Re: [SECURITY] [DSA 1249-1] New xfree86 packages fix privilege escalation
On Tue, Jan 16, 2007 at 12:41:55PM +1300, Dale Allan ([EMAIL PROTECTED]) wrote: > Hi, > > I'm afraid that spam has become such a problem that I have resorted to > using Zerospam, and as a result, a recent email that you sent me has > been quarantined. > I'm afraid that backscatter from this sort of anti-spam problem has become such a problem that I've resorted to asking [EMAIL PROTECTED] to remove your subscription from debian-security-announce. As a result, your emails won't even get to quarantine. > If you intended to send me this mail, then please click the link below > to add yourself to my trusted address list. It only takes a few > seconds, and you only have to do this once. > If you didn't intend to spam a large list of recipients, please don't resubscribe, or put in a whitelist that obeys the Precedence header properly. > I'm sorry for any inconvenience caused. > So am I. As a note to others who may see this: please make sure you're careful when setting up things like this and automatic vacation notices. Neil -- 10 people enough for a Debconf? If they were all Germans, maybe... signature.asc Description: Digital signature
Re: Allow password auth for one user with sftp?
On Tue, Jan 16, 2007 at 09:23:31AM +0100, Maik Holtkamp wrote: > > Public keys can be stolen too. If you consider this a risk, you should > > [Typ|Brain]o? > > s/Public/Private/ Okay, I had a long day, but this really sounds stupid ;) Please read it as "The *private* key used for ssh public key authentication..." Michel signature.asc Description: Digital signature
Re: Allow password auth for one user with sftp?
On Tue, 2007-01-16 at 09:23 +0100, Maik Holtkamp wrote: > Hi, > > Michel Messerschmidt wrote/schrieb @ 15.01.2007 20:39: > > [...] > > > Public keys can be stolen too. If you consider this a risk, you should > > [Typ|Brain]o? > > s/Public/Private/ My thoughts exactly... stealing and placing *MY* public key means *I* get more access or they can communicate with me in encrypted format. I guess, a stolen public key is like a "Free Information Brochure", only good to those that will understand and use it to contact me or want to have me do something for them. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part
Re: Allow password auth for one user with sftp?
Hi, Michel Messerschmidt wrote/schrieb @ 15.01.2007 20:39: [...] > Public keys can be stolen too. If you consider this a risk, you should [Typ|Brain]o? s/Public/Private/ or what problem should arise from spreading public keys? -- - maik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]