Search Results

Search found 4462 results on 179 pages for 'ssh'.

Page 56/179 | < Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63  | Next Page >

  • Securing a persistent reverse SSH connection for management

    - by bVector
    I am deploying demo Ubuntu 10.04 LTS servers in environments I do not control and would like to have an easy and secure way to administer these machines without having to have the destination firewall forward port 22 for SSH access. I've found a few guides to do this with reverse port (e.g. howtoforge reverse ssh tunneling guide) but I'm concerned with security of the stored ssh credentials required for the tunnel to be opened automatically. If the machine is compromised (primary concern is physical access to the machine is out of my control) how can I stop someone from using the stored credentials to poke around in the reverse ssh tunnel target machine? Is it possible to secure this setup, or would you suggest an alternate method?

    Read the article

  • cygwin rsync over ssh very slow

    - by Waleed Hamra
    I have 2 machines running Windows Xp SP3. I have cygwin installed on both, version 1.7. I have rsync and ssh installed on both, and configured using default settings as per ssh-host-config and ssh-user-config programs provided. I moved the public keys into their respective locations, and basically ssh is working fine. i began an rsync operation, using: rsync -av --delete --hard-links local_dir username@other_machine:/some_dir well... on both machines, the processor is running near idle, no heavy usage. I checked IO using process explorer on both machines, and that too is at normal levels (1~2 MB/s), so I can't see where the bottlenecks are, because network performance is aweful. I'm not going over 1MB/s... when a normal file copy using windows sharing achieves some ~10 MB/s.. What could be wrong?

    Read the article

  • Print ssh and su chain

    - by user1824885
    Is there a way to show the complete ssh and su chain in bash? For example. In Server A as user aa: su - ab ssh ba@B su - bb Thus, I would like a command that prints something like this: 1 bash aa in A 2 su ab in A 3 ssh ba in B 4 su bb in B I tried pstree but it does not print the users and only works with the processes of the last ssh'ed server: $ pstree | grep -C 5 pstree serversshd---sshd---sshd---bash---su---bash-+-grep | `-pstree Thanks and regards.

    Read the article

  • Nagios remote monitoring: NRPE Vs. SSH

    - by sam
    We use Nagios to monitor quite a few (~130) servers. We monitor CPU, Disk, RAM and a few other things on each server. I've always used SSH to run the remote commands, purely because it requires little to no additional config on the remote server, just install nagios-plugins, create the nagios user and add the SSH key, all of which I've automated into a shell script. I've never actually considered the performance implications of using SSH over NRPE. I'm not too bothered about the load hit on the Nagios server (It's probably over-speced for what it does, it's never been over 10% CPU), but we run each remote check every 30 seconds and each server has 5 different checks performed. I assume SSH requires more resources for each check but is there a huge difference? (I.E. enough of a difference to warrant the switch to NRPE). If it's any help, we monitor a mix of physical servers (Normally with 8, 12 or 16 physical cores) and Amazon EC2 medium/large instances.

    Read the article

  • Slow data transfer using SSH

    - by Floste
    The server is an ubuntu server 11.04 with sshd. SSH works fine for console programs. But data transfer is slow, which is very annoying when transferring large files. I tried two different client programs and changed the port, but the speed is always the same. I know the server can transfer data a lot faster over SSL, which afaik uses AES. I configured my SSH client to use AES, too, but no effect. Why is using SSH multiple times slower than SSL and is there a way to improve transfer speed of SSH?

    Read the article

  • How to use sudo with WinSCP and ProFTPd?

    - by Gaia
    I need to run the SFTP fileserver binary as root, but direct root login is not allowed. In WinSCP, if I use "default" on SFTP server protocol option everything works as expected. Following the instructions to sudo in WinSCP, I tried using "sudo /usr/sbin/proftpd" (works on the command line without any prompts) but it brings up "Cannot initialize SFTP protocol. Is the host running a SFTP server?" How to use sudo with WinSCP and ProFTPd? WinSCP 4.3.7 GUI Protocol: SFTP-3 CentOS 6.2 Webmin/Virtualmin (Current Version) PS: only cert based login is allowed . 2012-06-17 11:05:56.998 -------------------------------------------------------------------------- . 2012-06-17 11:05:56.998 WinSCP Version 4.3.7 (Build 1679) (OS 6.1.7601 Service Pack 1) . 2012-06-17 11:05:56.998 Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ . 2012-06-17 11:05:56.999 Login time: Sunday, June 17, 2012 11:05:56 AM . 2012-06-17 11:05:56.999 -------------------------------------------------------------------------- . 2012-06-17 11:05:56.999 Session name: KVM1 (Modified stored session) . 2012-06-17 11:05:57.047 Host name: mykvm.com (Port: 22) . 2012-06-17 11:05:57.048 User name: adminuser (Password: No, Key file: Yes) . 2012-06-17 11:05:57.048 Tunnel: No . 2012-06-17 11:05:57.048 Transfer Protocol: SFTP (SCP) . 2012-06-17 11:05:57.048 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec . 2012-06-17 11:05:57.048 Proxy: none . 2012-06-17 11:05:57.048 SSH protocol version: 2; Compression: Yes . 2012-06-17 11:05:57.048 Bypass authentication: No . 2012-06-17 11:05:57.048 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No . 2012-06-17 11:05:57.048 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No . 2012-06-17 11:05:57.048 SSH Bugs: -,-,-,-,-,-,-,-,- . 2012-06-17 11:05:57.048 SFTP Bugs: -,- . 2012-06-17 11:05:57.048 Return code variable: Autodetect; Lookup user groups: Yes . 2012-06-17 11:05:57.048 Shell: default . 2012-06-17 11:05:57.048 EOL: 0, UTF: 2 . 2012-06-17 11:05:57.048 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes . 2012-06-17 11:05:57.048 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No . 2012-06-17 11:05:57.048 Local directory: default, Remote directory: home, Update: No, Cache: Yes . 2012-06-17 11:05:57.048 Cache directory changes: Yes, Permanent: Yes . 2012-06-17 11:05:57.048 DST mode: 1 . 2012-06-17 11:05:57.048 -------------------------------------------------------------------------- . 2012-06-17 11:05:57.113 Looking up host "mykvm.com" . 2012-06-17 11:05:57.132 Connecting to xxx.xxx.128.59 port 22 . 2012-06-17 11:05:57.499 Server version: SSH-2.0-OpenSSH_5.3 . 2012-06-17 11:05:57.499 Using SSH protocol version 2 . 2012-06-17 11:05:57.499 We claim version: SSH-2.0-WinSCP_release_4.3.7 . 2012-06-17 11:05:57.679 Server supports delayed compression; will try this later . 2012-06-17 11:05:57.679 Doing Diffie-Hellman group exchange . 2012-06-17 11:05:58.077 Doing Diffie-Hellman key exchange with hash SHA-1 . 2012-06-17 11:05:58.498 Host key fingerprint is: . 2012-06-17 11:05:58.498 ssh-rsa 2048 bd:e4:34:b1:d4:69:d6:4e:e4:26:04:8b:b7:b3:de:c3 . 2012-06-17 11:05:58.498 Initialised AES-256 SDCTR client->server encryption . 2012-06-17 11:05:58.498 Initialised HMAC-SHA1 client->server MAC algorithm . 2012-06-17 11:05:58.498 Initialised AES-256 SDCTR server->client encryption . 2012-06-17 11:05:58.498 Initialised HMAC-SHA1 server->client MAC algorithm . 2012-06-17 11:05:58.922 Reading private key file "D:\id_rsa.ppk" ! 2012-06-17 11:05:58.924 Using username "adminuser". . 2012-06-17 11:05:59.550 Offered public key . 2012-06-17 11:05:59.743 Offer of public key accepted ! 2012-06-17 11:05:59.743 Authenticating with public key "masterkey for admin" . 2012-06-17 11:05:59.764 Prompt (3, SSH key passphrase, , Passphrase for key "masterkey for admin": ) . 2012-06-17 11:06:02.938 Sent public key signature . 2012-06-17 11:06:03.352 Access granted . 2012-06-17 11:06:03.352 Initiating key re-exchange (enabling delayed compression) . 2012-06-17 11:06:03.765 Doing Diffie-Hellman group exchange . 2012-06-17 11:06:03.955 Doing Diffie-Hellman key exchange with hash SHA-1 . 2012-06-17 11:06:04.410 Initialised AES-256 SDCTR client->server encryption . 2012-06-17 11:06:04.410 Initialised HMAC-SHA1 client->server MAC algorithm . 2012-06-17 11:06:04.410 Initialised zlib (RFC1950) compression . 2012-06-17 11:06:04.410 Initialised AES-256 SDCTR server->client encryption . 2012-06-17 11:06:04.410 Initialised HMAC-SHA1 server->client MAC algorithm . 2012-06-17 11:06:04.410 Initialised zlib (RFC1950) decompression . 2012-06-17 11:06:04.839 Opened channel for session . 2012-06-17 11:06:05.247 Started a shell/command . 2012-06-17 11:06:05.253 -------------------------------------------------------------------------- . 2012-06-17 11:06:05.253 Using SFTP protocol. . 2012-06-17 11:06:05.253 Doing startup conversation with host. > 2012-06-17 11:06:05.259 Type: SSH_FXP_INIT, Size: 5, Number: -1 . 2012-06-17 11:06:05.354 Server sent command exit status 0 . 2012-06-17 11:06:05.354 Disconnected: All channels closed * 2012-06-17 11:06:05.380 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 0. * 2012-06-17 11:06:05.380 Cannot initialize SFTP protocol. Is the host running a SFTP server?

    Read the article

  • Using Roboform with PuTTY

    - by Jake
    I recently discovered and fell in love with Roboform. In less than a week it's become indispensable. So far I've only seen Roboform's ability to fill out fields in web browsers and Windows GUI apps. I'm an app developer and sometimes I need to use Telnet/SSH. My SSH client of choice is PuTTY, but I can't find any way to integrate Roboform with PuTTY. Is this possible? If not, is there another [free] SSH client that will work with Roboform?

    Read the article

  • Force Capistrano to ask for password

    - by Moshe Katz
    I am deploying using Capistrano to a new server and having the following issue. Currently, I cannot add an SSH key to the server to log in with so I must use password authentication. However, I do have a key for another server saved in my local user account's .ssh directory. Here is the error I get when I try to log in: C:\Web\CampMaRabu>cap deploy:setup * executing `deploy:setup' * executing "mkdir -p /home2/webapp1 /home2/webapp1/releases /home2/webapp1/shared /home2/webapp1/shared/system /home2/webapp1/shared/log /home2/webapp1/shared/pids" servers: ["myserver.example.com"] connection failed for: myserver.example.com (OpenSSL::PKey::PKeyError: not a public key "C:/Users/MyAccount/.ssh/id_rsa.pub") How can I get Capistrano to ignore the existence of the key I have and let me log in with a password instead? I tried adding set :password, "myp@ssw0rd" to deploy.rb and it didn't help.

    Read the article

  • How to create a Linux user without a password but being able to set it?

    - by Leonid Shevtsov
    I have a username and an SSH key for a (hypothetical) guy and I need to give him admin access to a Linux (Ubuntu) server. I want him to be able to log in via SSH and then set his password by himself over a secure connection, instead of passing the password around. I know how to make the password expire and force him to reset it on first login. But this doesn't work unless he has some password already, which I then have to tell him. I thought about making the password blank - SSH wouldn't allow login, but then anyone can su into the user. My question is, is there some best practice to creating accounts in such a way? Or setting a default password is unavoidable?

    Read the article

  • the right way to do deployment with capistrano

    - by com
    I look for good practices for deploying with capistrano. I would like to start out with a short description how I used to do deployment. capistrano is installed locally on a developer's computer. I deploy thought gateway with capistrano option :gateway. Firstly, I thought that with :gateway option I need to have ssh connection only to gateway host, but it turns out that I need ssh connection (public key) to all hosts where I want to deploy to. I would like to find a convenient and secure way to deploy application. For example, in case when new developer starts working, is much more convinient to put his *public_key* only on gateway server and not on all applications servers. On the other hand I don't want him to have any connection to servers in particular ssh to gateway, just because he is developer, he needs to do only deployments. If you are aware of good practices for deploying with capistrano, please, let us know.

