Questions tagged [ssh]

Secure Shell (SSH) is a protocol primarily for encrypted shell connections. This tag is also used for questions about sshd and openssh, the two standard applications for using SSH.

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notably passwords, in plaintext, rendering them susceptible to packet analysis.

It's important to note that there are two versions of SSH (1 and 2), and that version 1 is no longer considered secure, and should be replaced by version 2 where ever possible.

More information, including the more notable SSH-1 vulnerabilities, can be found at the Wikipedia page for SSH.

8868 questions
4
votes
3 answers

ssh_exchange_identification: Connection closed by remote host

I failed in ssh connection to a server. Here is the output of connection $ ssh -v [server] OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /home/tim/.ssh/config debug1: Reading configuration data…
Tim
  • 1,487
  • 6
  • 28
  • 43
4
votes
1 answer

Configure SFTP with OpenSSH and an AWS S3 Bucket mounted via S3FS on Amazon EC2

How do I allow multiple SFTP Users with S3FS and OpenSSH? Everything works, except SFTP Users don't have permission to write to their Chrooted Home Directory: remote open("/some_file"): Permission denied Setup I've got an Amazon EC2 instance running…
T. Brian Jones
  • 927
  • 4
  • 17
  • 29
4
votes
1 answer

ssh "incorrect signature" while connecting to server

I have a server that I usually connect to from multiple laptops, some FC22, FC23, or ubuntu. I installed a brand new laptop FC23, added the relevant keys in authorized_keys, etc: [mathieu@xps13 code]$ ssh -vvv root@ovh6 OpenSSH_7.2p2, OpenSSL…
mathieu
  • 213
  • 1
  • 2
  • 9
4
votes
2 answers

How to enable ssh on startup in opensuse

My experience with Linux is limited and as part of a project, I ordered a Linux dedicated server. This is an unmanaged server with OpenSuSE 13.2. When I try to ssh into the server, I get a connection refused message ssh: connect to host xxx.xxx...…
Mat J
  • 141
  • 1
  • 1
  • 4
4
votes
1 answer

Why won't my SSH keys forward properly?

I'm trying to ssh from my machine to another machine and from there to a third machine. When I do it manually, it works like this: localhost$ scp ~/.ssh/id_rsa myuser@myhost.something.something.com:. localhost$ ssh…
Saqib Ali
  • 559
  • 1
  • 9
  • 18
4
votes
3 answers

Non standard ssh port: should I edit /etc/services?

On a *nix system, when configuring ssh to listen on non standard port, should I also edit /etc/services to reflect that. I would think it should be done, so tools that use it (such as ufw) will recognize the correct port for ssh, but I see very…
Chen Levy
  • 283
  • 3
  • 13
4
votes
1 answer

iptables to allow only ssh and https

I'm trying to configure the iptables on my device in order to allow only SSH and HTTPS traffic. In particular, the HTTPS protocol is used to call some REST API toward a remote server from a java client. This is my iptables: iptables -F iptables -P…
wyr0
  • 149
  • 1
  • 1
  • 2
4
votes
2 answers

How to SSH to a remote server using a private key on Linux?

I have been trying to connect to a remote server using my private key file from the terminal, but it doesn't seem to work. I don't understand why. Here is how I do it: $ ssh -i private.ppk oap@10.20.0.11 Enter passphrase for key 'private.ppk': Enter…
Fokwa Best
  • 171
  • 6
4
votes
2 answers

Setup an ssh account that can only be used for a socks5 proxy

I have an arch linux machine behind a firewall. I can open a port forwarding for the ssh port. I would like to create a user that can be used only for a socks proxy. ssh -N -D 5000 user@server -p9000 5000 will be the local port the user uses for…
mist
  • 155
  • 6
4
votes
2 answers

firewalld: if I change the ssh service port, is it enough to allow the new port number, or should I add a new service?

I changed the ssh port to an arbitrary number, and noticed firewalld no longer allowed ssh login. I assume the port 22 is hardcoded in the ssh service definition for firewalld. Is it enough if I allow the new port for TCP traffic, or should I…
giorgio79
  • 1,837
  • 9
  • 26
  • 36
4
votes
1 answer

Portable SSH server for windows

Are there any portable SSH servers for windows? I need a really basic executable + config file I can just drop on machines and run as needed. TinySSH seems promising, but they don't have any windows builds (yet?). Most of the software out there…
toster-cx
  • 159
  • 1
  • 1
  • 5
4
votes
1 answer

extra sshd root instance

I have logged in to my server running Centos 7 via ssh and executed the following command: [me@server ~]$ ps -ef --forest | grep ssh root 476 1 0 Dec02 ? 00:00:00 /usr/sbin/sshd -D root 12366 476 0 23:26 ? 00:00:00 \_…
Skeeve
  • 195
  • 2
  • 7
4
votes
1 answer

PAM with LDAP and add an exception for local user

I've successfully configured LDAP and SSH. Also I've added a requirement that user should be in a group called admin. That works. /etc/ldap.conf ... pam_groupdn cn=admin,ou=Groups,dc=example,dc=com ... /etc/pam.d/sshd ...default ubuntu values…
kay
  • 329
  • 3
  • 9
4
votes
3 answers

centralized audit server solution for mutiple server management

We have dozens of Linux servers, and several developers, and each of the developer covers parts of the servers. Currently each server has an admin account, if someone want's to manage that server, his pubkey will be added to the server admin…
linjunhalida
  • 141
  • 5
4
votes
1 answer

SSH config ProxyCommand asks for public key

I'm trying to connect via a gateway to an EC2 instance. If I connect to gateway local> ssh gateway Then I can connect to EC2 without a password gateway> ssh ec2 # works However, trying to connect through the proxy seems to require the indentity…
Matt McCormick
  • 273
  • 2
  • 4
  • 10