On Sat, 2003-10-04 at 18:34, Michael D Schleif wrote:
[...]
While on this subject, what do you recommend for us to become a CA?
`apt-cache search certificate' shows only pyca -- is that adequate?
What are the considerations for becoming a CA?
I just use openssl for our ca, I have written a few
Michael D Schleif [EMAIL PROTECTED] said,
We are working on a web-based application. It will use mod_ssl to
secure transactions.
We want to limit access to the application. Yes, we have
username/password authentication; but, we are also considering
host-based limits.
Can this be done
On Sat, Oct 04, 2003 at 12:50:39PM -0500, Michael D Schleif wrote:
We are working on a web-based application. It will use mod_ssl to
secure transactions.
We want to limit access to the application. Yes, we have
username/password authentication; but, we are also considering
host-based
Aaron [EMAIL PROTECTED] [2003:10:04:15:02:38-0400] scribed:
Michael D Schleif [EMAIL PROTECTED] said,
We are working on a web-based application. It will use mod_ssl to
secure transactions.
We want to limit access to the application. Yes, we have
username/password authentication; but,
Dave Carrigan [EMAIL PROTECTED] [2003:10:04:12:31:02-0700] scribed:
On Sat, Oct 04, 2003 at 12:50:39PM -0500, Michael D Schleif wrote:
We are working on a web-based application. It will use mod_ssl to
secure transactions.
We want to limit access to the application. Yes, we have
On Sat, Oct 04, 2003 at 02:56:14PM -0500, Michael D Schleif wrote:
As I responded to Aaron's message, we are looking for some kind of
passive authentication, like an SSL Certificate.
We do not want to have to rely on humans remembering another
username/password, especially since the web
Frank Gevaerts [EMAIL PROTECTED] [2003:10:04:22:25:54+0200] scribed:
On Sat, Oct 04, 2003 at 02:56:14PM -0500, Michael D Schleif wrote:
As I responded to Aaron's message, we are looking for some kind of
passive authentication, like an SSL Certificate.
We do not want to have to rely on
On Sat, Oct 04, 2003 at 04:25:57PM -0500, Michael D Schleif wrote:
OK, this section is what I need -- thank you:
http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
Correct me if I am wrong; but, this is the process?
[1] One (1) Certificate per client/browser authenticates *both* the
Dave Carrigan [EMAIL PROTECTED] [2003:10:04:15:15:21-0700] scribed:
On Sat, Oct 04, 2003 at 04:25:57PM -0500, Michael D Schleif wrote:
OK, this section is what I need -- thank you:
http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
Correct me if I am wrong; but, this is the
On Sun, 20 Aug 2000 11:18:17 PDT, kmself@ix.netcom.com writes:
On Sun, Aug 20, 2000 at 02:11:00AM -0700, kmself@ix.netcom.com wrote:
As suggested, the restricted shell. Invoked with rbash or bash -r.
=20
This doesn't allow changes to $PATH, users can't cd, and a number of
other
On Sun, 20 Aug 2000, Robert Waldner wrote:
I have a bunch of luser-accounts on one of my boxes, what I want is to
restrict them to their home-dir, with only very special exceptions.
You probably want to use rsh, the restricted shell (as opposed to rsh the
remote shell).
Any hints? iirc
On Sun, Aug 20, 2000 at 10:14:01AM +0200, Robert Waldner wrote:
Hi!
(I´m quite sure that a pointer in the right direction/to the proper FM
is all I need.)
I have a bunch of luser-accounts on one of my boxes, what I want is to
restrict them to their home-dir, with only very special
On Sun, Aug 20, 2000 at 02:11:00AM -0700, kmself@ix.netcom.com wrote:
As suggested, the restricted shell. Invoked with rbash or bash -r.
This doesn't allow changes to $PATH, users can't cd, and a number of
other restrictions exist. You *have* to either point users to a system
directory
On Sun, Aug 20, 2000 at 01:34:04AM -0800, Ethan Benson wrote:
On Sun, Aug 20, 2000 at 02:11:00AM -0700, kmself@ix.netcom.com wrote:
As suggested, the restricted shell. Invoked with rbash or bash -r.
This doesn't allow changes to $PATH, users can't cd, and a number of
other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Peter Good [EMAIL PROTECTED] writes:
I dunno, I'll look into NIS, but originally I thought Pam would handle
it.
There is a PAM module that implements what you're looking for. I played
around with it for a while, back when I was using
Found out why, missed taking the comment off this
# Uncomment and edit /etc/security/access.conf if you need to
# set access limits.
# (Replaces /etc/login.access file)
account required pam_access.so
hehe pays not to work when tired, edited access.conf to suit, and now
have telnets to
Quoth Peter Good,
usergrouptelnet ftp
access10 no yes
access20 no yes
shells yes yes
allothers yes yes
It's a web hosting box, that also hosts shell accounts. the people with
webpage packages don't need telnet and all webpage accounts have
This may sound like a newbie question but, how do i stop a certian group
from accessing my system via telnet? I've played with PAM to no avail,
spent the last 3 hours on it in fact. System is 2.2, just need someone
to point me in the right direction, if anyone can help, plz lemme know,
it's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Peter Good [EMAIL PROTECTED] writes:
This may sound like a newbie question but, how do i stop a certian group
from accessing my system via telnet? I've played with PAM to no avail,
spent the last 3 hours on it in fact. System is 2.2, just
Graeme had more of an idea of what i'd like to do, what it looks like is
thus
usergrouptelnet ftp
access10 no yes
access20 no yes
shells yes yes
allothers yes yes
It's a web hosting box, that also hosts shell accounts. the people with
webpage
20 matches
Mail list logo