Search Results

Search found 358 results on 15 pages for 'openssh'.

Page 8/15 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • SFTP access without hassle

    - by enobayram
    I'm trying to provide access to a local folder for someone over the internet. After googling around a bit, I've come to the conclusion that SFTP is the safest thing to expose through the firewall to the chaotic and evil world of the Internet. I'm planning to use the openssh-server to this end. Even though I trust that openssh will stop a random attacker, I'm not so sure about the security of my computer once someone is connected through ssh. In particular, even if I don't give that person's user account any privileges whatsoever, he might just be able to "su" to, say, "nobody". And since I was never worried about such things before, I might have given some moderate privileges to nobody at some point (not sudo rights surely!). I would of course value your comments about giving privileges to nobody in the first place, but that's not the point, really. My aim is to give SFTP access to someone in such a sandboxed state that I shouldn't need to worry about such things (at least not more so than I should have done before). Is this really possible? Am I speaking nonsense or worried in vain?

    Read the article

  • Jailkit not locking down SFTP, working for SSH

    - by doublesharp
    I installed jailkit on my CentOS 5.8 server, and configured it according to the online guides that I found. These are the commands that were executed as root: mkdir /var/jail jk_init -j /var/jail extshellplusnet jk_init -j /var/jail sftp adduser testuser; passwd testuser jk_jailuser -j /var/jail testuser I then edited /var/jail/etc/passwd to change the login shell for testuser to be /bin/bash to give them access to a full bash shell via SSH. Next I edited /var/jail/etc/jailkit/jk_lsh.ini to look like the following (not sure if this is correct) [testuser] paths= /usr/bin, /usr/lib/ executables= /usr/bin/scp, /usr/lib/openssh/sftp-server, /usr/bin/sftp The testuser is able to connect via SSH and is limited to only view the chroot jail directory, and is also able to log in via SFTP, however the entire file system is visible and can be traversed. SSH Output: > ssh testuser@server Password: Last login: Sat Oct 20 03:26:19 2012 from x.x.x.x bash-3.2$ pwd /home/testuser SFTP Output: > sftp testuser@server Password: Connected to server. sftp> pwd Remote working directory: /var/jail/home/testuser What can be done to lock down SFTP access to the jail? FWIW, I mostly used this as a guide: http://digitalpatch.blogspot.com.ar/2010/03/openssh-daemon-hardening-part-3-setup.html

    Read the article

  • SSH connect error

    - by DMDGeeker
    I use a notebook with Ubuntu 12.10 and try to connect a server with Ubuntu 12.04. The server has already installed openssh-server. And allow publick key and password to login. But I connect the server sometime well but after minutes it will be error. First, it will show me these messages:    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!    ......    Add correct host key in /home/myname/.ssh/known_hosts to get rid of this message. but I never reinstall system and the openssh-server. Both are never changed! The server nerver shutdown or reboot. Second, after I remove the relative key from my known_hosts and use ssh connect the server again, it will let me type my password. then my nightmare coming... Permission denied (publickey,password) But I typed the correct password! PS: I used password and public key both success. But the problem will appear again after i logout then login.

    Read the article

  • Mercurial "server"

    - by user85116
    I've been using mercurial for a little while, but mainly for my own usage. Now though, I have a project I'm working on where two of us are building the same project, and we will probably be modifiying each other's files. I would like to setup a mercurial repo on a server, make that repo the "server", so my changes and the other editor's changes both push to that server (so basically the subversion / cvs model); I like mercurial though, and don't want to switch to something like subversion. Here in my own network, everything is done on linux, and my "server" has openssh installed. So pushing my changes (I work on multiple computers) from one computer to the server is just a matter of "hg push"; the protocol used is ssh for transfering the changes. The problem is that I use linux, the server will be windows (so no openssh, right?) and the other editor will be using windows too. As far as I know, the best way of working in mercurial in these types of setups is for the repo to pull changes from the source, rather then the source pushing to the "server". I'm behind several firewall's (not entirely my network) and my computer won't be visible from the server, and I'm assuming the other editor will be behind a firewall too (so we can't just start up the local mercurial http server and get the "server" computer to pull from that). What's the best way for both editors to get our changes to the server repo? (I should add that the server is a server on the internet, so just as visible as something like google.com. It's a hosted windows server, but I would probably have permission to install software if needed for this)

