Search Results

Search found 4906 results on 197 pages for 'ssh tunnel'.

Page 51/197 | < Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >

• How Ubuntu cloud version enforces the "no root login" over ssh ?

  - by Maxim Veksler

  Hello, I'm looking to tweak ubuntu cloud version default setup where is denies root login. Attempting to connect to such machine yields: maxim@maxim-desktop:~/workspace/integration/deployengine$ ssh [email protected] The authenticity of host 'ec2-204-236-252-95.compute-1.amazonaws.com (204.236.252.95)' can't be established. RSA key fingerprint is 3f:96:f4:b3:b9:4b:4f:21:5f:00:38:2a:bb:41:19:1a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ec2-204-236-252-95.compute-1.amazonaws.com' (RSA) to the list of known hosts. Please login as the ubuntu user rather than root user. Connection to ec2-204-236-252-95.compute-1.amazonaws.com closed. I would like to know where this is setup and how I can change the printed message? Thank you, Maxim.

  Read the article

• Why do I get "Permission denied (publickey)" when trying to SSH from local Ubuntu to a Amazon EC2 se

  - by Vorleak Chy

  I have an instance of an application running in the cloud on Amazon EC2 instance, and I need to connect it from my local Ubuntu. It works fine on one of local ubuntu and also laptop. I got message "Permission denied (publickey)" when trying to access SSH to EC2 on another local Ubuntu. It's so strange to me. I'm thinking some sort of problems with security settings on the Amazon EC2 which has limited IPs access to one instance or certificate may need to regenerate. Does anyone know a solution?

  Read the article

• How can I remove the ssh last login info?

  - by Gnijuohz

  Whenever I log into a server using ssh. The prompt gives me "last login" information. I was wondering where this information comes from. How can I remove this record so when someone else log into the same server, the person would see my login info with my ip in it? So how can I do this? For the record, I am not hacking someone's computer and the server runs Ubuntu 12.04. EDIT: which file logs this kind of information? If I find the file, then I can do anything to it as root. Thanks.

  Read the article

• The cd command using variable to mapped NFS volume within ssh in linux script is not working

  - by Bhavya Maheshwari

  I have to do the following from within a bash script. The /VMNFS/ folder is present on linux box, from where script is run, and is mapped to the machine into which i am ssh'ing, as an NFS at /vmfs/volumes/VMNFS/. The second cd command doesn't work, neither with symbolic path name nor physical pathname. Why? and How to rectify this? #!/bin/bash ssh -2 [email protected] /bin/sh <<\EOF vmfile_path=`grep / vmvar_file` datastore_path=/vmfs/volumes/VMNFS/ cd $datastore_path && echo "The present working directory is" `pwd -P` esxi_vmfile_path_sub=`pwd -P` && echo "variable value is" $esxi_vmfile_path_sub esxi_vmfile_path=`echo $vmfile_path | sed "s:/VMNFS:$esxi_vmfile_path_sub:"` cd "$esxi_vmfile_path" EOF ***Output***: The current working directory is /vmfs/volumes/65335ec4-46d12e41 variable value is /vmfs/volumes/65335ec4-46d12e41 can't cd to /vmfs/volumes/65335ec4-46d12e41/TPAE7.5/

  Read the article

• SSH from Windows hangs when using insert mode in vim on Dreamhost: Why?

  - by cletus

  I have SSH set up using Cygwin on Windows XP SP3 to Dreamhost. It works fine except that when I edit a file with vi and use insert mode (eg press 'i' and type in some stuff). I then try and hit escape and ZZ to save/exit and it hangs instead. My edits aren't saved and I have to kill the session (locally) and kill the vi process on Dreamhost. This is highly annoying. It's not reliable either. Sometimes it does work. Also, this happens with PuTTY too.

  Read the article

• Is it possible to connect these machines with ssh tunnels or another mechanism?

  - by frankc

  I am physically on a machine that is behind a firewall and cannot be ssh'd into. Let's call that PC. PC can connect out to two machines, one on AWS and one that is part of a vpn connection, call them A and V, respectively. A and V cannot talk to each other directly. I need to frequently move files between A and V and have been doing this by scp'ing to PC and then scp'ing from pc. Is there a better way to do this? A and V are linux but PC has cygwin.

