Search Results

Search found 9446 results on 378 pages for 'ssh keys'.

Page 69/378 | < Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76 | Next Page >

How to create chroot jail with ability to change some system settings

- by Tadeck

How to properly create chroot jail (on Ubuntu, or some some other Linux if not applicable) to make user able to edit system settings (eg. with ifconfig) and be able to communicate with external scripts? The use case would be to enable user to authenticate using SSH and then be able to perform very limited set of actions from command line. Unfortunately the tricky part is the access to system settings. I have considered multiple options and the alternative is to setup fake SSH server (eg. with Twisted), try to use restricted shell (however, I seem to need chroot still), or write a script on top of the shell (?).

Read the article
Perform shell operation through secure shell

- by Ben

Is it possible to perform a shell operation from a bash script through a secure shell. Here is an example of why you may want to do this. Lets say you have a simple unix operating system that you need only build and run on, but you want to do all of the development on another machine. I want to write a bash script that has the following functionality: scp file to location on other machine ssh to other machine cd into correct directory make run program scp results to file on original computer exit ssh Is this remotely possible? (Pardon the Pun :p)

Read the article
have a bash script remotely shutdown another computer on the lan

- by gletscher

Hi I want to write a bash script that when called shuts down another computer on the lan. Maybe using ssh? The other computer is an ubuntu machine. Now I'm not sure how to send e.g. a sudo shutdown -h now command from withing a bash script to the ssh after logging in. Also I'm not sure how to obtain the rights for the sudo command, hence how to handle the communication between the server and client from within a bash script. Any suggestions are greatly appreciated.

Read the article
CentOS/Apache killing connections

- by fin1te

Getting a really strange error. Basically, whenever I browse to my server (http://[ip_address] or http://[hostname]), it doesn't load, and my active SSH connection drops out. I installed CentOS 5.5, and then httpd and PHP 5.3. No other applications where installed, so I can't imagine it's something else causing it. I also reinstalled CentOS 5.5 again, completely fresh, the only thing I did to it was yum install httpd, and it still caused this issue. I've changed nothing in the config or anything else. Driving me mad, has anyone heard of this? It's really frustrating since everytime I attempt to debug this issue, I get kicked off SSH and have to log back in. Theres nothing in the Apache error logs, and nothing in the access log recording my attempt. Also, the result from uname - Linux [hostname] 2.6.35.4-rscloud #8 SMP Mon Sep 20 15:54:33 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux Thank you

Read the article
How can I make gitosis distinguish between two users with the same username

- by bryan kennedy

I have a gitosis system that seems to be working correctly except for a common problem we run into where I can't distingush permissions between two users who have the same username, but different hosts. For example: [email protected] 's SSH key is in the key folder. And so is [email protected] 's SSH is also in the key folder. These two jsmith's are two different people on two different computers. However, when I configure them in the gitosis.conf file with the usernames jsmith@computer or jsmith@machine, it seems like each user just gets the same permission. Can gitosis not distinguish the full username (name and host)? If not, how do I deal with multiple users accessing our system with common usernames? Thanks for any help.

Read the article
Tunneling HTTP traffic from a particular host/port

- by knoopx

Hello, I'm trying to figure out how to access from my development machine (Devel) to a third party web service (www.domain.com) which I am not allowed to directly contact using my office IP address. Here's a basic diagram (i'm not allowed to post images...): http://yuml.me/diagram/scruffy/class/%5BDevel%5D-%5BA%5D,%20%5BA%5D-%5BB%5D,%20%5BB%5D-%5Bwww.domain.com%5D The only machine allowed to access that service is B (production server) but I do neither can directly access it from my development machine (Devel). So in order to access the web service I have to ssh into A, and then from A to B to access www.domain.com Is there any way of tunneling traffic from B to A and then back to my development machine so I can directly access www.domain.com without having to ssh into every box? Devel: My development machine. A, B: Linux servers. I own root access on both. B: Production server www.domain.com: Third party HTTP API production server uses.