    Read the article

  • CYGWin and sshd. Accepts authentication, but won't connect

    - by timramich
    Everything I find relating to this is the "ssh-exchange-identification:" error. This doesn't happen for me. I get two lines: Connection to localhost closed by remote host. Connection to localhost closed. ssh -v localhost spits out: OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/tim/.ssh/id_rsa type -1 debug1: identity file /home/tim/.ssh/id_rsa-cert type -1 debug1: identity file /home/tim/.ssh/id_dsa type -1 debug1: identity file /home/tim/.ssh/id_dsa-cert type -1 debug1: identity file /home/tim/.ssh/id_ecdsa type -1 debug1: identity file /home/tim/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8 debug1: match: OpenSSH_5.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 64:e3:27:90:ef:48:93:21:38:ea:9b:0e:0b:07:b0:2a debug1: Host 'localhost' is known and matches the ECDSA host key. debug1: Found key in /home/tim/.ssh/known_hosts:1 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/tim/.ssh/id_rsa debug1: Trying private key: /home/tim/.ssh/id_dsa debug1: Trying private key: /home/tim/.ssh/id_ecdsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password tim@localhost's password: debug1: Authentication succeeded (password). Authenticated to localhost ([::1]:22). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: channel 0: free: client-session, nchannels 1 Connection to localhost closed by remote host. Connection to localhost closed. Transferred: sent 2008, received 1376 bytes, in 0.0 seconds Bytes per second: sent 64774.0, received 44387.0 debug1: Exit status -1 I'm really at wit's end here because I couldn't get Windows' remote shell to even work. I'm so sick of using VNC just to get to a shell. Plus Windows' shell sucks because there is nothing like screen. Thanks

    Read the article

  • Internal SFTP Settings

    - by matt ryan
    Goal: to limit user access to home directory and symlinked directories in home. I tried the following configuration in sshd_config # Subsystem sftp /usr/lib/openssh/sftp-server Subsystem sftp internal-sftp Match user matt ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp and then restarted sshd. User can't login using the correct password. Connection refused authentication failed.

    Read the article

  • Options for an SFTP server on a Windows Machine

    - by Hythloth
    We have a client who wishes to send files to us via SFTP (citing that FTP is inherently insecure). We have a Windows Environment (Windows 2003 Server). Currently, I'm reviewing copssh (OpenSSH for Windows, http://www.itefix.no/i2/copssh), and am looking for alternatives, or thoughts on copssh or any other SFTP option for Windows. The simpler to setup and administer, the better. I have never setup an SFTP host, before, so I'm curious what you all would recommend.

    Read the article

  • SSH into VirtualBox Guest: Connection Refused

    - by Eric J.
    Setup Windows 7 64-bit host OS running VirtualBox 4.2, with Ubuntu 12.04 guest OS. OpenSSH server is installed and running (ssh -v localhost connects locally in the guest machine). Can SSH to external servers (no outbound Windows firewall rule blocking port 22) Can ping the IP of the guest (192.168.56.101) Problem Using PuTTY to SSH to the IP of the guest OS (192.168.56.101), PuTTY returns almost immediately with Network error: connection refused How can I diagnose & resolve this issue?

    Read the article

  • How can access files on shared drive from Windows 2008 server configured with SFTP

    - by communicator
    I have installed OpenSSH on my windows 2008 server by following the user guide here . Now I have some files on windows network share with UNC path as \\corp\test\testdata I want map this file system on network share to my windows 2008 server which is configred with SFTP so that I can access these files from my Java Program by doing SFTP to windows 2008 server.Is there anyway I can map the network share to C or other drive in server so that all the files on the share will be available as local files on the server?

    Read the article

  • SSH equivalent of .profile/.bashrc

    - by Ramon
    I am looking for a way to automatically define some aliases inside my session on any server I ssh to. I can't put them in the .bashrc files on the server because the user accounts I log in with are shared by other people and besides there are dozens of them and maintaining a script on every machine would be painful. I know I could use expect to type the aliases automatically but I was just wondering if OpenSSH has anything built-in that could conceivably be used to achieve this?

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • 404 when doing safe-upgrade in lucid 64 box?

    - by Millisami
    Why I see 404 when doing sudo aptitude safe-upgrade in my lucid 64 box? deploy@li167-251:~$ sudo aptitude safe-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done The following packages will be upgraded: apache2 apache2-mpm-prefork apache2-threaded-dev apache2-utils apache2.2-bin apache2.2-common apt apt-utils base-files binutils bzip2 dpkg dpkg-dev gzip ifupdown krb5-multidev language-pack-en language-pack-en-base language-selector-common libatk1.0-0 libatk1.0-dev libavahi-client3 libavahi-common-data libavahi-common3 libbz2-1.0 libc-bin libc-dev-bin libc6 libc6-dev libc6-i686 libcups2 libfreetype6 libfreetype6-dev libglib2.0-0 libglib2.0-dev libgssapi-krb5-2 libgssrpc4 libgtk2.0-0 libgtk2.0-common libgtk2.0-dev libk5crypto3 libkadm5clnt-mit7 libkadm5srv-mit7 libkdb5-4 libkrb5-3 libkrb5-dev libkrb5support0 libldap-2.4-2 libldap2-dev libmysqlclient-dev libmysqlclient16 libnotify-dev libnotify1 libpam-modules libpam-runtime libpam0g libparted0debian1 libpng12-0 libpng12-dev libpq-dev libpq5 libssl-dev libssl0.9.8 libtiff4 libudev0 libusb-0.1-4 linux-libc-dev mountall mysql-client mysql-client-5.1 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 openssh-client openssh-server openssl parted python-apt sudo tzdata udev upstart ureadahead wget xulrunner-1.9.2 xulrunner-1.9.2-dev The following packages are RECOMMENDED but will NOT be installed: colibri debhelper fakeroot hicolor-icon-theme libatk1.0-data libglib2.0-data libgtk2.0-bin libhtml-template-perl manpages-dev notification-daemon notify-osd ssl-cert xauth xfce4-notifyd 88 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 85.8MB of archives. After unpacking 1712kB will be used. Do you want to continue? [Y/n/?] y Writing extended state information... Done Get:1 http://security.ubuntu.com/ubuntu/ lucid-updates/main libpam-modules 1.1.1-2ubuntu5 [358kB] Get:2 http://security.ubuntu.com/ubuntu/ lucid-updates/main base-files 5.0.0ubuntu20.10.04.2 [70.2kB] Get:3 http://security.ubuntu.com/ubuntu/ lucid-updates/main gzip 1.3.12-9ubuntu1.1 [102kB] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc-bin 2.11.1-0ubuntu7.2 404 Not Found [IP: 91.189.88.37 80] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc6 2.11.1-0ubuntu7.2 404 Not Found [IP: 91.189.88.37 80] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc6-i686 2.11.1-0ubuntu7.2 .........

    Read the article

  • which is the recommended way to install sshd in cygwin on windows 7 enterprise

    - by anjanb
    What is the recommended procedure to install sshd on Windows 7 Enterprise ? I have already installed cygwin and openssh on this computer. i'm open to non-cygwin sshd as long as there won't be any compatibility issues with cygwin related programs. UPDATE I want setup/config information as well. Currently, I get an error if I try to connect to localhost. $ ssh localhost ssh: connect to host localhost port 22: Connection refused

    Read the article

  • Lost SSH Key, is it possible to log in via some other method now?

    - by Daniel Hai
    So I happened to do the cardinal sin of administration. I changed the openssh settings, and accidently closed that terminal before I could test it, and of course, now I'm completely locked out. I was using password-less private key authentication. Am I completely screwed out of my server? This is a VPS system -- is there a way where I could have someone at the datacenter log in locally and redo the ssh settings?

    Read the article

  • SSH: Port Forwarding, Firewalls, & Plesk

    - by Kian Mayne
    I edited my SSH configuration to accept connections on Port 213, as it was one of the few ports that my work firewall allows through. I then restarted sshd and everything was going well. I tested the ssh server locally, and checked the sshd service was listening on port 213; however, I still cannot get it to work outside of localhost. PuTTY gives a connection refused message, and some of the sites that allow check of ports I tried said the port was closed. To me, this is either firewall or port forwarding. But I've already added inbound and outbound exceptions for it. Is this a problem with my server host, or is there something I've missed? My full SSH config file, as requested: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. Port 22 Port 213 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • PuTTY: Forcibly terminate an SSH session without closing the window

    - by jjlin
    Is there a way to forcibly terminate an SSH session in PuTTY, short of closing the PuTTY window? For example, in OpenSSH, I can use the ~. escape sequence to kill the connection. This is useful when the SSH session stops responding for some reason, but I don't want to lose any of my current session-specific settings. In that case, I'd like to kill the session and then use Restart Session to reconnect.

    Read the article

  • Ubuntu Server on live Internet

    - by vaibhav
    I just installed Ubuntu Server 12.04 in an office machine with openSSH, DNS and LAMP Server. I also made the IP static and I can access the server in my office premises easily, but when I try to access my server from my home it is not working. I know I have to make some changes and need to install some firewall (I had just gone through with a couple of posts) but I guess an expert advise will save my time here.

    Read the article

  • How to increase screen resolution in Hyper-V

    - by Saad
    I am using Ubuntu 12.04 on Hyper-V in windows 8. I want to increase the resolution so that Ubuntu window can occupy my whole screen. Does anyone have any idea of how it can be done ? I found one solution http://nramkumar.org/tech/blog/2013/05/04/ubuntu-under-hyper-v-how-to-overcome-screen-resolution-issue/, I have installed OpenSSH server on Ubuntu and Xming and Putty on windows. I am not sure what hostname to use to connect to Ubuntu (running in Hyper-V), using [email protected] or username@localhost in the hostname field returns error "Network error:connection refused". Can someone help me figure out what i am doing wrong ?

    Read the article

  • Ubuntu server on VM outgoing network(ping google.com) working, incoming(127.0.0.1:8080) is not. Was working previusly

    - by IvarsB
    I have recently installed Ubuntu server with LAMP,OpenSSH and mail on Oracle's VM, it's incoming networking was recently working, apache's default message could be seen when opening 127.0.0.1:8080. But now it's not! :( Could you give me any tips? I couldn't google anything that helped me. :( I'm running windows 7 with such settings http://www.bildites.lv/images/3d91ikwtraw0ld7lhv.png I recently used apt-get --purge remove phpmyadmin. Could that be the problem? How should I fix it? Thank you in advance! Ivars. EDIT: Sorry for the lame formating.

    Read the article

  • Do Not Uninstall Flag on Apt?

    - by Daniel C. Sobral
    Does the Debian/Ubuntu package infrastructure has some way of marking packages so that they never get uninstalled, no matter the pinning of other packages? My problem is that, sometimes, packages installed by Puppet (coming from non-standard repositories, of course) cause other packages to get uninstalled -- in particular, openssh-{server,client}. The way this happens is that package A and B depend on different versions of package C. If A is installed and one asks to install B, then the version of C changes. The new version of C is incompatible with A, so A gets uninstalled. The funny thing is that the process is then reversed, as, on the next run, Puppet notices that A is not installed and tries to install it. So, basically, I want to make sure A never gets uninstalled, which would prevent B from getting installed. That would be reported as an error, making me aware of the issue. If anyone cares, Puppet uses the following command to install packages: /usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold install <package>

    Read the article

  • How can I remove packages using preseed?

    - by Jorge Castro
    I'm setting up an automated "no questions asked" preseed system and using Dustin Kirkland's server preseed as an example. He uses the following line to install three packages as part of the automated install: d-i pkgsel/include string byobu vim openssh-server I am looking for the inverse of this, basically be able to remove packages as part of the automated install. I've checked the Installation Guide I've checked this example preseed, but it's not clear if this is the canonical list of every single option available. I am thinking I need to to use d-i preseed/late_command string apt-remove packagename to clean up stuff I don't want when the install is done, but I am not sure

    Read the article

  • Which of VLC's dependencies causes sound device detection?

    - by Raphael
    I am setting up a headless music server based on the minimal Ubuntu image. After having installed the packages openssh-server,pulseaudio, libmad0,flac,liboff0,libid3tag0,libvorbis0a,ffmpeg, mpd,mpc,mpdscribble, paman,paprefs,pavumeter neither my internal soundcard nor the external DAC where detected by pulseaudio, that is pactl list did only list the dummy devices. Several reboots did not change that. The hardware devices are detected properly: ~$ lsusb | grep Texas Bus 002 Device 002: ID 08bb:2706 Texas Instruments Japan ~$ lspci | grep Audio 00:1b.0 Audio device: Intel Corporation N10/ICH 7 Family High Definition Audio Controller (rev 02) Following a hunch, I installed vlc with all dependencies. After a reboot, both devices are detected! ~$ pactl list | grep "Sink: alsa_output" Monitor of Sink: alsa_output.pci-0000_00_1b.0.analog-stereo Monitor of Sink: alsa_output.usb-Burr-Brown_from_TI_USB_Audio_DAC-00-DAC.analog-stereo Now I would like to remove VLC again but keep the devices. The question is: which of the many dependencies of VLC enables proper device detection? And why on earth is it not a dependency of pulseaudio?

    Read the article

  • FTP over ssh hangs on "Connection established: Waiting for Welcome Message"

    - by Siriss
    I have looked far and wide and have not quite found the answer. I am running ubuntu 11.10, openssh, and vsftpd. I am trying to configure my FTP to tunnel over ssh. My ssh connection works just fine and I can create the tunnel to my FTP port. When I go to use Filezilla to connect, it hangs at "Waiting for Welcome Message". I think it is an iptables issue, but I can't seem to figure out what needs to be changed. When I take iptables down, it connects just fine. I don't want to open any more external ports, just my one SSH port, and I can't seem to get it right on the internal port forwarding rule. I always end up opening it to the outside. I would love some help if anyone has any ideas and I hope I have made it clear. Thank you in advance!!

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >