[Bug 512110] Re: gssd regression, "Program lacks support for encryption type"
"the NFS folks have have multiple years to implement something stronger than DES. Unlike with OpenAFS, the protocol has been quite clear; it's purely a matter of writing code." Yeah, the code is finally merged for 2.6.35, but that took longer than it should. (If you know anyone interested in funding NFS security work) -- gssd regression, "Program lacks support for encryption type" https://bugs.launchpad.net/bugs/512110 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 512110] Re: gssd regression, "Program lacks support for encryption type"
"We're adding an API to krb5 to fix this for OpenAFS. Because of the way the API is constructed, it's very difficult for GSSD to actually call it." Do you have a pointer to the details? -- gssd regression, "Program lacks support for encryption type" https://bugs.launchpad.net/bugs/512110 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 503467] [NEW] vmbuilder default account not well-documented
*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: python-vm-builder I created a new kvm guest using vmbuilder (following, if I remember correctly, https://help.ubuntu.com/community/KVM/CreateGuests and/or https://help.ubuntu.com/community/JeOSVMBuilder), put it on the net without noticing that it had created a default account (with user and password both "ubuntu") and promptly got hacked by somebody running an ssh scanner. (I never needed a default account myself since I depended on the --ssh-key option to log me in to the new guest.) OK, my mistake: something as simple as "ls /home" would probably have been enough to alert me to the problem; and https://help.ubuntu.com/community/JeOSVMBuilder does mention the default at some point (though not very prominently). In my defense: vmbuilder appeared to be the preferred way to create kvm guests from the commandline, and it's somewhat surprising that it would by default create guests that were unsafe to put on the network. Since this appears to be a property of one of the included templates, not of vmbuilder itself, I'm not sure where this is best documented. The ideal might be if vmbuilder could warn the user about the default and require positive confirmation before proceeding ("are you sure you want this (y/n)?"). ** Affects: vm-builder (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- vmbuilder default account not well-documented https://bugs.launchpad.net/bugs/503467 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vm-builder in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 313575] Re: VMBuilder/vm.py crash on an alpha char in numeric constant
By trial and error I found a minimal commandline that would reproduce the problem for me was: "vmbuilder kvm ubuntu --ip=141.212.112.9" -- VMBuilder/vm.py crash on an alpha char in numeric constant https://bugs.launchpad.net/bugs/313575 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vm-builder in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs