Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssh]

Secure Shell (SSH) is a protocol primarily for encrypted shell connections. This tag is also used for questions about sshd and openssh, the two standard applications for using SSH.

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notably passwords, in plaintext, rendering them susceptible to packet analysis.

It's important to note that there are two versions of SSH (1 and 2), and that version 1 is no longer considered secure, and should be replaced by version 2 where ever possible.

More information, including the more notable SSH-1 vulnerabilities, can be found at the Wikipedia page for SSH.

8868 questions
82
votes
15 answers

What causes SSH error: kex_exchange_identification: Connection closed by remote host?

I setup a SSH server online that is publicly accessible by anyone. Therefore, I get a lot of connections from IPs all over the world. Weirdly, none actually try to authenticate to open a session. I can myself connect and authenticate without any…
soliz
  • 922
  • 1
  • 5
  • 7
81
votes
8 answers

Is it possible to use rsync over sftp (without an ssh shell)?

Rsync over ssh, works great every time. However, trying to rsync to a host which allows only sftp logins, but not ssh logins, provides the following error: rsync -av /source ssh user@remotehost:/target/ protocol version mismatch -- is your shell…
Tom Feiner
  • 17,578
  • 8
  • 30
  • 24
79
votes
5 answers

Change default directory when I SSH to server

I was wondering if there is a way to change the default directory that I get put into after I SSH into my Ubuntu server. 99% of the time when I'm logging into my server, it is to access files within a specific directory: /var/www/websites Is there…
Bob Flemming
  • 1,245
  • 3
  • 14
  • 17
78
votes
11 answers

Allow SCP but not actual login using SSH

Is there any way to configure a user on a Linux box (Centos 5.2 in this case) so that they can use scp to retrieve files, but can't actually login to the server using SSH?
DrStalker
  • 6,946
  • 24
  • 79
  • 107
77
votes
11 answers

Why is ssh agent forwarding not working?

In my own computer, running MacOSX, I have this in ~/.ssh/config Host * ForwardAgent yes Host b1 ForwardAgent yes b1 is a virtual machine running Ubuntu 12.04. I ssh to it like this: ssh pupeno@b1 and I get logged in without being asked for a…
Pablo Fernandez
  • 7,438
  • 25
  • 71
  • 83
74
votes
4 answers

SSH key authentication using LDAP

In short: Would like a way to do SSH key authentication via LDAP. Problem: We use LDAP (slapd) for directory services and we've recently moved to using our own AMI for building instances. The reason the AMI bit is important is that, ideally, we…
c4urself
  • 5,530
  • 3
  • 28
  • 39
74
votes
6 answers

How to scan local network for SSH-able computers?

I am often on one computer in my house and I would like to SSH to another one, but often don't know the IP address of the one I want to connect to. Is there a way, from the command line, to scan the local network so I can find the computer I want to…
Andrew
  • 3,453
  • 9
  • 33
  • 36
74
votes
11 answers

Why is SSH password authentication a security risk?

Most guides for OpenSSH configuration advise to disable password authentication in favor of key-based authentication. But in my opinion password authentication has a significant advantage: an ability to connect from absolutely anywhere without a…
Septagram
  • 937
  • 1
  • 8
  • 13
74
votes
9 answers

Is there a way to avoid SSH typing delay?

Can I tell SSH to send the data only after pressing enter or tab, and not after each individual keypress?
StackedCrooked
  • 1,387
  • 3
  • 13
  • 22
74
votes
3 answers

How do I connect to ssh with a different public key?

I have two public keys, one for some servers and one for others. How do I specify which key to use when connecting to a server?
rid
  • 951
  • 1
  • 7
  • 11
74
votes
16 answers

Why Block Port 22 Outbound?

I'm a programmer, and I have worked for a few clients whose networks block outgoing connections on port 22. Considering that programmers often need to use port 22 for ssh, this seems like a counterproductive procedure. At best, it forces the…
runako
  • 841
  • 1
  • 6
  • 6
74
votes
2 answers

Multiple public keys for one user

This question is similar to SSH public key authentication - can one public key be used for multiple users? but it's the other way around. I'm experimenting on using ssh so any ssh server would work for your answers. Can I have multiple public keys…
Russell
  • 887
  • 1
  • 7
  • 7
71
votes
8 answers

Securely add a host (e.g. GitHub) to the SSH known_hosts file

How can I add a host key to the SSH known_hosts file securely? I'm setting up a development machine, and I want to (e.g.) prevent git from prompting when I clone a repository from github.com using SSH. I know that I can use StrictHostKeyChecking=no…
Roger Lipscombe
  • 2,177
  • 6
  • 24
  • 37
71
votes
6 answers

How to remove strict RSA key checking in SSH and what's the problem here?

I have a Linux server that whenever I connect it shows me the message that changed the SSH host key: $ ssh root@host1 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ …
setatakahashi
  • 1,457
  • 2
  • 13
  • 15
66
votes
6 answers

Straight forward way to run ssh-agent and ssh-add on login via SSH?

I'm trying to have the following commands be auto-executed when I login to my server via ssh: ssh-agent /bin/bash ssh-add ~/.ssh/id_rsa My ssh key has a passphrase and I'm fine with entering it once per login. I tried putting this in my .bashrc…
Click Upvote
  • 855
  • 2
  • 8
  • 12
1 2 3
99 100