a professional unique style with completely
new icons
On Fri 06 May 2011 at 13:39:48 +0300, Dotan Cohen wrote:
Could you please expand on this a bit please. I'm not sure that I
understand the relevance. If there is some fine document that I should
be reading then a link to it would be appreciated. I like to read the
fine manual, but for this
On Fri, May 6, 2011 at 14:45, Brian a...@cityscape.co.uk wrote:
Could you please expand on this a bit please. I'm not sure that I
understand the relevance. If there is some fine document that I should
be reading then a link to it would be appreciated. I like to read the
fine manual, but for
On Fri 06 May 2011 at 13:48:23 +0300, Dotan Cohen wrote:
However, keys are good to prevent brute-force attacks. Think of it
like a 256-character password using the entire ASCII field. Also, keys
are not susceptible to keyloggers.
I'm unsure whether you mean 'prevent' because neither keys nor
On Fri, May 6, 2011 at 12:23, George pinkisntw...@gmail.com wrote:
No, the attacker needs to HAVE your private key and KNOW the pass phrase
for that key. Assuming you keep your key secure and have a decent pass
phrase his life should be very difficult indeed.
He still needs to guess a string,
On Fri, 06 May 2011 14:02:47 +0300, Dotan Cohen wrote:
On Fri, May 6, 2011 at 12:57, Heddle Weaver weaver2wo...@gmail.com
wrote:
The tinyurl server is giving a 500 error. Why on earth would you add
an unreliable, third-party link to the already fragile chain of HTTP?
It didn't then and it
On Fri 06 May 2011 at 04:51:16 -0700, cac...@quantum-sci.com wrote:
On Friday 6 May, 2011 02:13:52 Brian wrote:
A strong password is no less secure in brute force terms than a key so
there is no reason to disallow it on those grounds. You can also be sure
you have never left it at home or
On Fri, May 6, 2011 at 15:28, Camaleón noela...@gmail.com wrote:
Still is for me.
It works here but anyway, you can use a TinyURL decoder:
http://kiserai.net/turl.pl
Still 500. That's a server error, not a network error. I'm surprised
that it works for anybody. All I can think of here is
On Friday 6 May, 2011 05:15:23 Brian wrote:
What you're missing is the difference between someone trying to hack from
the
client machine... and a remote script trying to brute-force your server.
Big
difference.
No I'm not. But please explain the difference, bearing in mind the
On Fri, May 6, 2011 at 15:08, Brian a...@cityscape.co.uk wrote:
On Fri 06 May 2011 at 13:48:23 +0300, Dotan Cohen wrote:
However, keys are good to prevent brute-force attacks. Think of it
like a 256-character password using the entire ASCII field. Also, keys
are not susceptible to keyloggers.
On Friday 6 May, 2011 05:08:52 Brian wrote:
I'm unsure whether you mean 'prevent' because neither keys nor passwords
can stop brute forcing attempts. If you mean a key (256 characters) is
stronger than a password (20 characters) I'd agree. But the key is no
more secure than the password. Not
Hi,
Is it normal to have multiple instances of udev daemon running?
user@gibbs:~/data/icp-ms/Routine/2011/Agilent7500$ ps aux | grep udev
root 381 0.0 0.0 21424 848 ?Ss May05 0:00 udevd --
daemon
root 7189 0.0 0.0 21420 472 ?SMay05 0:00
On Fri, May 06, 2011 at 01:08:52PM +0100, Brian wrote:
Keyloggers would get the key passphrase too. And the USB stick
would have its contents pilfered. So, keys don't appear to give any
advantage over passwords on an untrusted machine.
For the connect from untrusted computers there are
On 06/05/11 15:11, Wolfgang Karall wrote:
On Fri, May 06, 2011 at 01:08:52PM +0100, Brian wrote:
Keyloggers would get the key passphrase too. And the USB stick
would have its contents pilfered. So, keys don't appear to give any
advantage over passwords on an untrusted machine.
combined with
On Fri, 06 May 2011 15:47:42 +0300, Dotan Cohen wrote:
On Fri, May 6, 2011 at 15:28, Camaleón wrote:
Still is for me.
It works here but anyway, you can use a TinyURL decoder:
http://kiserai.net/turl.pl
Still 500. That's a server error, not a network error. I'm surprised
that it works
2011/5/5 Dominique Dumont domi.dum...@free.fr
Le jeudi 5 mai 2011 17:29:54, vous avez écrit :
What should I verify before updating/upgrading a sid/experimental system?
if aptitude wants to remove a lot of perl package, just put on hold all
perl-5.12 packages. This will enable you to update
Hello List !
For the connect from untrusted computers there are one-time-passwords.
I've used libpam-opie in the past with great success for the occasional
connection from internet cafe's for example.
By googling, I found this web page:
On Fri, 06 May 2011 08:56:35 -0400, Christopher Judd wrote:
Is it normal to have multiple instances of udev daemon running?
user@gibbs:~/data/icp-ms/Routine/2011/Agilent7500$ ps aux | grep udev
root 381 0.0 0.0 21424 848 ?Ss May05 0:00 udevd
--daemon
root
On Fri, 06 May 2011, Camaleón wrote:
On Fri, 06 May 2011 08:56:35 -0400, Christopher Judd wrote:
Is it normal to have multiple instances of udev daemon running?
user@gibbs:~/data/icp-ms/Routine/2011/Agilent7500$ ps aux | grep udev
root 381 0.0 0.0 21424 848 ?Ss
On 05/06/2011 02:50 PM, cac...@quantum-sci.com wrote:
On Friday 6 May, 2011 05:15:23 Brian wrote:
What you're missing is the difference between someone trying to hack from the
client machine... and a remote script trying to brute-force your server. Big
difference.
No I'm not. But
On 20110506_092810, Gilles Mocellin wrote:
Le Friday 06 May 2011 07:15:37 Boyd Stephen Smith Jr., vous avez écrit :
In 20110505230413.ga4...@big.lan.gnu, Paul E Condon wrote:
On 20110505_164439, Boyd Stephen Smith Jr. wrote:
On 2011-05-05 16:15:31 Paul E Condon wrote:
#volatile
Hi folks
On 06/05/11 16:33, Jerome BENOIT wrote:
Hello List !
For the connect from untrusted computers there are one-time-passwords.
I've used libpam-opie in the past with great success for the occasional
connection from internet cafe's for example.
By googling, I found this web page:
Hello,
On 6/5/2011 15:00 Christopher Judd wrote:
Is it normal to have multiple instances of udev daemon running?
I don't know if it is normal. But on my system, I have three instances
of udev daemon as well.
Cheers,
Simon
--
To UNSUBSCRIBE, email to
On Thu, 5 May 2011, Rob Owens wrote:
I hesitate to mention this, because it will start an argument about
security through obscurity, but you can run your ssh server on a port
other than 22. It really does nothing for security, but it will keep
your firewall logs a lot cleaner because it avoids
Hey list
Sometime over the last 9 days I have updated my testing desktop system and
when I went to reboot the theme settings on Gnome had changed and I am
unable to access the Internet.
My partner's machine - from which this is sent - can access the Net fine. I
could until I rebooted. I've
On Fri, May 6, 2011 at 12:23 PM, AG computing.acco...@googlemail.com wrote:
Hey list
Sometime over the last 9 days I have updated my testing desktop system and
when I went to reboot the theme settings on Gnome had changed and I am
unable to access the Internet.
My partner's machine - from
In 20110506155703.ga2...@big.lan.gnu, Paul E Condon wrote:
Note that none of these five lines (in two different files on two different
hosts) contain 'volatile'.
As expected for squeeze and above. The services previously provided by
volatile.debian.org and its completely separate mirror system
On Fri, 06 May 2011 17:23:45 +0100, AG wrote:
Sometime over the last 9 days I have updated my testing desktop system
and when I went to reboot the theme settings on Gnome had changed and I
am unable to access the Internet.
My partner's machine - from which this is sent - can access the Net
On Fri, 6 May 2011, Brian wrote:
A strong password is no less secure in brute force terms than a key so
Oh yes it is. A strong password may take a very long time to brute force,
but that isn't what you said.
Breaking an arbitrarily long key pair is regarded as being
cryptographically
help
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4dc426d9.7030...@vru.uho.edu.cu
Today I sent an e-mail from my Icedove 2.0.0.24 and I am pretty sure it
looks different in my Sent folder (and in Sent folder file) than it was
when I was sending it.
There is an additional '' char at the beginning of the 3rd line of the
body (nothing was quoted in this e-mail, it was a new
In 4dc426d9.7030...@vru.uho.edu.cu, Alexey Leyva wrote:
help
You'll have to be more specific.
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
b...@iguanasuicide.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/
This just started after my most recent (very painful) dist-upgrade. It seems
that BTRFS is not compatible with grub and Debian. I very nearly lost my whole
system because of this catastrophe.
Does anyone know the nature of the error and how to fix?
--
To UNSUBSCRIBE, email to
On Fri, 06 May 2011 19:08:11 +0200, Stanisław Findeisen wrote:
Today I sent an e-mail from my Icedove 2.0.0.24 and I am pretty sure it
looks different in my Sent folder (and in Sent folder file) than it was
when I was sending it.
There is an additional '' char at the beginning of the 3rd
Le Fri 6/05/2011, Camaleón disait
On Fri, 06 May 2011 19:08:11 +0200, Stanisław Findeisen wrote:
Today I sent an e-mail from my Icedove 2.0.0.24 and I am pretty sure it
looks different in my Sent folder (and in Sent folder file) than it was
when I was sending it.
There is an
On 2011-05-06 19:46, Camaleón wrote:
On Fri, 06 May 2011 19:08:11 +0200, Stanisław Findeisen wrote:
Today I sent an e-mail from my Icedove 2.0.0.24 and I am pretty sure it
looks different in my Sent folder (and in Sent folder file) than it was
when I was sending it.
There is an additional
On 2011-05-06 20:02, Stanisław Findeisen wrote:
On 2011-05-06 19:46, Camaleón wrote:
On Fri, 06 May 2011 19:08:11 +0200, Stanisław Findeisen wrote:
Today I sent an e-mail from my Icedove 2.0.0.24 and I am pretty sure it
looks different in my Sent folder (and in Sent folder file) than it was
Hmmm ... apparently not:
sudo ifconfig
loLink encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:11601 errors:0 dropped:0 overruns:0 frame:0
TX
On Fri, 06 May 2011 20:04:36 +0200, Stanisław Findeisen wrote:
On 2011-05-06 20:02, Stanisław Findeisen wrote:
On 2011-05-06 19:46, Camaleón wrote:
(...)
There is an additional '' char at the beginning of the 3rd line of
the body (nothing was quoted in this e-mail, it was a new mail).
Has
Robert Brockway rob...@timetraveller.org wrote:
Yes it would keep logs a bit cleaner. I've never[1] changed the ssh port
on any host and never been terribly worried about the state of the logs as
a result.
I tend to take a different view: if I can get rid of rubbish from the
logs then it
On Fri, May 06, 2011 at 01:45:38AM -0400, shawn wilson wrote:
On May 5, 2011 11:19 PM, Freeman hew...@gmail.com wrote:
On Mon, May 02, 2011 at 08:35:39PM -0700, giovanni_re wrote:
=
So, today's poll is:
What Smartphone do you use?
Android maybe just got a few points
On Fri, May 6, 2011 at 16:32, Camaleón noela...@gmail.com wrote:
On Fri, 06 May 2011 15:47:42 +0300, Dotan Cohen wrote:
On Fri, May 6, 2011 at 15:28, Camaleón wrote:
Still is for me.
It works here but anyway, you can use a TinyURL decoder:
http://kiserai.net/turl.pl
Still 500. That's a
On Fri, May 06, 2011 at 11:00:49AM +, Camaleón wrote:
On Thu, 05 May 2011 20:18:25 -0700, David wrote:
I may be out of the loop on this. But I just discovered kupfer and was
duly impressed.
I generally stay away from launchers because, with the exception of
gmrun, I find them
Hi Debian users,
Are you interested in getting involved in contributing to Debian, perhaps
as a package maintainer?
Margarita (through debian-women) and I (through OpenHatch) are doing a
simple Build It event to teach people how to take a Debian source
package, build it into a .deb, and
On 6 May 2011 21:02, Dotan Cohen dotanco...@gmail.com wrote:
Big snip
I appreciate your willingness to help, don't get me wrong. But just as
I am here to learn, I thought that you might also be interested in
learning the error of using url-shortening services.
Oh, I remember you now.
I
Hello,
On Fri, May 06, 2011 at 05:00:18PM +0100, Dom wrote:
However, libpam-opie seems to have been dropped by Debian after squeeze,
due to lack of support, some security issues, and no updates for quite a
few years.
I run Wheezy, is there a supported alternative to libpam-opie?
A quick
On 06/05/11 22:37, Wolfgang Karall wrote:
Hello,
On Fri, May 06, 2011 at 05:00:18PM +0100, Dom wrote:
However, libpam-opie seems to have been dropped by Debian after squeeze,
due to lack of support, some security issues, and no updates for quite a
few years.
I run Wheezy, is there a
On 06/05/11 21:37, Wolfgang Karall wrote:
Hello,
On Fri, May 06, 2011 at 05:00:18PM +0100, Dom wrote:
However, libpam-opie seems to have been dropped by Debian after squeeze,
due to lack of support, some security issues, and no updates for quite a
few years.
I run Wheezy, is there a supported
Dotan Cohen (dotanco...@gmail.com on 2011-05-06 23:07 +0300):
No, this is not a matter of preference. There is no reason to pipe the
links through some third party service
[..]
What advantage exists at all to use tinyURL?
While I share your sentiment in general (I would never click on a
On 5/6/2011 10:45 AM, Camaleón wrote:
On Fri, 06 May 2011 08:56:35 -0400, Christopher Judd wrote:
Is it normal to have multiple instances of udev daemon running?
user@gibbs:~/data/icp-ms/Routine/2011/Agilent7500$ ps aux | grep udev
root 381 0.0 0.0 21424 848 ?Ss
AG (computing.acco...@googlemail.com on 2011-05-06 19:12 +0100):
sudo ifconfig
loLink encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:11601 errors:0
Hi there. I made a nautilus script so that I can right-click on a file,
use it in a program, and then move the produced file back to the working
directory.
I made a test script to try it out.
#!/bin/bash
echo $1 $HOME/Desktop/test.txt
When I am in any Nautilus folder and I right-click on a
not sure how topical this here - as i'm not looking for anything
debian specific. i'm looking at using some type of configuration
management software. i have never used any of this software before, i
just think i'm outgrowing svn and scp :)
i've found this wiki:
I have used cfengine2 and cfengine3, and I am currently learning puppet.
These are roughly equivalent functionalities, with cfengine being the
grandfather of all of them (circa 1993, iirc). One thing I have found is
your programming preferences could help make the decision for you. cfengine
is
On 07/05/11 00:56, shawn wilson wrote:
i'd prefer the system have some sort of ajax, soap, xml, syslog, or
snmp v3 output (in order of preference - can ya tell how i feel about
snmp?). but, i suppose i can parse and spit out pretty much any output
if need be.
What information are you looking
On 06/05/11 23:50, Arno Schuring wrote:
AG (computing.acco...@googlemail.com on 2011-05-06 19:12 +0100):
sudo ifconfig
loLink encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
Hi
In addition to connectivity problems, I've been having problems setting
up my USB Epson printer with CUPS. For one thing, the CUPS admin
interface has changed since I last did this, and CUPS doesn't detect the
printer as a local printer only giving me 3 options - scsi printer, HP
printer
thanks for the replies. replying to Karl's message so that it goes
into the list archive.
so, my thoughts so far:
wikipedia needs updating on this front.
cdist looks pretty simple - i think i could have it up for what i'm
using in a matter of minutes.
cfengine looks pretty old school and it
On Thu, May 05, 2011 at 11:04:22AM +0300, Dotan Cohen wrote:
Obviously I've done something wrong because on a virgin Squeeze
install /etc/apt/sources.list has no repos other than the disc! Can
someone please send to me a copy of this file. Custom added repos are
fine, I'll be able to figure it
101 - 169 of 169 matches
Mail list logo