date:20161202

Re: [lopsa-discuss] Multi-Factor Authentication - Who's the Best

2016-12-02 Thread Erik Anderson

On Fri, Dec 2, 2016 at 4:08 AM, Edward Ned Harvey (lopser)
 wrote:
> Also, ssh isn't the only thing in the world you care about. We use Duo for 
> ssh, RDP, VPN, drupal, wordpress, email, box.com, and everything else.

Slightly tangential to this topic: I've implemented Duo on our test
*nix/*BSD servers to protect SSH. This was easy enough. The main
problem I've run into is that Duo completely breaks Ansible's ability
to properly execute playbooks on the hosts. Has anyone found a way
around this?

Sure, I could create a separate user for ansible which is exempted
from Duo, but I'd rather not do that if it could be avoided.

-Erik
___
Discuss mailing list
Discuss@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-discuss] Multi-Factor Authentication - Who's the Best

2016-12-02 Thread Edward Ned Harvey (lopser)

> From: discuss-boun...@lists.lopsa.org [mailto:discuss-
> boun...@lists.lopsa.org] On Behalf Of Robert Hajime Lanning
> 
> The difference is "can the private key (something you have) be copied?"
> 
> PKI hardware token: No.
> File on notebook: Yes.

Also, ssh isn't the only thing in the world you care about. We use Duo for ssh, 
RDP, VPN, drupal, wordpress, email, box.com, and everything else.
___
Discuss mailing list
Discuss@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-discuss] solaris pkgrecv - it sucks...

2016-12-02 Thread Weiner Larry

I would suggest you use "snoop" (IIRC, that's the name of the Solaris
native tool) to capture packets and see what's going on.

Another suggestion is that you may have a black-hole routing issue?  Try
setting your TCP/IP configuration MTU down to 1300, and see if it doesn't
work better for you.  If you capture the snoop output and see that you are
receiving packets <1500 bytes, then that may be your issue.

--
Regards,

Larry Weiner
works2l...@gmail.com


On Thu, Dec 1, 2016 at 10:50 AM, John Stoffel  wrote:

>
> Guys,
> I support Legacy solaris environments and I'm having a hell of a time
> with Oracle's Solaris 11.x pkgrecv tool timing out and failing
> endlessly when I try to grab down packages from the
> http://pkg.oracle.com/solaris/release server.
>
> Stuff like this:
>
> # pkgrecv -s http://pkg.oracle.com/solaris/release -d /IPS/Solaris11.3
>   -m latest -v 'web/*' -c /var/tmp/pkgrecv-_qtKm8
>   pkgrecv: Framework error: code: 28 reason: Connection timed out
>   after 60001 milliseconds
>   URL: 'http://pkg.oracle.com/solaris/release/versions/0/'
>
>
>
> # pkgrecv -s http://pkg.oracle.com/solaris/release -d
> /IPS/Solaris11.3  -m latest -v 'web/*'
> Processing packages for publisher solaris ...
> Retrieving and evaluating 124 package(s)...
>
> Retrieving packages ...
> Packages to add:   96
>   Files to retrieve: 7050
>   Estimated transfer size: 90.51 MB
>
> Packages to transfer:
> web/analytics/webalizer@2.23.8,5.12-5.12.0.0.0.105.1:20160818T000726Z
> web/browser/elinks@0.11.7,5.12-5.12.0.0.0.105.1:20160818T000728Z
> web/browser/firefox/multi-user-desktop@38.5.0,5.12-5.12.
> 0.0.0.96.0:20160818T000731Z
> web/browser/firefox/plugin/firefox-java@1.0,5.12-5.12.0.0.0.90.0:20160420
> T173744Z
> web/browser/firefox/plugin/plugin-java@5.12,5.12-5.12.0.0.0.90.0:20160420
> T173745Z
> web/browser/links@2.12,5.12-5.12.0.0.0.105.1:20160818T000734Z
> web/browser/lynx@2.8.8,5.12-5.12.0.0.0.105.1:20160818T000736Z
> web/browser/w3m@0.5.3,5.12-5.12.0.0.0.105.1:20160818T000741Z
> web/curl@7.45.0,5.12-5.12.0.0.0.105.1:20160818T000743Z
> web/editor/bluefish@2.0.2,5.12-5.12.0.0.0.90.0:20160420T173802Z
> web/fastcgi/spawn-fcgi@1.6.3,5.12-5.12.0.0.0.105.1:20160818T000750Z
> web/java-servlet/tomcat@6.0.44,5.12-5.12.0.0.0.82.0:20160420T173813Z
> web/java-servlet/tomcat-8@8.5.3,5.12-5.12.0.0.0.105.1:20160818T000756Z
> web/java-servlet/tomcat-8/tomcat-admin@8.5.3,5.12-5.12.
> 0.0.0.105.1:20160818T000752Z
> web/java-servlet/tomcat-8/tomcat-examples@8.5.3,5.12-5.12.0.0.0.105.1:
> 20160818T000753Z
> web/java-servlet/tomcat/tomcat-examples@6.0.44,5.12-5.
> 12.0.0.0.82.0:20160420T173804Z
> web/library/apache/apr-13@1.3.9,5.12-5.12.0.0.0.57.0:20160420T173814Z
> web/library/apache/apr-13/documentation@1.3,5.12-5.12.0.0.0.57.0:20160420
> T173814Z
> web/library/apache/apr-util-13@1.3.9,5.12-5.12.0.0.0.57.0:20160420T173819Z
> web/library/apache/apr-util-13/apr-ldap@1.3.9,5.12-5.12.0.
> 0.0.57.0:20160420T173815Z
> web/library/apache/apr-util-13/dbd-mysql@1.3.9,5.12-5.12.
> 0.0.0.57.0:20160420T173816Z
> web/library/apache/apr-util-13/dbd-sqlite@1.3.9,5.12-5.12.
> 0.0.0.57.0:20160420T173817Z
> web/library/apache/apr-util-13/documentation@1.3,5.12-5.
> 12.0.0.0.57.0:20160420T173818Z
> web/novnc@0.5,5.12-5.12.0.0.0.105.1:20160818T000807Z
> web/php-52@5.2.17,5.12-5.12.0.0.0.73.0:20160420T173829Z
> web/php-52/documentation@5.2.17,5.12-5.12.0.0.0.73.0:20160420T173821Z
> web/php-52/extension/php-apc@3.0.19,5.12-5.12.0.0.0.73.0:20160420T173822Z
> web/php-52/extension/php-idn@0.2.0,5.12-5.12.0.0.0.73.0:20160420T173823Z
> web/php-52/extension/php-memcache@2.2.5,5.12-5.12.0.0.
> 0.73.0:20160420T173824Z
> web/php-52/extension/php-mysql@5.2.17,5.12-5.12.0.0.0.
> 73.0:20160420T173825Z
> web/php-52/extension/php-pear@5.2.17,5.12-5.12.0.0.0.73.0:20160420T173826Z
> web/php-52/extension/php-suhosin@0.9.29,5.12-5.12.0.0.
> 0.73.0:20160420T173826Z
> web/php-52/extension/php-tcpwrap@1.1.3,5.12-5.12.0.0.0.
> 73.0:20160420T173827Z
> web/php-52/extension/php-xdebug@2.0.5,5.12-5.12.0.0.0.
> 73.0:20160420T173828Z
> web/php-53@5.3.29,5.11-5.12.0.0.0.86.0:20160420T173839Z
> web/php-53/documentation@5.3.29,5.11-5.12.0.0.0.86.0:20160420T173830Z
> web/php-53/extension/php-apc@3.1.9,5.11-5.12.0.0.0.86.0:20160420T173831Z
> web/php-53/extension/php-idn@0.2.0,5.11-5.12.0.0.0.86.0:20160420T173832Z
> web/php-53/extension/php-memcache@3.0.6,5.11-5.12.0.0.
> 0.86.0:20160420T173833Z
> web/php-53/extension/php-mysql@5.3.29,5.11-5.12.0.0.0.
> 86.0:20160420T173834Z
> web/php-53/extension/php-pear@5.3.29,5.11-5.12.0.0.0.86.0:20160420T173834Z
> web/php-53/extension/php-suhosin@0.9.33,5.11-5.12.0.0.
> 0.86.0:20160420T173835Z
> web/php-53/extension/php-tcpwrap@1.1.3,5.11-5.12.0.0.0.
> 86.0:20160420T173836Z
> web/php-53/extension/php-xdebug@2.2.0,5.11-5.12.0.0.0.
> 86.0:20160420T173837Z
> web/php-53/extension/php-zendopcache@7.0.2,5.11-5.12.0.0.0.86.0:20160420
> T173838Z
>

Re: [lopsa-discuss] Multi-Factor Authentication - Who's the Best

Re: [lopsa-discuss] Multi-Factor Authentication - Who's the Best

Re: [lopsa-discuss] solaris pkgrecv - it sucks...

3 matches

Site Navigation

Mail list logo

Footer information