Search Results

Search found 9446 results on 378 pages for 'ssh keys'.

Page 59/378 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >

How can I suppress /etc/issue without losing error messages?

- by Andy

Is it possible to tell the ssh client to not print the connects of /etc/issue to stdout when connecting to a remote host, but to print out any other diagnostic (e.g. error) messages? Either using ssh -q or having LogLevel quiet in ~/.ssh/config suppresses the /etc/issue printing, but also turn off error messages. I've tried touching ~/.hushlogin as well - that stops /etc/motd being printed, but doesn't affect /etc/issue. The most obvious solution is just to remove /etc/issue, but company policy dictates the file be there with dire warnings about unauthorised access. This is non-negotiable. Unfortunately, I've got a bunch of scripts that run across quite a few hosts via ssh, and the log files are a) very large and b) full of legalese. Since quite a lot of stuff runs unattended, I don't want to lose any error messages that are printed.

Read the article
ssh_exchange_identification: Connection closed by remote host?

- by user51684

debug1: Connection established. debug1: identity file /home/DAMS/.ssh/id_rsa type 1 debug1: identity file /home/DAMS/.ssh/id_rsa-cert type -1 debug1: identity file /home/DAMS/.ssh/id_dsa type -1 debug1: identity file /home/DAMS/.ssh/id_dsa-cert type -1 ssh_exchange_identification: Connection closed by remote host hello this one is different . no missing or anything. im using cygwin. and it just stop when im doing git push production on my server. usually its ok, but i dont know why its stop connections i wonder whats wrong.

Read the article
Is there a way I can use $PATH as defined by my bash profile?

- by Adam Backstrom

I spend most of my day ssh'd into servers. I have a series of aliases/functions/scripts that allow me to type p hostname from the terminal and execute GNU screen(1) on the remote side, using the following command: exec ssh hostname -t 'screen -RD'` I've only recently noticed that ssh -t does not get my custom $PATH. Here's some terminal output: adam@workstation:~:0$ sh server 'echo $PATH' /home/adam/bin:/usr/local/bin:/bin:/usr/bin:/opt/git/bin:/opt/git/libexec/git-core adam@workstation:~:0$ ssh server -t 'echo $PATH' /usr/local/bin:/bin:/usr/bin Connection to uranus.plymouth.edu closed. My biggest problem is my custom aliases only try to execute screen, since I can't guarantee an absolute path, and my $PATH is structured so the shell should find the correct one. If my $PATH settings aren't honored, my scripts don't work. Is there a way I can use $PATH as defined by my .bashrc/.bash_profile? I believe PermitUserEnvironment is disabled.

Read the article
Why Mac cannot connect to Iphone?

- by martin08

I couldn't always ssh to my iPhone from my Mac. They're both on the same wifi network but sometimes the connection is established, sometimes it failed. From my Mac: $ ssh [email protected] ssh: connect to host 192.168.0.102 port 22: Operation timed out $ ping 192.168.0.102 PING 192.168.0.102 (192.168.0.102): 56 data bytes ping: sendto: No route to host ping: sendto: Host is down ping: sendto: Host is down I enabled SSH on the phone and am sure it can load webpages. So what might be a reason why they cannot connect? Thanks

Read the article
How can I create an external SSL wrapper/tunnel page for an insecure webpage behind a firewall?

- by Ross Rogers

I have an security cam with a built-in webpage inside my home network. That camera is using basic HTTP authentication instead of SSL. I want to be able to access the camera's webpage from outside my network, but I don't want to open an unencrypted video stream to the outside world. Right now, I'm doing some cumbersome ssh tunneling where I bounce off an ssh server like: ssh -N -L 9090:CAMERA_IP:80 [email protected] and then I connect to my web page like: http://localhost:9090 But this is a pain. Now, gentle reader, I beseech you to tell me how I can use linux (Ubuntu) to get a fully encrypted SSL connection to my internal web page without the hassle of creating an ssh tunnel each time. I believe I can use stunnel, but I'm not sure of the command.

Read the article
How to forward external port to internal port using plink

- by user857990

For a penetration test where I have shell access to a computer running an old Windows, I'd like to forward port 4450 to 127.0.0.1:445 because the firewall is blocking 445 externally. I'm stuck on the following: plink -L 4450:127.0.0.1:445 SSH-Server According to the documentation I've found, I'd have to specify a SSH-Server. But all documentation I've found just uses an SSH-Server in the same network. To forward it to a localhost port, that wouldn't help. Do I have to install an SSH-Server on that machine or are there other ways?

Read the article
chrooting user causes "connection closed" message when using sftp

- by George Reith

First off I am a linux newbie so please don't assume much knowledge. I am using CentOS 5.8 (final) and using OpenSSH version 5.8p1. I have made a user playwithbits and I am attempting to chroot them to the directory home/nginx/domains/playwithbits/public I am using the following match statement in my sshd_config file: Match group web-root-locked ChrootDirectory /home/nginx/domains/%u/public X11Forwarding no AllowTcpForwarding no ForceCommand /usr/libexec/openssh/sftp-server # id playwithbits returns: uid=504(playwithbits) gid=504(playwithbits) groups=504(playwithbits),507(web-root-locked) I have changed the user's home directory to: home/nginx/domains/playwithbits/public Now when I attempt to sftp in with this user I instantly get the message: connection closed Does anyone know what I am doing wrong? Edit: Following advice from @Dennis Williamson I have connected in debug mode (I think... correct me if I'm wrong). I have made a bit of progress by using chmod to set permissions recursively of all files in the directly to 700. Now I get the following messages when I attempt to log on (still connection refused): Connection from [My ip address] port 38737 debug1: Client protocol version 2.0; client software version OpenSSH_5.6 debug1: match: OpenSSH_5.6 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: permanently_set_uid: 74/74 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-ctr hmac-md5 none debug1: kex: server->client aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user playwithbits service ssh-connection method none debug1: attempt 0 failures 0 debug1: user playwithbits matched group list web-root-locked at line 91 debug1: PAM: initializing for "playwithbits" debug1: PAM: setting PAM_RHOST to [My host info] debug1: PAM: setting PAM_TTY to "ssh" debug1: userauth-request for user playwithbits service ssh-connection method password debug1: attempt 1 failures 0 debug1: PAM: password authentication accepted for playwithbits debug1: do_pam_account: called Accepted password for playwithbits from [My ip address] port 38737 ssh2 debug1: monitor_child_preauth: playwithbits has been authenticated by privileged process debug1: SELinux support disabled debug1: PAM: establishing credentials User child is on pid 3942 debug1: PAM: establishing credentials Changed root directory to "/home/nginx/domains/playwithbits/public" debug1: permanently_set_uid: 504/504 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 2097152 max 32768 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_global_request: rtype [email protected] want_reply 0 debug1: server_input_channel_req: channel 0 request env reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req env debug1: server_input_channel_req: channel 0 request subsystem reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req subsystem subsystem request for sftp by user playwithbits debug1: subsystem: cannot stat /usr/libexec/openssh/sftp-server: Permission denied debug1: subsystem: exec() /usr/libexec/openssh/sftp-server debug1: Forced command (config) '/usr/libexec/openssh/sftp-server' debug1: session_new: session 0 debug1: Received SIGCHLD. debug1: session_by_pid: pid 3943 debug1: session_exit_message: session 0 channel 0 pid 3943 debug1: session_exit_message: release channel 0 debug1: session_by_channel: session 0 channel 0 debug1: session_close_by_channel: channel 0 child 0 debug1: session_close: session 0 pid 0 debug1: channel 0: free: server-session, nchannels 1 Received disconnect from [My ip address]: 11: disconnected by user debug1: do_cleanup debug1: do_cleanup debug1: PAM: cleanup debug1: PAM: closing session debug1: PAM: deleting credentials

Read the article
Port Forwarding a Specific Port (e.g. 22)

- by Jerry Blair

I'm still confused about establishing an SSH connection (port 22) between two computers on different internal networks. For example: I am on my computer with internal IP address IIP-1, connected to my router RT-1. There are 10 IIPs connected to RT-1. I want to establish an SSH connection to IIP-3 which is connected to router RT-2. There are 10 IIPs connected to RT-2. At any time, there can be multiple SSH connections between IIPs on RT-1 and RT-2. Since I only have port 22 available, I don't know which SSH session is talking between which IIPs. I looked at a couple of similar questions but am still unclear on the solution. Thanks much, Jerry

Read the article
fail2ban and denyhosts constantly ban me on Ubuntu

- by Trey Parkman

I just got an Ubuntu instance on Linode. To secure the SSH on it, I installed fail2ban (using apt-get), but then had a problem: fail2ban kept banning my IP (for limited durations, thankfully) even though I was entering the correct password. So I removed fail2ban and installed denyhosts instead. Same problem, but more severe: It seems like every time I SSH in, my IP gets banned. I remove it from /etc/hosts.deny, restart denyhosts and log in again, and my IP gets banned again. The only explanation I can think of is that I've been SSH-ing in as root (yes, yes, I know); maybe something is set somewhere that blocks anyone who SSH-es in as root, even if they log in successfully? This seems bizarre to me. Any ideas? (Whitelisting my IP is a temporary fix. I don't want to only be able to log on from one IP.)

Read the article
Remove key from known_hosts

- by Adam Matan

Hi, I have built several virtual machines during the last few weeks. The problem is, the .ssh/known_hosts gives me the Man in the middle warning. This happens because another fingerprint is associated with the virtual machine IP. In the .ssh/known_hosts file, however, I don't seem to find the record related to the IP, only two bizarre, key-like strings and "ssh-rsa". Any ideas how to remove the old key from known_hosts? Thanks, Udi

Read the article
Connecting jconsole using SOCKS to Amazon EC2

- by freshfunk

I'm trying to use jconsole to view stats on an EC2 instance by using a socks proxy created by SSH. I've tried the various scripts mentioned in the links below but to no avail: http://simplygenius.com/2010/08/jconsole-via-socks-ssh-tunnel.html http://gabrielcain.com/blog/2010/11/02/using-ssh-proxying-to-connect-jconsole-to-remote-cassandra-instances/ I'm running ssh -f -ND 8123 myuser@mymachine and verified that at least Firefox goes through it as a proxy. I then run jconsole -J-DsocksProxyHost=localhost -J-DsocksProxyPort=8123 service:jmx:rmi:///jndi/rmi://ec2-XX-XX-XXX-XXX.compute-1.amazonaws.com:8080/jmxrmi I run netstat -n on my EC2 instance and I see a connection created by my machine. However, the connection eventually disappears and I get a 'channel 2: open failed: connect failed: Operation timed out' from my ssh tunnel. I've opened the jmx port through the security group and I've checked the port on the EC2 instance to make sure it's open (by telnet-ing to it). I'm not sure where to look next. Are there some properties in sshd_config or ssh_config I need to enable for tunneling? Or anything in Mac OS X? I feel like a serious noob but sys administration is really not my strong point. I've spent several hours and can't get this to work.

Read the article
How can I install OpenSolaris without Graphical Environment - just text console?

- by Sanoj

I would like to install OpenSolaris and use it as a home-server. I will interact with it just with SSH, so I don't need the Graphical Environment. How can I install OpenSolaris without the Graphical Environment? And preferably I would like to use the SSH-interface as much as possible, is it even possible to do the installation over SSH? I tried the SSH-boot alternative on the installation-CD, then I have to use a password, but I have no password since I haven't installed the system yet.

Read the article
Creating multiple SFTP users for one account

- by Tom Marthenal

I'm in the process of migrating an aging shared-hosting system to more modern technologies. Right now, plain old insecure FTP is the only way for customers to access their files. I plan on replacing this with SFTP, but I need a way to create multiple SFTP users that correspond to one UNIX account. A customer has one account on the machine (e.g. customer) with a home directory like /home/customer/. Our clients are used to being able to create an arbitrary number of FTP accounts for their domains (to give out to different people). We need the same capability with SFTP. My first thought is to use SSH keys and just add each new "user" to authorized_keys, but this is confusing for our customers, many of whom are not technically-inclined and would prefer to stick with passwords. SSH is not an issue, only SFTP is available. How can we create multiple SFTP accounts (customer, customer_developer1, customer_developer2, etc.) that all function as equivalents and don't interfere with file permissions (ideally, all files should retain customer as their owner)? My initial thought was some kind of PAM module, but I don't have a clear idea of how to accomplish this within our constraints. We are open to using an alternative SSH daemon if OpenSSH isn't suitable for our situation; again, it needs to support only SFTP and not SSH. Currently our SSH configuration has this appended to it in order to jail the users in their own directories: # all customers have group 'customer' Match group customer ChrootDirectory /home/%u # jail in home directories AllowTcpForwarding no X11Forwarding no ForceCommand internal-sftp # force SFTP PasswordAuthentication yes # for non-customer accounts we use keys instead Our servers are running Ubuntu 12.04 LTS.

Read the article
Can't start a service (sudo) remotely from script and keep it running

- by Greg Bernhardt

I have a service (tomcat) that needs sudo to be started. I made a simple script on the remote server in /root/bin/test.sh #!/bin/sh sudo service tomcat start read (The script needs to do other stuff too, just pared down for simplicity). When I run a it directly on the remote server, tomcat starts and continues running on the server after I disconnect. When I run it remotely, the process starts, (I can see it when paused for the "read"), but once the script ends, it's gone. (while paused for the read, run this command locally) ps -ef | grep tomcat I've tried various combinations of nohup, screen, and & on the commands both on the local machine and in the remote machine's test.sh script, but I can't seem to get it working. ssh -t [email protected] "/root/bin/test.sh" ssh -t [email protected] "nohup /root/bin/test.sh" ssh -t [email protected] "nohup /root/bin/test.sh &" ssh -t [email protected] "screen /root/bin/test.sh &"

Read the article
How to stabilize a disconnecting internet connection?

- by All

My internet connection is very interrupting, but it is not sensible for web surfing, as the connection dies for a few seconds and everything is OK. The IP is NOT changing, and just a halt in data transfer. However, it is very annoying for applications needing contact connection like SSH. Since it seems disconnection, SSH closes. Is there any way to stabilize this kind of interrupting connection to keep the connection with zero transfer data to persevere any connection like SSH? I am using Linux (Debian/Ubuntu).

Read the article
Change OpenSSH account password in Linux

- by TK Kocheran

I suppose that my main Linux user account password serves as my SSH password as well. Is there a way I can modify this? As it turns out, I'd like to have a REALLY secure SSH password for obvious reasons, but a less secure local password, as it makes typing in passwords a heck of a lot easier on a machine. Is there a way I can change my account password in SSH without changing my Linux user password?

Read the article
Secure copy uucp style

- by Alexander Janssen

I often have the case that I have to make a lot of hops to the remote host, just because there is no direct routing between my client and the remote host. When I need to copy files from a remote host two or more hops away, I always have to: client$ ssh host1 host1$ ssh host2 host2$ scp host3:/myfile . host2$ exit host1$ scp host2:myfile . host1$ exit client$ scp host1:myfile . Back when uucp still was being used this would be as simple as a uucp host1!host2!host3 /myfile . I know that there's uucp over ssh, but unfortunately I don't have the proper privileges on those machines to set it up. Also, I'm not sure if I really want to fiddle around with customer's machines. Does anyone know of a method doing this tasks without the need to setup a lot of tunnels or deploying new software to remote hosts? Maybe some kind of recursive script which clones itself to all the remote hosts, doing the hard work for me? Assume that authentication takes place with public keys and that all hosts do SSH Agent Forwarding. Edit: I'm not looking for a way to automatically forwarding my interactive sesssion to the nexthop host. I want a solution to copy files bangpath-style using scp via multiple hops without the need to install uucp on any of those machines. I don't have the (legal) rights or the privileges to make permanent changes to the ssh-config. Also, I'm sharing this username and hosts with a lot of other people. I'm willing to hack up my own script, but I wanted to know if anyone knows something which already does it. Minimum-invasive changes to hosts on the bangpath, simple invocation from the client. Edit 2: To give you an impression of how it's properly been done in interactive sessions, have a look at the GXPC clustershell. This is basically a Python-script, which spwans itself over to all remote hosts which have connectivity and where your ssh-key is installed. The great thing about it is, that you can tell "I can reach HostC via HostB via HostA." It just works. I want to have this for scp.

Read the article
rsync per-site configuration file?

- by Scott

I know how to configure a per-site entry for ssh, but is there any kind of a client configuration for rsync that allows per-site configuration options and aliases or similar shortcuts like the .ssh/config? I'm curious because I have a minimal ssh server installed on my android phone and I also have a minimal rsync tool on it as well. I'm getting tired of having to root login onto the phone and sym-link both tools to standard places the android OS looks for executables as the ssh server is bare bones and has a typical *bear multi-link binary for the basic unix commands (that does not include rsync) I end up having to include --rsync-path=/path/to/rsync/android/files/rsync every time I want to do any rsyncing of the files on my phone, but this path is always the same. I've gotten around it in the meantime with a glob approach in a shell script wrapper, but this sometimes limits the customization I can do with the rsync call. I'm just wondering if there is anything similar to the .ssh/config file where I can create an alias for my phone (e.g. 'android') where specifying rsync android:/mnt/sdcard will automatically assume --rsync-path=/blah/blah/blah --no-g --no-p --no-t etc. Tre`

Read the article
scp using a password on the command line

- by spierepf

I am trying to write a script that will deploy a build created on my desktop machine (windows/cygwin) to a machine in my test environment (linux). I would like to use scp to copy the build to the target machine. The only account on the target machine is root, and I cannot create a special user for this task. The root user is unable to log in using an ssh key (I suspect that this is configured on the ssh server, but I do not know which configuration options control this). At any rate, I cannot change the configuration of the ssh server. My desktop machine uses Cygwin, and I have ssh installed. What I need is the command-line-fu that will allow me to put the password on the command line. I am aware of the dangers of having a plaintext password in a shell script, but that is not a concern here.

Read the article
X11 not sending windows to remote computer matlab

- by MZimmerman6

I am trying to set up my home desktop, running OS X Mountain Lion, to basically do a bunch of grunt work for me remotely. I have set up ssh, and am able to remotely control the computer fine, but the issue comes in when I try to run X11 apps, like MATLAB, remotely and get windows to pop up. Every time I try to bring up a new window it either opens that window on the remote computer (not the one I am using to control it), or it tells me it can't find a display. here is how I am setting up my ssh assume my matlab alias is set up properly, which it is. ssh -X [email protected] matlab -nodesktop figure; This will open the window on the computer I am SSHing into, and not on the remote one. Basically I want that window to open on the computer I am remoting from. I changed my SSH X11Forwarding and stuff to be yes in ssh_config and sshd_config. Any other suggestions?

Read the article
PuTTY: how to properly emulate -t option

- by John Sonderson

On Linux the ssh command has a -t option whose man page reads: Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocate, even if ssh has no local tty. I would like to use this same option with PuTTY on Windows. In particular, I can see that PuTTY has a bunch of options under: Category - Connection - SSH - TTY and suspect it might be possible to achieve the same behavior via some of the (NUMEROUS!) settings found on this screen. Anyone know how to configure the following command: ssh -t USER,[email protected] create Thanks!

Read the article
What's the best way to forward traffic on a specific port to another machine?

- by Ankit

The setup I have is this: [client01] <-A-> [server01] <-B-> [server02] client01 can access port 9300 on server01 (connection A). server01 can access port 9300 on server02 (connection B). What's the best way to make all traffic on port 9300 to server01 go to port 9300 on server02? I can successfully do this with an ssh tunnel from client01 to server01 to server02, but I don't want to have to run ssh on client01. When I ssh from server01 to server02 forwarding port 9300 (ssh -g -L9300:localhost:9300 server02 on server01), it doesn't work -- am I using the wrong command?

Read the article
is there a way to tail a log from remote server without using any user credentials?

- by suhprano

I run a script tailing a log in a remote server, like so: ssh userx@someip tail -f /data/current.log|python2.7 monitorlog.py There are dependencies and service requirements that disallows me to run the script off the remote server. (DB, ACLs, and path to another service is uses) Is there a way I can tail and monitor a log without using the ssh userx@someip? I thought about generating RSA keys but I think you still need a user to ssh.

Read the article
verify public key on Ubuntu

- by macsig

How can I verify if a ssh public key is successfully installed on a Ubuntu server? I'm trying to unable continuos deployment and to do so I need to install the public key I got from codeship on the server. I have copied the key I got on the server at ~/.ssh/authorized_keys/id_rsa.pub and restarted ssh but I'm still not able to deploy my app so as first debugging step I'd like to make sure the public key is properly installed on the server. Thanks.

Read the article
How to remotely connect to jmx on tomcat using ssh tunnelling and not break ehcache...

- by Unsavory

I've followed the instructions in the following link to create my own RMI registry and jmx server on a single port inside tomcat. According to the comments, I need to set -Djava.rmi.server.hostname=localhost. Once I do that, I can indeed connect to my server via jconsole using ssh port forwarding. http://blogs.sun.com/jmxetc/entry/connecting_through_firewall_using_jmx However, I've found it has the very bad side affect of breaking our ehcache replication which uses RMI. It fails complaining that it cannot bootstrap from remote peer localhost. I'm guessing because the peers all have their rmi server hostname set to localhost from setting -Djava.rmi.server.hostname=localhost. Does anyone have a possible workaround to this problem?

Read the article

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >