Central location for ssh authorized public keys?

Similar Messages

• Networking iTunes and central location for music

  Starting to get really frustrated with something I think should be simple. We have multiple computers in our home and a Mac Mini server I'd like to use for a centralized location for ALL of our iTunes music. I've created a shared media library for all of the media I've downloaded to the server and can see it on all of the computers. HOWEVER, we just made our first iTunes purchase since setting this all up, only to discover we can't download music directly to the server - we have to download it to the individual computer, copy it to the server, then manually add it to the server's library. ***?
  There's got to be a better way to do this. Can't we have all of the computers in the house reading from the server, and when new music is added set it all to go to the same library on the server that updates automatically when new files are added? Anyone help?
  Thanks.

  Jolly Giant wrote:
  while you wait for your feature request(s) to be implemented, you might want to have a look @ this (rather old, to be sure) article.
  And make sure to read all the comments posted at the end of that article; there are a number of sad stories of users who didn't heed the restrictions and others who were confused by the typos and poor editing of the story (particularly the complication produced by the unnecessary use of DropBox in the procedure.)
  -Steve

• Central location for MIMEs ???

  I am using BSPs in CRM. There are many BSPs (about 100 to 150) that use the same .CSS(Cascading style sheet) file.
  I have included this .CSS file in all 100 BSPs (in the MIMEs)
  I want to know if I can store them at a centralized location and access them from this centralized location (so that I donot have to include them in each and every BSP application) ???????????
  Regards,
  Ashish Walke

  Hi,
  You can access MIME Objects from BSP Application to another or store it in the PUBLIC Directory...
  For a detailed information on MIME Repository, refer to this <a href="http://help.sap.com/saphelp_nw04/helpdata/en/46/bb182fab4811d4968100a0c94260a5/frameset.htm">Help Topic</a>
  Hope this helps...
  <i>Do reward each useful answer..!</i>
  Thanks,
  Tatvagna.

• Remote login via ssh and public keys

  I'm not exactly a UNIX expert, but I need to be able to remote login to my PowerBook. The problem with enabling ssh is that as soon as I'm on campus, all kinds of nefarious hosts try brute force attempts to crack my password. I've heard that public/private key logins are the answer, and I've managed to get the public key in the right place on my PowerBook (the private key resides on my iPhone, from which I'll be logging in). But I have two questions:
  1) How do I disable logins via user/password?
  2) When I use my private key, I'm asked to enter the password for the key -- ssh isn't properly storing that password. I've checked permissions, but how can I get ssh to store that password, as it should?

  1) In Sharing > Remote Login, do I still need an account listed to be able to use ssh logins with a public key? I ask because currently (i.e. password authentication enabled), when no accounts are listed, login via public key doesn't work. In other words, an account has to be listed for public key logins to work.
  Yes you still need an account name to login to that computer. However you don't need to specify an account in the sharing preferences. You can lock down the security further by limiting which user accounts can login via ssh.
  by default if you don't specify a username when you login it will use the username of the device your logging in from. So to use an alternative login name you would use
  ssh [email protected]
  whereas john can be anyname or your choosing.
  Put another way: if turn off password authentication for ssh in sshd_config, how should Sharing > Remote Login be configured?
  If you turn off password authentication you still need to allow your user account to login via ssh in the sharing preferences or you can allow all.
  2) According to that MacOS X Hints article:
  "Leopard has now a built-in support for SSH authentication with public keys.
  OSX has been able to use ssh public key authentication since day 1 of the beta release of osx. It is not new to leopared it has been around for years.
  Just open Terminal and ssh to your public-key-enabled server. A Keychain window appears, proposing you to enter the pass phrase, and then remembering it in your keychain. "
  I have not used this functionality as I don't use any passwords for ssh logins.
  They're talking about the password associated with the key. But on second thought, that password is being saved on the client, not the server, right?
  I am sure this is the case.

• Just need a central location for itunes music

  Have itunes10 running on a laptop, with two users on it. Let call them usera and userb. When userb imports a cd usera can't see it even though I've updated both users itunes media folder location to c:\users\public\music
  The same laptop is authorized and home sharing is on.
  Whats going on here?

  In iTunes, right-click on the song of interest, then click Show in Windows Explorer. This will open the relevant folder.
  tt2

• Central location for IPhone apps

  Hi,
  My company has recently rolled out I Phones to all members of staff as our new business phones.
  My director has asked me to look into the possibility of having a central store for apps that can be shared amongst the staff. For example the technical staff use the telnet app from the store, does each member of staff need to buy it or is there a way that it can be bought once by the company and then be shared out to the members of staff?
  Hope I have managed to get my question across correctly!

  Yes, you have. However, that's not an option. There are three modes of app distribution:
  1) The iTunes App Store
  2) Ad-hoc distribution - for developers, limited to 100 copies
  3) Enterprise distribution - via a corporate server, for organizations with 500+ employees and only for internally developed apps
  For 3rd party apps already on the App Store, each user will need to buy the app from the app store (apps are DRM-protected and linked to the iTunes Store account used to download them).

• Best practice to setup media server/central location for Itunes, Iphoto

  Hey guys,
  I currently have a Airport Extreme w/ two Western Digital My Books connected that have my Iphoto and Itunes Library.
  This is not ideal since copying things over the network is extremely slow and accessing the media(especially photo librarys) is super janky and leads to disconnects often.
  I am looking to revamp my setup. What do you guys recommend?

  Should I just get a Mac Mini and connect it to the Airport Extreme?

• What's the best way to setup a media server/central storage for all of my?

  I was wondering what the best way to achieve a central media server for all my iTunes content + iPhoto's, calendar syncing and contact sharing is? This is what I currently have:
  iMac 20" Aluminum + External HD Backup (kids)
  Macbook Black (wife)
  Macbook Pro 15" (me)
  Airport Extreme 802.11n (obvious)
  TimeCapsule 1TB (wifi backup for wife/me)
  I would like to replace my PC in my office with a brand new Mac Pro Nehalem 8-Core, 8GB Ram, and 4TB, and replace my PC laptop in my living room attached to my tv, with an Apple TV.
  I want to centralize all our Photos from vacations, etc. Music, videos, movies, that are currently split up over wife's macbook, kids imac and my macbook pro onto my soon to be purchased Mac Pro.
  I want to be able to stream everything from my living room via Apple TV for when guests come over, dinner parties, etc. (plus I love apple and it keeps things clean)
  I'm currently using MobileMe to sync all of our Calendars and Contacts with my main account, which is great, but MobileMe doesn't sync to family members accounts =
  What would I need to do to centralize all this onto my future Mac Pro so that everyone has access all the time when they are home and the key here is, modify/update/change from their machines and sync it back/update it on the Mac Pro.
  Also, I'm hoping Snow Leopard has some changes to iTunes to make this a little more possible, since we're right around the corner from this release. I don't really want to spend an additional $900+ on Snow Leopard Server to have to achieve these results, but if it makes it easier, and does the job, then I guess I might. This is all speculation though, since it's not out yet. I'd like to get this all sorted and setup within the next month.
  I was considering a Drobo, they say they can throw up iTunes Server but, I appreciate everyone for reading this, and taking the time to respond!
  Thanks!
  Message was edited

  I'm in the process of setting up a smaller (and cheaper) but somewhat similar setup to what you want to do, so maybe one example might help point you in the right direction. My needs consist of a centralized location for data storage, which will include iPhoto libraries (I keep two separate ones), iTunes (which I also want served to the home theater system), something other than my laptop to play internet videos and downloaded content on my TV, all with ideally the lowest cost and energy use possible.
  My solution was the new Mini with a FW800 external drive as the server/media hub and Airport gigabit as the network hub (it also handles the backup drive).
  FW800 is fast enough to saturate a gigabit ethernet link, so I don't consider that much of a bottleneck. The Mini then has iTunes running at all times with its centralized library on it; it is hooked to the home theater via HDMI-DVI video and optical audio, so it can play music and also handle videos when desired; Front Row with the Apple remote is close enough to an AppleTV that I think it handles that well, and it's more full-featured than an AppleTV. It can further be used to display photos/slideshows/whatever on the TV for guests or such, or to surf from the couch with a wireless mouse/keyboard. You can also toss in an EyeTV for $150 and use that as a DVR if you feel like it.
  When I want to edit photos or such on my desktop, the gigabit link is fast enough that I can run iPhoto without noticing any significant slowdown. Its also usable over wireless, though I have a dangling extra network cable to plug into a laptop for full gigabit speed if need be. iTunes, of course, shares its library, which can be played from any of the computers in the house if so desired (iPhoto can do that too if you just want to display).
  If I REALLY wanted top speed (though I've even done video editing in iMovie via ethernet without issue), I could use a third party synch app (I like Sync) to mirror any of the content from the mini server to a local drive; this works fine with anything but multi-way synching, such as address books being modified in different locations. I'd probably try to set up one of those Mobile Me clone systems or use a 3rd party app if I needed to do that.
  Again, maybe this isn't powerful enough or "synched" enough in terms of local storage for your taste, but the advantage is that a Mini uses a minute fraction of the power of a Mac Pro, so you're saving a lot on electricity if the computer will be powered up at all times as a server, and it's also a lot more full-featured as a home theater media hub than an AppleTV. And, heck, the thing is about as well equipped as my old top-of-the-line G5 tower for a 5th the cost and 1/15th the power and noise.

• Help with Multiple libraries and one storage location for files

  I cannot get an answer to this question anywhere and was really hoping that The [H] would be able to help.
  Here is my current set up that allows my wife and I to have completely independent libraries and ratings, but use the same files:
  -Shared folder with MP3s on a network drive.
  -Two PCs, each with it's own Ipod associated to it with individual libraries but all pointing to the same network share for MP3 Files.
  -Each PC is using the SAME Itunes account for downloads.
  -Each account has it's own library folder also on a network share.
  Now to my question(s)/problem with downloaded content:
  (1) Is there any way to have a file that is downloaded from Itunes be automatically placed in a shared location accessible to both Libraries? (Say if I download the latest Jack Johnson album, can it automatically show up in my wife's library and vice versa?)
  (2) Is there any way to share the album artwork versus having two copies of everything(one for each library)?
  So my goal is to have two libraries with a central location for ALL files, including anything downloaded from Itunes by each individual user. Is this possible?

  Have your wife transfer all purchases from the iPad into iTunes, backup her iPad and then sync with iTunes. Everything ... All media and other content will be available in that iTunes library and she will have a current backup.
  Assuming that your son will still be sharing your wife's Apple ID (he is too young to have one of his own) .... When you set up his iPad, restore the iPad from your wife's backup and then select only the content that you want your son to have on his iPad in the iTunes library and then sync that iPad with iTunes.
  The game progress is stored in the backup and should transfer onto his device when you restore from your wife's backup. You can always delete any content (apps, movies, music) that you don't want your son to have on the iPad, if you missed it when you synced with iTunes after setting the device up for him.
  You can set your sync preferences - any way that you want to - for both devices and still use the same iTunes library for both iPads. So ... Yes you can sync any apps that you want to his iPad and any apps that your wife wants to her iPad. You just need to restore your son's iPad from your wife's backup in order to get his game progress onto his iPad.
  In case you need these....
  Transfer purchases.
  http://support.apple.com/kb/HT1848
  How to backup and restore from a backup
  http://support.apple.com/kb/HT1766
  Remember to have your wife backup her iPad just before you restore his iPad from the backup so that his most recent progress will be available in the backup.

• How to copy all video sources to one central location?

  Hello
  Having picked up excellent tips from the forums and now overcome my initial hiccups I am now running Premiere Elements 8 very successfully and am, delighted with the results BUT I still have a nagging query.
  I am using a USB memory stick and an external HDD to bring video sources into my project to be editied and rendered. This works fine but of course whenever I want to amend the project, I need to plug in these devices again, no problem until one day in the future I don't have that particuilar stick or drive!!!!!
  Simple question is : How do I copy all these resources to one central location for current and future use please?
  I suppose this is a dumb question but please take in to account I'm a keen but very green newbie!!!  Many thanks in advance,
  Paul (UK)

  Steve, I just went through your Basic Training toturial and I have to say it was one of the clearest, well paced and immediately understandable series I've seen yet. You cover it all quickly and logically and I now see where I made soooooooooo many mistakes. Haven't Adobe head hunted you yet? One minor suggestion. . .  being a Brit, PAL is our standard and, because you have all nationalities viewing your material, it might be helpful for the PAL area to be mentioned in the initial project set up too. I know about PAL and NTSC but others may not. Hope you don't mind this tiny point? I can't thank you enough for the guidance you've given me already  . . . you're a very patient guy with us newbies! Thanks.
  Bill, thanks for the "thumbs up" too on those Harm set ups, it's good to get confirmation from someone who's done it and proved the case. I don't have RAID either but the settings below that level are perfectly fine for me. I'm really looking forward to my next, properly configured project.
  Thanks Bill

• ASA 8.4+ RSA Public Key for SSH user authentication

    I have seen in the configuration guide and a separate post in the support community that RSA Public Key authentication is support for SSH sessions in 8.4 and after.  I have tried implementing this on both an 8.4 ASA and a 9.1 ASA and I get the same error on both.  I have tried specifying SSH version 2 to see if that is the issue but I still get the error.  Is there a step I am missing?
  Here is the output of the configuration commands:
  ciscoasa(config)#username test nopassword privilege 15
  ciscoasa(config)#username test attributes
  ciscoasa(config-username)# ssh authentication publickey
                               ^
  ERROR: % Invalid Hostname
  The links referenced above:
  https://supportforums.cisco.com/thread/2150480
  http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_aaa.html#wp1053558
  http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/aaa_servers.html#wp1176050
  Thanks!

  That would be great if the resolution was that simple.  I am using a public key I generated using the putty key generator.  Below is the key I would use if I got that far.  However I get an error on the "ssh authentication publickey" attribute so I never get the chance to enter a public key.  What code version and hardware version are you running that this worked on?
  AAAAB3NzaC1yc2EAAAABJQAAAIEA2h00RCKBbpbrTWSe/3TYAvRpkJz7tLwQDCf9
  4fDJUWUGrmxXHeomuBhNGZh7tyfFjRL2CKY6nWmFyKN/eDm0PF4IWhhCArzOPVDu
  q7Nu2y/pD8wWH8dH4a3zRpkLSekNJtH6lzuqmY0zqz9TnZlpS6g4LI1a+lOGSmhU
  /HySw9s=
  ciscoasa(config)#username test nopassword privilege 15
  ciscoasa(config)#username test attributes
  ciscoasa(config-username)#ssh ?
  configure mode commands/options:
    Hostname or A.B.C.D  The IP address of the host and/or network authorized to
                         login to the system
    X:X:X:X::X/<0-128>   IPv6 address/prefix authorized to login to the system
    scopy                Secure Copy mode
    timeout              Configure ssh idle timeout
    version              Specify protocol version to be supported
  exec mode commands/options:
    disconnect  Specify SSH session id to be disconnected after this keyword
  ciscoasa(config-username)# ssh
  ciscoasa(config-username)# sh ver | in Ver
  Cisco Adaptive Security Appliance Software Version 9.1(1)
  Device Manager Version 7.1(1)52
  ciscoasa(config-username)#

• BizTalkServer 2010 SFTP Adapter from CodePlex - Configuring send and receive locations with SSH public and private keys

  Hi there,
  I am looking for step by step instrcutions on how to configure SFTP Codeplex adapter for both receive and send ports.
  Out business partner with whom we push/poll the files from wants us to use SSH encryption/decryption etc.
  Just wondering if the following functionality is supported in Codeplex SFTP adatper without having to write any code.
  Appreciate if there is manaul to do this for SFTP. BTW I do have all the our public and private keys and business partners Public key for configuring.
  For Send port: 1. we would need to encrypt the file with our business partners public key
                        2. sign the file with our private key.
                        3. Send the file through to SSH client which eventually transfers to Remote server.
  Receive port:   1. Connect to SSH Server with SSH-2 key and receive the file
                        2. Verify the file's digital signature agaisnt the Business partners PGP public key
                        3. Decrypt the file using our PGP Public key
  Thanks in advance

  Yes it is supported.
  You can find its documentation in this link 
  You can find section X.509 Certificate Identity Keys
  You can set public and private key in property SSH Identity thumbprint  of send and receive port
  I prefer to test it using client tool like
  FileZilla or WinSCP then test it using sftp adapter
  When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer

• Error.  Cannot install public key for specified user

  I'm getting "Error. Cannot install public key for specified user" when trying to add a public ssh key for a service processor user on a V20z. I've tried it for different users and still get the error. The same operation works fine on a V40z. Any help would be appreciated.

  That would be great if the resolution was that simple.  I am using a public key I generated using the putty key generator.  Below is the key I would use if I got that far.  However I get an error on the "ssh authentication publickey" attribute so I never get the chance to enter a public key.  What code version and hardware version are you running that this worked on?
  AAAAB3NzaC1yc2EAAAABJQAAAIEA2h00RCKBbpbrTWSe/3TYAvRpkJz7tLwQDCf9
  4fDJUWUGrmxXHeomuBhNGZh7tyfFjRL2CKY6nWmFyKN/eDm0PF4IWhhCArzOPVDu
  q7Nu2y/pD8wWH8dH4a3zRpkLSekNJtH6lzuqmY0zqz9TnZlpS6g4LI1a+lOGSmhU
  /HySw9s=
  ciscoasa(config)#username test nopassword privilege 15
  ciscoasa(config)#username test attributes
  ciscoasa(config-username)#ssh ?
  configure mode commands/options:
    Hostname or A.B.C.D  The IP address of the host and/or network authorized to
                         login to the system
    X:X:X:X::X/<0-128>   IPv6 address/prefix authorized to login to the system
    scopy                Secure Copy mode
    timeout              Configure ssh idle timeout
    version              Specify protocol version to be supported
  exec mode commands/options:
    disconnect  Specify SSH session id to be disconnected after this keyword
  ciscoasa(config-username)# ssh
  ciscoasa(config-username)# sh ver | in Ver
  Cisco Adaptive Security Appliance Software Version 9.1(1)
  Device Manager Version 7.1(1)52
  ciscoasa(config-username)#

• Ssh public keys in LDAP

  Perhaps my question is answered elsewhere in these forums, but I have not been able to find it.
  My question is... Is it possible for LDAP accounts to login to a solaris 10 box using public key authentication with the sun native ssh server/client when the ssh keys are also in LDAP? I am currently using the following software...
  Sun Directory server 6.3.1
  Sun_SSH_1.1
  Solaris 10
  I have read on a possible openssh solution with openldap but to convert to an open solution is not a possibility.
  I am not looking to implement kerberos either.
  Thank you for any response.
  Joe

  SSH keys are driving me a little crazy too. I would agree that it would be quite nice to get some type of central repository for them. Unfortunately I have nothing to offer in this regard...

• SSH public key issue?

  Hi all,
  I've been trying to set up public key authentication for SSH recently, and have come across a problem which has left me stumped. I want to be able to SSH into computer A (iBook G4, 10.5.1) from computer B (iMac G4, 10.5.0), and vice versa. At the moment, both these machines are on the same LAN, and SSH-ing to their respective local addresses works fine - A can connect to B, and B can connect to A (e.g. ssh -l username computerA.local). So far so good.
  The end goal is to allow SSH access between my two machines over the web, using No-ip.com's dynamic DNS app. Both machines have this daemon installed and running. When SSh-ing to the machines using their no-ip DNS names (e.g. ssh -l username computerA.no-ip.org) for some reason connecting from B to A works fine, but from A to B throws up a "Permission denied (publickey)" error.
  As far as I'm aware, I've set up all the ssh_config and sshd_config files on both machines correctly, specifying the correct protocols and key files, and neither machine is firewalled. Both are running OpenSSH 4.5p1.
  Can anyone think of a reason why this is happening?
  Thanks in advance,
  Pete

  Are both A and B behind the same home router? If so, it is likely that both the computerA.no-ip.org IP address is the same as the computerB.no-ip.org IP address, and you have only configured your home router to forward ssh connections to computerA.no-ip.org.
  You home router would typically only have 1 internet WAN IP address. The no-ip client is going to figure out the router's WAN IP address and give that address to computerA.no-ip.org and computerB.no-ip.org DNS names.
  If my guess is correct, then when telling A to connect to B, the name lookup for B gives an IP address which is your router, and your router then forwards port 22 traffic to back to A, and since you most likely have not put A's ssh .pub key into A's .ssh/authorized_key2 file, it fails to connect.
  One way to verify my guess is to ask http://whatismyip.com from both A and B. If you get the same IP address, then computerA.no-ip.org and computerB.no-ip.org DNS names will have the same IP address and thus from the DNS name level there is no way to tell the difference between computerA.no-ip.org and computerB.no-ip.org.
  Again, if I am correct, then what you want to do is configure your router to
  forward port 22100 to A port 22
  forward port 22101 to B port 22
  Then when you want to make an ssh connection use
  ssh -p 22100 [email protected]
  ssh -p 22101 [email protected]