Read the article
Linux - How to manage the password of root?

- by Jonathan Rioux

We have just deployed a couple of Linux server. Each sysadmin will have his own account on the server (i.e.: jsmith), and will connect using SSH with a certificate which will be put into the "authorized_keys" file in their home directory. Once connected on the server, if they want to issue an elevated command, they will do like: sudo ifconfig They will then enter the root password. What I would like to know now are the best practices in managing that root password. Should I change it periodicaly? And how do I share that new password with the sysadmins? **Of course I will disable the root logon in SSH.

Read the article
Putty freezes at random when logging into a remote machine in another continent

- by vito

I have to ssh to a remote machine in Europe from Asia every day for my work. But Putty freezes sometimes at totally random times and I have no choice but to close and re-open a new ssh session. It's frustrating especially when I'm editing something or executing a long running program. I know the question really doesn't have much details ('cause nothing seems to be wrong with the network at all). Has anyone experienced this sort of issue with Putty and had resolved it? Thanks for your time!

Read the article
Connect using sqlplus to db server through multiple tunnels

- by Samuel Lindblom

I would like to create an SQL Developer connection to a database through a couple of tunnels. The steps right now are: Connect to server A - connect to server B - run sqlplus against tnsname on a server that I do not have ssh access to. Is there an easy way of using SQL Developer instead of sqlplus? I have read through 20 articles on the subject and still have no idea how to actually make the connection. I understand that you can chain ssh -L commands to get the server connection, but I don't know how to use that connection in SQL Developer.

Read the article
Efficient PuTTy workflow / configuration

- by Adrian Ratnapala

PuTTy is a fine SSH client, but how do you get a workflow managed as slickly as OpenSSH on Unix? My issues with PuTTy's management are: PuTTy tools are not in my PATH (easily fixable) PuTTy seems to have no equivalent of ~/.ssh, so I end have to manually choose locations for my keypairs, and then manually tell all the tools where to find them every time The private key's read permissions seem lax (I might be wrong about this, I a klutz on Windows). Pageant doesn't run by default (easily fixable?) Other programs don't reliably find pageant I suspect all of these problems can be fixed if I just get set my system up properly, and/or organise a nice workflow that fits into PuTTy's way of doing things. So can anyone share some success stories about managing PuTTy?

Read the article
sshd: How to enable PAM authentication for specific users under

- by Brad

I am using sshd, and allow logins with public key authentication. I want to allow select users to log in with a PAM two-factor authentication module. Is there any way I can allow PAM two-factor authentication for a specifc user? I don't want users - By the same token - I only want to enable password authentication for specific accounts. I want my SSH daemon to reject the password authentication attempts to thwart would-be hackers into thinking that I will not accept password authentication - except for the case in which someone knows my heavily guarded secret account, which is password enabled. I want to do this for cases in which my SSH clients will not let me do either secret key, or two-factor authentication.

Read the article
Reverse proxy using hop and RDP

- by Sergei

I am trying to connect from Vista to XP using RDP via reverse proxy using putty and an intermidiate host. There are myriad articles on the internet how to do it using vnc, ssh servers, winsshd, etc, but I can't find anything that helps me in this specific case. What I have: Windows XP host behind the firewall - 'destination' linux host running ssh on the internet - 'intermediate' windows host behind the firewall - 'source' All I want to do is open reverse tunnel from destination to intermidiate and use this tunnel for connecting back from the source. That should be simple to setup, however I just cannot make it. This is what I do: On 'destination', open putty session, create tunnel to 'intermediate' using following settings: source port 3389, destination is 'source:33389', direction is local On 'source', open putty session, create tunnel to 'intermediate'using following settings: source port 33389, destination is 'destination:33389', direction is local Finally, on source, open termnal services client and connect it to localhost:33389.Unfortunately it seems like packets do go somewhere but eventually client times out. Am I totally misunderstanding the concept? Please help!

Read the article
accidentally concatenate a large file on a remote system

- by Dan

Every once in a while on a computer I'm ssh'd into, I will accidentally type "cat largefile.txt" and my screen will start rushing with text for the next 10 minutes. I'm always working in a screen session, so my current solution is to just log out and then log back in, and since it can go 100X faster when I'm logged out, it'll finish in the short time it takes me to type my password in again. Is there a better way? Either involving the fact I'm in a screen session? Or a way to do this within SSH? What doesn't work: detaching from the screen session (doesn't respond until file is done outputting) trying command to move to a different window in the screen session (also doesn't respond) typing ctrl+C to kill cat command (also doesn't respond, probably because the command is done and the buffers just have to catch up)

Read the article
Same command on multiple servers

- by w00t

Hello everyone. I'm just wondering if there is any fellow sysadmin with the need to execute one command on multiple servers. If so, what technique are you using? I have grown tired to ssh-ing to 3-5 servers and executing the same thing over and over again, so I'm thinking to make my life easier. Also, I think I should create keys so I don't have to enter passwords anymore (though I'm using root). After 2 years of doing this, I kind of developed a laziness. I googled it up, I know about cssh, pssh, tentakel (this one seems cool), and the more pro-genre - Puppet (of which I just heard of, didn't invest the time to read the docs). BTW, I'm using XP+putty, so if there is any putty-cool-thingy available, that's welcome too. If not, I can always ssh to one server and from there start my rest-of-the-servers-conquest :) *evil* Hit me up. Thanks.

Read the article
Running a webserver behind a firewall, is it secure?

- by i.am.intern

Currently we have a Linux-based firewall which NAT-ing our public IP address to give internet access to our staff's PCs and a Windows Server 2003 for internal filesharing. I want to host Redmine/SVN (a bugtracker) internally behind this firewall using a Linux server. This webserver will be accessed by our clients externally so they can post bug reports. This means that I have to open port 80 & 22 at the firewall to give access to the webserver and me to SSH it from home. However, let's say I'm using password-based SSH for the webserver and somebody cracked it. Does that mean the cracker could ping and access other servers and PCs in the network?

Read the article
Making my SVN Public

- by azz0r

Hello, I'm looking todo an SVN checkout on a server so I need to make my local SVN public. I looked into GITHUB, but I'm not willing to pay or let the world see my project. Are there any alternates? Okay so I went through this tutorial: http://www.petri.co.il/setup-ssh-server-vista.htm Had some issues, so I did this: mail-archive.com/[email protected]/msg84875.html Now I'm wondering how let the SSH access my SVN repo found in c:/wamp/svnRepo. Any tutorials or advice (please no: go read this book crap) greatly welcome!

Read the article
Do superuser things with normal user

- by OrangeTux

I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

Read the article
How do I change the .bash_history file location?

- by Brian Graham

I'm running CentOS 6.x and want to move the .bash_history to a different location. The home directories of my users are (because I run a VPS) in /var/www/vhost/<domain>.<tld> which is FTP accessible (and it should be). Because of this, I have changed the AuthorizedKeysFile for SSH connections out of the normal ~/.ssh/authorized_keys since FTP connections would easily be able to locate them. At the same time I want to move the .bash_history file to /home/%u/.bash_history where %u is the current user.

Read the article
How can I set up an FTP user with a home directory inside another user's home folder?

- by simon180

Hi I have an Ubuntu (Hardy) server which I am using to host multiple websites. All of the sites are stored in subfolders of a public_html folder for my main login to the server and accessed via a single SSH account. I now have a website user who wants FTP (or similar) access to enable them to upload various files etc to the directory where their website is situated, however I still need the SSH account to have access to this directory as I may need to make changes using my master account. Basically I want to create an FTP account (I have VSFTPD installed) for a user with the home directory inside my own user account but they should only be able to read/write to this folder or its subfolders but not go further up the directory tree. How can I achieve this? Thanks

Read the article
How can I restrict the backuppc client user as much as possible? (rsync)

- by jxn

I have backuppc making full backups of servers, but I'd like to be sure that my set up is as paranoid as possible. BackupPC is set up to backup via rsync, and it is set up to use a specific user on each client to be backed up. Because the backuppc client user has to have access to every file on the client machine and the ability to ssh into the machine without an interactive password, I'm a little nervous about securing the clients, and I'd like to know I haven't overlooked any options. Here's what I have in place: in the client user's authorized_keys file, i've included from="IPTOSERVER",command="/usr/bin/rsync" before the user's public key, so that the user can only login coming from the BackupPC server. Next, in the sudoers file, I've added this line: backuppc ALL=NOPASSWD: /usr/bin/rsync to allow root-level permissions only for the rsync command for that user. Are there other user, policy, or ssh restrictions that I can add while still allowing the backup pc client user to rsync all files?

Read the article
Sun OS 5.10 not honoring .hushlogin

- by nixomose

I scp and ssh a zillion times a day, and because of our corporate policy I can't get rid of /etc/issue or /etc/motd on the destination machines. So whereas I just want to see the results of my scp or ssh, all I ever end up seeing is thousands of copies of the motd. .hushlogin doesn't seem to be honored. Any other ideas on how to get rid of the message display? Is there some sshd config setting I don't know about (though I probably couldn't change that either)? Is there some curiously sunos/solaris specific way to achieve the goal?

Read the article
user related commands hang on open("/etc/localtime", O_RDONLY) = 4 in CentOS 5.5

- by fuzzy lollipop

I am logged in as root when doing a strace -etrace=open adduser git it hangs on open("/etc/localtime", O_RDONLY) = 4 for like 2 minutes then continues on. Also when I try and strace -etrace=open su git it just hangs at the same place as well, I can't login via ssh as the git user either. Some other users I created work just fine, like su tomcat and I can ssh in as tomcat as well. I deleted the file that was at /etc/localtime and replaced it with a symlink to ln -s /usr/share/zoneinfo/US/Eastern /etc/localtime and it didn't change the behavior in any way.

Read the article
Mounting share over VPN

- by user1337

I have a CentOS 5 web server which currently mounts a NFS export on my Mac OS X 10.7 laptop. It works great, except over VPN I can't get it to mount at all. I tried SMBUp but haven't been able to get it working even locally. It doesn't look like there's an easy way to install netatalk for CentOS 5. Even still, I'm not sure if that's the best way to do it. I tried using a GUI SSH client that can "mount a FTP disk" and it would work, except the files require root access and there's no external root access and the client can't elevate permissions. The basic thing I need to do is have the server be able to read the files off of my laptop, connected via VPN. The files are frequently updated (every 5-20 seconds) so I don't want to manually do that via SSH. Which protocol can work with both platforms and easily handle the latency introduced by VPN (and potentially mobile broadband)? Thanks

Read the article
SFTP over double server hop

- by josh.trow

I'm trying to work out a method to allow me to access files on an SFTP server than I cannot access from my local machine. Currently, I have to SSH to a remote server (it is in a certain IP block that the final SFTP server will accept from), then from there SFTP to the destination server. From there, I get the files I am interested in, thereby dropping them onto the middleman server, from which I can get the files either over a Samba share or with a direct scp. I also work in the reverse, where I drop the files onto the middleman, SSH to it then SFTP to the destination and put them into the appropriate folders. My goal is to shorten this. The unfortunate restrictions are that my machine is Windows (I use KiTTy and/or Cygwin) and I cannot modify the middleman server (or destination server) in any way. I am willing to use command line or GUI programs so long as it works and is free. Any ideas?

Read the article
Putty freezes at random when logging into a remote machine in another continent

- by artknish

I have to ssh to a remote machine in Europe from Asia every day for my work. But Putty freezes sometimes at totally random times and I have no choice but to close and re-open a new ssh session. It's frustrating especially when I'm editing something or executing a long running program. I know the question really doesn't have much details ('cause nothing seems to be wrong with the network at all). Has anyone experienced this sort of issue with Putty and had resolved it? Thanks for your time!

Read the article

< Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76 | Next Page >