    Read the article

  • How to back up server with rsync, preserving ownership/permissions without root login

    - by olilarkin
    I am setting up a backup server on which I want to run rsync over ssh to backup content on other servers every night. I would like to set up ssh keys to make it password-less, but I want to preserve ownership of files and permissions. There are a number of users on the server to be backed up which won't all exist on the backup server. What would be the best way to do this? I guess the backup job will need to connect as root to , but I don't want to enable root ssh access on the servers. thanks for any tips, oli ps, all servers are running UBUNTU Server 12.04 LTS and are behind a university firewall.

    Read the article

  • rsync to windows (cygwin)

    - by abergmeier
    We have a windows file storage (don't ask) and now I want to rsync with the machine from Windows, Mac and Linux. So I installed freeSSHd (login shell is set to C:/cygwin64/bin/sh.exe), set up certificates and testing from Linux the test.dat has 0 bytes: ssh myuser@winmachinename "C:/cygwin64/bin/true.exe" > test.dat Even double checking with actual output works fine: ssh myuser@winmachinename "C:/cygwin64/bin/ls.exe" > test.dat Now, when I call rsync: rsync --progress -avz -e ssh myuser@winmachinename:/c/Users ~/test it fails with: protocol version mismatch -- is your shell clean? (see the rsync man page for an explanation) rsync error: protocol incompatibility (code 2) at compat.c(174) [Receiver=3.1.0] As far as reading the docs, this should not happen, when the first test is successful!? I am by now out of ideas - any recommendations how to debug this? EDIT: | OS | rsync version | |:--------------|:------------------------------------------| | Windows | rsync version 3.0.9 protocol version 30 | | Linux | rsync version 3.1.0 protocol version 31 |

    Read the article

  • How can I allow a linux subversion user to only execute svnserve?

    - by sbleon
    I've got a user that I'd like to only be able to use subversion. We like to use svn+ssh:// URLs sometimes (for public keys and whatnot), so I need them to be able to connect over ssh and run only the svnserve command. When using a svn+ssh URL, svn ssh'es in and passes the arguments "-c svnserve -t". I wrote a custom shell as follows to filter the commands that can be run. This works, but it's not passing the input to svnserve, so when I try to "svn up" I get "svn: Connection closed unexpectedly". #!/bin/bash if [ "$1" == "-c" ] && [ "$2" == "svnserve" ] && [ "$3" == "-t" ] && [ "$4" == ""] ; then exec svnserve -t else echo "Access denied. User may only run svnserve." fi

    Read the article

  • Added user to CentOS, Updated sshd_config with AllowUsers, Login denied

    - by Gregg
    CentOS 5.3. I can SSH into the system as root just fine. Added a user and set their password. They have shell access (/bin/bash). I can su to the account from root just fine. I updated /etc/ssh/sshd_config with: AllowUsers myNewUser And restarted sshd: /etc/init.d/sshd restart When trying to ssh into the server with the new user, I get a permission denied. And yes, I've double and triple checked that I am using the correct password. Any help is appreciated.

    Read the article

  • Run Bash Script Another Server

    - by psce
    I want to run command one by one, for change the names of the directories on the server. When I run script, directories renamed in server 1. But, directories are not found in server 2. What the error could be in the script? Script; #!/bin/bash mach_directory=/home/user/example erase_dir1=cache erase_dir2=tmp for i in {0..10} do user=user server=$(ssh $user@server$i hostname) ssh $user@$server find $mach_directory -type d -name $erase_dir1 ! -path "*Admin/$erase_dir1*" -print0 | while IFS= read -r -d '' file ; do mv "$file" "${file}_$(date +%d%m%Y)"; done ssh $user@$server find $mach_directory -type d -name $erase_dir2 ! -path "*Admin/$erase_dir2*" -print0 | while IFS= read -r -d '' file ; do mv "$file" "${file}_$(date +%d%m%Y)"; done done

    Read the article

  • putty pageant - forget keys after period of inactivity

    - by pQd
    in the environment where windows client computers are used to run putty to connect to multiple linux servers i'm considering moving away from password based authentication and using public/private key pairs with pass-phrases. using ssh-agent would be nice, but at the same time i'd like it to 'forget' the pass-phrases after given period of inactivity. it seems that putty's pageant does not provide such feature; what would you suggest as alternative? solutions that i'm considering: patching pageant code [might be tricky, code is probably quite rusty and project - sadly - stagnant] writing small custom application using GetLastInputInfo and killing pageant if the machine was idle for more than let's say 15 minutes [ yes, there'll be separate policy for locking the desktops as well ] using alternative ssh client and ssh agent. any suggestions? thanks!

    Read the article

  • Changing the passphrase of a private key in Windows

    - by janos
    I have a private key in Windows, created by puttygen.exe. I used default options to save it, the tool automatically gave it a .ppk extension, and it looks like this: PuTTY-User-Key-File-2: ssh-rsa Encryption: none Comment: rsa-key-20130627 Public-Lines: 4 AAAAB3NzaC1yc2EAAAABJQAAAIBnvvAhyMs4rdlQd4OdajDw4jIPi6vIjrWjt4l4 5C3wHOSxyQQdtSA8XT3K0rSBnNtZRJTb5mfix67qQe3pHCTMSNsYIaBi8xQJHZRa RxdY+1VtGnSlEma8KO2We9eDNCGiwrRTUzqvTiGCnzU0pF1MXxu3ObISJcpqv+sQ 1GB0cw== Private-Lines: 8 AAAA.......... Private-MAC: XXXXXXXXX Now I need to change the passphrase, and reading from the docs it seemed simple enough: puttygen.exe -P key.ppk But this pops up a window with this error: PuTTYgen Error: Couldn't load private key (unable to open file) I also tried to change the passphrase using ssh-keygen that comes with Git Bash: ssh-keygen.exe -p -f key.ppk It asks for my old passphrase, but then it gives me the error Bad passphrase. Which is not true, because I can add the key in pageant.exe, and I am not mistyping the passphrase... Anything else I can try to change or drop the passphrase?

    Read the article

  • Can I automatically add a new host to known_hosts ?

    - by gareth_bowles
    Here's my situation; I'm setting up a test harness that will, from a central client, launch a number of virtual machine instances and then execute commands on them via SSH. The virtual machines will have previously unused hostnames and IP addresses, so they won't be in the ~/.ssh/known_hosts file on the central client. The problem I'm having is that the first SSH command run against a new virtual instance always comes up with an interactive prompt: The authenticity of host '[hostname] ([IP address])' can't be established. RSA key fingerprint is [key fingerprint]. Are you sure you want to continue connecting (yes/no)? Is there a way that I can bypass this and get the new host to be already known to the client machine, maybe by using a public key that's already baked into the virtual machine image ? I'd really like to avoid having to use Expect or whatever to answer the interactive prompt if I can.

    Read the article

  • Why does sshd give a different identification when connecting through netcat?

    - by Robbie Mckennie
    I have been attempting to create a way to ssh into a machine hiding behind a firewall. I set up my ssh client with the option Proxycommand /usr/bin/ncat -l 2000, and then I connect it to sshd with ncat <client> 2000 -c "sshd -i" on the server. It works in that I can get a shell on the server, but the server sends a different key than when I use normal ssh. So the question is, why? Is the key different when sshd is called in this unusual way?

    Read the article

  • Multiple public keys for one user

    - by Russell
    This question is similar to SSH public key authentication - can one public key be used for multiple users? but it's the other way around. I'm experimenting on using ssh so any ssh server would work for your answers. Can I have multiple public keys link to the same user? What are the benefits of doing so? Also, can different home directories be set for different keys used (all of which link to the same user)? Please let me know if I'm unclear. Thanks.

    Read the article

  • How to run a process and completely detach it of its parent shell

    - by Bicou
    I'm running a program on a linux server that will take days to complete. I'm launching it from my workstation from an SSH terminal, as this program is command-line only. I want to be able to do all of these : launch that program, redirect standard outputs to files, exit my SSH session without making this terminate the process. I thought about $ ./MyProg.csh -params -foo -bar </dev/null 1>~/out.log 2>~/err.log & However, the process is terminated the moment I close my SSH session. My workstation is running Windows XP, and I cannot guarantee its uptime over several days, which is required for the processing of my data on the Linux server. As you may have noted, my program requires to be launched from CSH. Is it possible to do this ? Thanks.

    Read the article

< Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63  | Next Page >