  Read the article

• Get name (address) of computer from which from which SSH login was made.

  - by amicitas

  After logging onto a linux machine via SSH, I would like to be able to retrieve the name of the computer from which the connection was made. Ideally I am looking for some command like hostname or uname but that would retrieve the name of the client instead of the host. This information must be accessible somewhere, since when I log on I get a message that contains the clinent name from the last login: Last login: Thu Mar 11 18:42:01 2010 from my.address.com The reason for wanting to do this is to be able to take different action in my .login file depending on which computer I am using for connection is from.

  Read the article

• Started an application through SSH, command line now gone, what happens next?

  - by Chris Dutrow

  Context: This is a very basic question Using Putty and SSH for the first time to do some serious server setup and run into the situation where I have started a process that I do not want to stop. The process is the gunicorn WSGI HTTP Server (running on Centos 6.3). The command I used to start the process is (as per their Quick Start): gunicorn -w 4 myapp:app At this point in the work session, I have lost the command prompt. This must be such a non-issue that it doesn't even enter into an experienced user's consciousness. But unfortunately at my level of experience, I am left with several fundamental questions: Does the fact that I have lost the command prompt mean that the process is still running? How do I get back to the command prompt without killing the process? How do I come back and monitor the process later? How do I eventually kill the process? Any help is appreciated, thanks so much!

  Read the article

• Is it possible to log a user in a remote computer using ssh?

  - by El_Hoy

  I want to connect to a server via ssh and log in (remotely) a user in X11 (gdm). A little context: I need to install a wine application in 30 computers, but wine require X11, there is nobody loged there, so wine does not work properly. I want to remotely login in display=:0.0 a user so this user receive the window (it only start and close), there i need to ()neThere is no one logged on there. I need to start a graphical app there (wine installer) but I cannot because it needs a display with X11 (to open a wineconsole). Resumen: Is it posible to log a user remotely on X11

  Read the article

• How could I shutdown, over my network, with one click?

  - by DeLiK

  The question is simple. What would be the script I would have to use to shut down a computer in my network thru ssh. Normaly i would go to command line and: ssh desktop delik@desktop's password: delik@desktop:~$ sudo shutdown -P 0 To power on I created a file and wrote: wakeonlan xx:xx:xx:xx:xx:xx And gave it the executable bit That way to power on it requires only a double click. Would i be capable of doing the same to shutdown?

  Read the article

• How do I start "Ubuntu classic desktop" (no effects) from the command line

  - by Andrew Stern

  I am able to run sessions over an ssh connection but I rather use the "Ubuntu classic desktop (no effects)" version on Ubuntu 11.04 instead of the new Unity since I don't have 3d support on the laptop I'm using to display the graphical User Interface. How can I startup the older gnome-session without the 3d effects? I tried gnome-session but it seems to be the option with the 3d effects and I want a more stripped down session over my ssh session.

  Read the article

• How to set up an rsync backup to Ubuntu securely?

  - by ws_e_c421

  I have been following various other tutorials and blog posts on setting up a Ubuntu machine as a backup "server" (I'll call it a server, but it's just running Ubuntu desktop) that I push new files to with rsync. Right now, I am able to connect to the server from my laptop using rsync and ssh with an RSA key that I created and no password prompt when my laptop is connected to my home router that the server is also connected to. I would like to be able to send files from my laptop when I am away from home. Some of the tutorials I have looked at had some brief suggestions about security, but they didn't focus on them. What do I need to do to let my laptop with send files to the server without making it too easy for someone else to hack into the server? Here is what I have done so far: Ran ssh-keygen and ssh-copy-id to create a key pair for my laptop and server. Created a script on the server to write its public ip address to a file, encrypt the file, and upload to an ftp server I have access to (I know I could sign up for a free dynamic DNS account for this part, but since I have the ftp account and don't really need to make the ip publicly accessible I thought this might be better). Here are the things I have seen suggested: Port forwarding: I know I need to assign the server a fixed ip address on the router and then tell the router to forward a port or ports to it. Should I just use port 22 or choose a random port and use that? Turn on the firewall (ufw). Will this do anything, or will my router already block everything except the port I want? Run fail2ban. Are all of those things worth doing? Should I do anything else? Could I set up the server to allow connections with the RSA key only (and not with a password), or will fail2ban provide enough protection against malicious connection attempts? Is it possible to limit the kinds of connections the server allows (e.g. only ssh)? I hope this isn't too many questions. I am pretty new to Ubuntu (but use the shell and bash scripts on OSX). I don't need to have the absolute most secure set up. I'd like something that is reasonably secure without being so complicated that it could easily break in a way that would be hard for me to fix.

  Read the article

• host key verification failed from "connect to server" utility

  - by rambo

  I am able to use SSH from terminal but I am not able to use it from "connect to Server.." utility. it is showing the error in the dialog box as below: Cannot display location "sftp://[email protected]:PORT/ "Host key verification failed" why so? from terminal using below command I am able to access the server: ubuntu# ssh -p 2222 [email protected] Description: Ubuntu 10.04.4 LTS Release: 10.04 Codename: lucid any help please. thank you in advance.

  Read the article

• GRE Tunnel over IPsec with Loopback

  - by Alek

  I'm having a really hard time trying to estabilish a VPN connection using a GRE over IPsec tunnel. The problem is that it involves some sort of "loopback" connection which I don't understand -- let alone be able to configure --, and the only help I could find is related to configuring Cisco routers. My network is composed of a router and a single host running Debian Linux. My task is to create a GRE tunnel over an IPsec infrastructure, which is particularly intended to route multicast traffic between my network, which I am allowed to configure, and a remote network, for which I only bear a form containing some setup information (IP addresses and phase information for IPsec). For now it suffices to estabilish a communication between this single host and the remote network, but in the future it will be desirable for the traffic to be routed to other machines on my network. As I said this GRE tunnel involves a "loopback" connection which I have no idea of how to configure. From my previous understanding, a loopback connection is simply a local pseudo-device used mostly for testing purposes, but in this context it might be something more specific that I do not have the knowledge of. I have managed to properly estabilish the IPsec communication using racoon and ipsec-tools, and I believe I'm familiar with the creation of tunnels and addition of addresses to interfaces using ip, so the focus is on the GRE step. The worst part is that the remote peers do not respond to ping requests and the debugging of the general setup is very difficult due to the encrypted nature of the traffic. There are two pairs of IP addresses involved: one pair for the GRE tunnel peer-to-peer connection and one pair for the "loopback" part. There is also an IP range involved, which is supposed to be the final IP addresses for the hosts inside the VPN. My question is: how (or if) can this setup be done? Do I need some special software or another daemon, or does the Linux kernel handle every aspect of the GRE/IPsec tunneling? Please inform me if any extra information could be useful. Any help is greatly appreciated.

  Read the article

• Public-to-Public IPSec tunnel: NAT confusion

  - by WuckaChucka

  I know this is possible -- and apparently fairly common with larger companies that don't/can't route private addresses for overlap reasons -- but I can't wrap my head around how to get this to work. I'm playing around with pfSense, Vyatta and a Cisco 5505 right now, hardware-wise. So here's my setup: WEST: Vyatta outside: 10.0.0.254/24 inside: 172.16.0.1/24 machine a: 172.16.0.200/24 EAST: Cisco 5505 outside: 10.0.0.210/24 inside: 192.168.10.1 machine b (webserver): 192.168.10.2 So what we're trying to do is this: route traffic across the tunnel from machine A to machine B without using private addresses. i.e. 172.16.0.200 makes a TCP request to 10.0.0.210:80, and as far as EAST is concerned, it sees a src IP of 10.0.0.254. On WEST, I have your typical many-to-one Source NAT to translate 172.16.0.0/24 to 10.0.0.254 and that's confirmed to be working. Also on WEST, I have the following IPSec config: Local IP: 10.0.0.254 Peer IP: 10.0.0.210 local subnet: 10.0.0.254/32 remote subnet: 10.0.0.210/32 I have the reversed configuration on EAST. What happens when I make a request from machine A to 10.0.0.210:80 is that the SNAT translates the private address of machine A to 10.0.0.254 and it's routed out (and discarded at the other end) without establishing the tunnel. What I'm assuming is happening is that the inside interface on WEST receives a packet from 172.16.0.200 and since this doesn't match the local subnet defined in the tunnel configuration, it's not processed by the IPSec engine and the tunnel is not established. How do you make this work? Seems like a chicken and egg thing with the NAT and IPSec and I just can't wrap my head around how this can be done: can I say, "if a packet is received on the inside interface with a destination of 10.0.0.210, translate it to 10.0.0.254 before the IPSec engine inspects it"?

  Read the article

• Single application through OpenVPN tunnel (Debian Lenny)

  - by mikael

  I'm using Debian Lenny and I want to tunnel rtorrent only through a OpenVPN tunnel. I have a tunnel running, the config file looks like this: client dev tun proto udp remote openvpn.xxx.com 1194 resolv-retry infinite nobind persist-key persist-tun ca /etc/openvpn/xxx/keys/ca.crt cert /etc/openvpn/xxx/keys/client.crt key /etc/openvpn/xxx/keys/client.key tls-auth /etc/openvpn/xxx/keys/tls.key 1 ns-cert-type server comp-lzo verb 3 auth-user-pass script-security 3 reneg-sec 0 My idea is that I could run a sockd proxy internally that redirects traffic to the openvpn tunnel. I could use the *nix "proxifier" application "tsocks" to make it possible for rtorrent to connect through that proxy (as rtorrent doesn't support proxies). I have trouble configuring sockd as my IP inside the VPN changes every time I connect. This is a config file someone said would help: http://ircpimps.org/sockd.conf As my IP changes at each connect I don't know what to put in that config file. I have no control over the host side config file. Any help wanted. Any other method is very welcome.

  Read the article

• Using public interfaces on a server connected through a GRE tunnel

  - by Evan

  I'm pretty new to networking so please forgive any terminology mistakes. I have 2 servers connected with a GRE tunnel. Server1 (10.0.0.1) ---- Server2 (10.0.0.2) I want to be able to bind to the public IPs on Server2 using Server1. To do this, I setup virtual interfaces with Server2's public IPs on Server1 and then used routing rules on Server1 to route the packets through the GRE tunnel. On Server1: ip rule add from [Server2's first public IP] table gre ip rule add from [Server2's second public IP] table gre ip route add default via 10.0.0.2 dev gre1 table gre This works great and I can see the packets arriving via GRE on Server2. I can see the packet exiting the tunnel on Server2's gre1 device as shown: From Server1: ping -I [Server2's public ip] google.com tcpdump from Server2's GRE tunnel device: 12:07:17.029160 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) [Server2's public ip] > 74.125.225.38: ICMP echo request, id 6378, seq 50, length 64 This is exactly the packet I want. However, I'm not seeing it go out at all on eth0:0 (where Server2's public IP is bound to). I've tried to use routing rules to get packets coming from Server2's public IP (which would be coming out of dev gre1) to go through dev eth0 on the public default gateway and that doesn't work either. I'm at a loss, thank you to anyone who can help.

  Read the article

• OpenVPN IPV6 Tunnel Radvd

  - by Arenstar

  Hello.. I have an interesting question regarding ipv6 + openvpn.. My Version is OpenVPN 2.1.1 i have been given a native /64 ipv6 network ( for this example 2001:acb:132:acb::/64 ) The plan was/is, route this block through openvpn and into an office ( for testing purposes ) Soo to explain.. I have a Centos Box as the first linux "router" in a datacenter & a Ubuntu box as the second linux "router" in the office I have created a simple point-to-point tunnel using tun ( based off ipv4 address to start the tunnel ) I have assigned to Centos /sbin/ip addr add fed1::1/128 dev eth0 /sbin/ip addr add fed2::2/128 dev tun0 /sbin/ip route add 2001:acb:132:acb::/64 dev tun0 ## ipv6 Block down the tunnel /sbin/ip route add ::/0 dev eth0 ## Default out to Gateway I have assigned to Ubuntu /sbin/ip addr add fed1::3/128 dev tun0 /sbin/ip addr add fed1::4/128 dev eth0 /sbin/ip route add 2001:acb:132:acb::/64 dev eth0 ## ipv6 Block down to eth0 /sbin/ip route add ::/0 dev tun0 ## Default up the tunnel I have also included on both servers.. sysctl -w net.inet6.ip6.forwarding=1 Looks Good... right??? Wrong.. :( I am not able to ping fed1::1 from fed1::4 (Ubuntu) (can ping :4,:3,:2) However, i can ping fed1::1 fed1::2 from :3 ?????? ( very strange ) I am able to access the internet from any ipv6 interface on the Centos Box but clearly not from the Ubuntu box.. Further, i will eventually run radvd on the Ubuntu box eth0, and autoconf the network with ipv6 address's Anyone with some advice / tips to help me out.. ??? Cheers

  Read the article

• Only tunnel certain applications via OpenVPN

  - by jinjin

  Hi, I've purchased a VPN solution, it works correctly when I have "redirect-gateway def1" in the configuration file (routing all traffic through the VPN). However when I remove that line from the configuration file, I am still able to ping-out of the machine (ping -I tap0), however I cannot ping the IP assigned to the machine (it's a public ip), i get the error: Destination Host Unreachable. I only want to have certain applications sending traffic through the VPN tunnel (eg: ZNC, irssi), all of which i can select which IP they use. However they can't recieve any data, making the tunnel essentially useless to me when disabling redirect-gateway. Any ideas on how to allow specific applications use the tunnel, without of forcing everything to go through it? My configuration file is as follows: dev tap remote #.#.#.# float #.#.#.# port 5129 comp-lzo ifconfig #.#.#.# 255.255.255.128 route-gateway #.#.#.# #redirect-gateway def1 secret key.txt cipher AES-128-CBC The output of ifconfig -a when the tunnel is connected: tap0 Link encap:Ethernet HWaddr 00:ff:47:d3:6d:f3 inet addr:#.#.#.# Bcast:#.#.#.# Mask:255.255.255.255 inet6 addr: <snip> Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:612 errors:0 dropped:0 overruns:0 frame:0 TX packets:35 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:25704 (25.1 KiB) TX bytes:6427 (6.2 KiB) EDIT: the Bcast:#.#.#.# (ifconfig) is different from route-gateway #.#.#.# (openvpn) if that makes any difference.

  Read the article

• I screwed up, exit in .bashrc

  - by camel_space

  I put "exit" in my .bashrc file. I don't have physical access to the machine so to connect to it I use ssh. I don't have root privileges. Every time I connect to the server, the connection automatically closes. So far, I've tried: Overwriting .bashrc with scp and sftp. The connection closes before I can do anything. Using a few different GUI programs to access ssh (connection closes) Overwriting the file with ftp. (can't use ftp) From my home computer $ ssh host "bash --noprofile --norc" (connection closes) $ ssh host "mv .bashrc bashrc_temp" (connection closes) $ ssh host "rm .bashrc" (same thing) $ ssh host -t (connection closes) Is there anything I can do to disable .bashrc or maybe overwrite the file before .bashrc is sourced?

  Read the article

• Single application through OpenVPN tunnel (Debian Lenny)

  - by user14124

  I'm using Debian Lenny and I want to tunnel rtorrent only through a OpenVPN tunnel. I have a tunnel running, the config file looks like this: client dev tun proto udp remote openvpn.xxx.com 1194 resolv-retry infinite nobind persist-key persist-tun ca /etc/openvpn/xxx/keys/ca.crt cert /etc/openvpn/xxx/keys/client.crt key /etc/openvpn/xxx/keys/client.key tls-auth /etc/openvpn/xxx/keys/tls.key 1 ns-cert-type server comp-lzo verb 3 auth-user-pass script-security 3 reneg-sec 0 My idea is that I could run a sockd proxy internally that redirects traffic to the openvpn tunnel. I could use the *nix "proxifier" application "tsocks" to make it possible for rtorrent to connect through that proxy (as rtorrent doesn't support proxies). I have trouble configuring sockd as my IP inside the VPN changes every time I connect. This is a config file someone said would help: http://ircpimps.org/sockd.conf As my IP changes at each connect I don't know what to put in that config file. I have no control over the host side config file. Any help wanted. Any other method is very welcome.

  Read the article

• How do I tunnel an HTTPS proxy through a virtual machine (VMWare)

  - by Kyle

  I have a personal setup at home using VMWare Workstation. I also have a set of Virtual Private Machines that run Squid, and therefore provide me HTTPS proxy tunnels. Using Proxifier, I can tunnel all traffic for given applications through these tunnels. However, I also have a few virtual machines for dev/staging/experimentation/etc. I generally just use NAT to provide Internet access to the machines, and if I need to use these proxies, I can just setup Proxifier (or a Linux equivalent) to pipe the traffic through them. No problem. But... I got to thinking: Wouldn't it be great if I could assign these proxy tunnels to a virtual machine, so that when I start up the VM, it has instant-on access through the tunnel and not my local connection? (EDIT: Of course, it would USE my local connection, but it would tunnel traffic through the proxy.) To be more clear: I want a solution that binds the proxy to a VM, so that when I start the VM, I don't have to use a proxy client to connect to the tunnel - I am already piping all traffic from that VM through that proxy. I did a bit of searching, and the closest thing I could find was this: How to route public static IP to a virtual machine on a vmware ESXi host? Which wasn't all that applicable. The proxies are protected by user/pass but do not filter by IP. Again, they are HTTPS proxies setup through Squid. Any ideas on how to make this happen? Thanks a ton.

  Read the article

• How do I edit files in the console when connecting to windows 7 via ssh?

  - by Alex Waters

  I am using tunnelier client and server to connect to a windows machine. I can get in and have access to all of the files on the computer. I have vim installed on that windows machine, but I can't seem to edit anything via the DOS command line. I also tried editing in notepad, but nothing happens when I enter the command. I think this might be the part where DOS doesn't behave like bash. Would I need to setup cygwin / openssh to accomplish this? (boo, tunnelier is so easy) Thanks! p.s. I know I could just use sftp and edit files that way, but it feels dirty.

  Read the article

• SSH public key authentication -- always require users to generate their own keypair?

  - by schinazi

  I was working with a partner today that I needed to upload files to my server using scp. I have passwords turned off in the server's SSH configuration, so I wanted them to use public key authentication. I generated the keypair for them on the server and gave them the private key and put the public key in the appropriate authorized_keys file. After a bunch of problems with them setting up their job, they finally got a more experienced sysadmin involved on their end, and he scolded me for handling the key generation this way. He said that by giving them a private key generated on my system, I had enabled them to do a brute-force attack against other keys generated on the same server. I even asked him "so if I have an account on a server, and I can log in with a password but I want to automate something and I generate a keypair on that system, does that then give me an attack vector for brute forcing other users' keys?" and he said yes. I've never heard of this, is it true? Can anyone point me to a discussion of this attack? Thanks in advance.

  Read the article

• What's the difference between Host and HostName in SSH Config?

  - by Bill Jobs

  The man page says this: Host Host Restricts the following declarations (up to the next Host keyword) to be only for those hosts that match one of the patterns given after the keyword. If more than one pattern is provided, they should be separated by whitespace. A single `*' as a pattern can be used to provide global defaults for all hosts. The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name before matching). A pattern entry may be negated by prefixing it with an exclamation mark (`!'). If a negated entry is matched, then the Host entry is ignored, regardless of whether any other patterns on the line match. Negated matches are therefore useful to provide exceptions for wildcard matches. See PATTERNS for more information on patterns. HostName HostName Specifies the real host name to log into. This can be used to specify nicknames or abbreviations for hosts. If the hostname contains the character sequence `%h', then this will be replaced with the host name specified on the command line (this is useful for manipulating unqualified names). The default is the name given on the com- mand line. Numeric IP addresses are also permitted (both on the command line and in HostName specifications). For example, when I want to create an SSH Config for GitHub, what should Host and HostName be respectively?

  Read the article

< Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >