Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssh]

Secure Shell (SSH) is a protocol primarily for encrypted shell connections. This tag is also used for questions about sshd and openssh, the two standard applications for using SSH.

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notably passwords, in plaintext, rendering them susceptible to packet analysis.

It's important to note that there are two versions of SSH (1 and 2), and that version 1 is no longer considered secure, and should be replaced by version 2 where ever possible.

More information, including the more notable SSH-1 vulnerabilities, can be found at the Wikipedia page for SSH.

8868 questions
4
votes
1 answer

Can't seem to disable root login

I am trying to disable root password login and only allow root login with a ssh key on debian 7. cat << EOF >> /etc/ssh/sshd_config PasswordAuthentication yes UsePAM no PermitRootLogin without-password AllowUsers root test Port 433 LoginGraceTime…
Jimmy
  • 269
  • 4
  • 7
  • 23
4
votes
2 answers

How to change the sshd listen address on Mac OS X?

This question is similar to the question here, about changing the sshd port on Mac OSX, but instead of changing the port number, I want to change the listen address of my Mac's ssh server. Setting it in /etc/sshd_config doesn't work (just like it…
Chris Lercher
  • 4,152
  • 9
  • 35
  • 41
4
votes
1 answer

Why is sshd engaging PAM still?

Background/Behavior is: if you ssh to box via and GSSAPI/Kerberos succeeds and you have a local user in /etc/passwd, you login fine per below PAM config. All Good there. But if you don't have a local user in /etc/passwd but you can get a…
jouell
  • 621
  • 1
  • 5
  • 20
4
votes
5 answers

SSH remote access vpn tunnel

I have two machines both running CentOS linux, one is public facing machine with a real ip address (foo). The other is at a client's site behind a very restrictive firewall and with no real ip and no possibility of natting or opening an port to it…
Jona
  • 746
  • 1
  • 9
  • 17
4
votes
3 answers

Configuring Pfsense via ssh

I want to know how i can completely configure and add add tables to pfsense via ssh. my goal is to have a web installer that configured multiple system and based on the output it will configure the pfsense firewall. via the ssh, configure wan, lan…
Royce
  • 43
  • 1
  • 1
  • 4
4
votes
2 answers

How to set ssh tunnel properly so you can access site on the server as localhost

I've restricted some part of the sites just to localhost access for security reasons. In order to access them i would make a ssh tunnel like this ssh -L 8080:localhost:80 username@server.com and set the local browser at my pc to proxy…
user240891
  • 45
  • 1
  • 1
  • 5
4
votes
2 answers

Writing a fail2ban multiline regex

I've got some troublesome hosts trying it on with an SSH server I run, and I'm trying to ban them using fail2ban. Problem is, I haven't done much work with regexes, and even less with Python regexes. Here are the troublesome lines in my…
ticktockhouse
  • 731
  • 1
  • 10
  • 18
4
votes
1 answer

SFTP-server uploaded files having wrong rights

I have been trying to figure out what is wrong with the file rights. When I am uploading files using FileZilla all the files get rights -rw-r--r--. I would want them to have -rwxr-xr-x. I have tried using umask to fix the rights but something is…
Firze
  • 355
  • 6
  • 16
4
votes
0 answers

GSSAPITrustDns option missing from OpenSSH-6.7

I need to use the GSSAPITrustDns option to connect to a round robin service using Kerberos authentication. This works correctly using OpenSSH 5.3 and 6.6.1p1 on a selection of machines. I have an Arch linux machine that has OpenSSH 6.7 and my…
Morphit
  • 226
  • 1
  • 7
4
votes
2 answers

Add remote host to known_hosts file without prompt

I wrote some scripts and wish to add a remote host to my known_hosts file without any interaction. I can run a command like ssh -o "StrictHostKeyChecking no" root@10.x.x.x which will add the remote host key to my known hosts, but it will be followed…
VenomFangs
  • 647
  • 2
  • 7
  • 10
4
votes
1 answer

Fabric used to work with ssh-keys, but not anymore

I have my ssh key set up correctly and I can ssh into the remote machine without password. However, my fabric deploy script which could authenticate automatically until a couple of hours ago, started to ask me for my private key passphrase whenever…
lolski
  • 171
  • 1
  • 6
4
votes
2 answers

Permission denied (public key) ssh ec2 instance mac

Update2: $ ls -ld ~/.ssh drwx------ 8 user staff 272 2 Oct 17:51 /Users/user/.ssh $ ls -la ~/.ssh/config/file.pem -r--------@ 1 user staff 1692 2 Oct 17:11 /Users/user/.ssh/config/file.pem $ ls -la file.pem -rw-------@ 1 user staff 1692 2 Oct…
jskye
  • 145
  • 1
  • 1
  • 8
4
votes
1 answer

How to forward SSH agent connection to unqualified hostnames by default?

I have a number of local domains in my resolv.conf search order. I would very much like to forward SSH agent by default when I connect to an unqualified (without DNS suffix) hostname. The best I've been able to come up with is something like the…
Nathan Neulinger
  • 607
  • 1
  • 6
  • 17
4
votes
2 answers

VNC only over SSH

How can I configure VNC server so that it can be accessed only via SSH tunnel? With the default VNC server setting, there are at least two ways for someone else to login to my computer: by directly logging into my VNC server and my SSH server. Two…
RamyenHead
  • 311
  • 3
  • 6
  • 11
4
votes
1 answer

Can I use something like a tunnel for SSH in this Linux/Windows Remote Desktop scenario?

I have a Linux server (call it server-L) which i cannot directly ssh to it. In order to ssh it i should connect to a windows server(call it server-W) and then make ssh connection from it to my Linux server. I want to know are there any methods so…
VSB
  • 165
  • 1
  • 6
1 2 3
99 100