Stack Overflow
Stack Overflow

Questions tagged [ssh]

GENERAL SSH SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. Secure Shell (SSH) is a cryptographic network protocol for secure data communication. Use this tag for programming questions related to Secure Shell. Common authentication and configuration problems are off-topic for Stack Overflow.

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client (running SSH server and SSH client programs, respectively). The protocol specification distinguishes two major versions that are referred to as SSH-1 and SSH-2.

SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection and then use password authentication to log on.

Another is to use a manually generated public-private key pair to perform the authentication. This method allows users or programs to log in without having to specify a password. Anyone can produce a matching pair of different keys (public and private). The public key is placed on all computers that must allow access to the owner of the matching private key (the owner keeps the private key secret). Although authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key also owns the matching private key.

In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user.

Useful Links

Server Implementations

Client Implementations

Libraries

29979 questions
121
votes
13 answers

Setting up OpenSSH for Windows using public key authentication

I am having issues setting up OpenSSH for Windows, using public key authentication. I have this working on my local desktop and can ssh with a key from Unix machines or other OpenSSH for Windows machines. I have replicated the build onto a server, I…
Cambolie
  • 1,415
  • 2
  • 12
  • 14
121
votes
14 answers

How to create a bash script to check the SSH connection?

I am in the process of creating a bash script that would log into the remote machines and create private and public keys. My problem is that the remote machines are not very reliable, and they are not always up. I need a bash script that would check…
chutsu
  • 13,612
  • 19
  • 65
  • 86
117
votes
4 answers

How can you get the SSH return code using Paramiko?

client = paramiko.SSHClient() stdin, stdout, stderr = client.exec_command(command) Is there any way to get the command return code? It's hard to parse all stdout/stderr and know whether the command finished successfully or not.
Beyonder
  • 1,425
  • 3
  • 11
  • 8
115
votes
21 answers

git - Server host key not cached

I try to push changes from my local repo to a remote repo. When I type: git push origin I get the following error: The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The…
Rene Terstegen
  • 7,911
  • 18
  • 52
  • 74
114
votes
16 answers

ssh-copy-id no identities found error

I have few client systems where I need to push the ssh key and login from my server without authentication prompts. First, on the server, I created ssh key as below which was successful ]# ssh-keygen -t rsa -N "" -f my.key Second, tried copying…
user3331975
  • 2,647
  • 7
  • 28
  • 30
113
votes
6 answers

Is there a default password to connect to vagrant when using `homestead ssh` for the first time?

I'm trying to connect to vagrant via homestead ssh: vagrant@127.0.0.1's password: But my public key password doesn't work. My Homestead.yaml looks like this: authorize: ~/.ssh/id_rsa.pub keys: - ~/.ssh/id_rsa I'm using "Laravel Homestead…
stefan
  • 4,958
  • 4
  • 20
  • 37
113
votes
11 answers

SSH -L connection successful, but localhost port forwarding not working "channel 3: open failed: connect failed: Connection refused"

My lab runs RStudio on a server. A couple weeks ago, from my cousin's house, I successfully ssh'd into the server and pulled up the server-side RStudio through my local Firefox browser. Now when I try to access the server RStudio from home (via my…
user2762495
  • 1,173
  • 2
  • 9
  • 8
111
votes
2 answers

ssh connection refused on Raspberry Pi

I realize this question has already been asked in some different ways, however it doesn't seem like any of the ways I've come across have worked to fix this problem, so here it goes: I'm trying to connect to my raspberry pi 3 raspbian setup via ssh…
Matt
  • 1,159
  • 2
  • 8
  • 7
111
votes
9 answers

GitHub Error: Key already in use

I have created two GitHub accounts. One for my work user and one for my personal self. I needed to do catch up on some work and as such cloned my work repo onto my personal PC. In order to do simple "git push origin master" commits without…
John Crawford
  • 9,656
  • 9
  • 31
  • 42
110
votes
7 answers

How can I perform a `git pull` without re-entering my SSH password?

Is it possible to configure git/ssh so I don't have to enter my passphrase every time I want to perform a git pull? Note that the repo is a private one on github. Or, alternatively, what would be the best practice to automate code deployment from…
jldupont
  • 93,734
  • 56
  • 203
  • 318
110
votes
5 answers

List running Jupyter notebooks and tokens

How do you check the login tokens for all running jupyter notebook instances? Example: you have a notebook running in tmux or screen permanently, and login in remotely through ssh. Sometimes, particularly if you're logging in after a long time, the…
christopherlovell
  • 3,800
  • 4
  • 19
  • 26
110
votes
16 answers

Connect with SSH through a proxy

I have no real idea what I'm doing here so please bear that in mind if you can help me! I am trying to connect to my virtual server through a proxy but I can't connect, it just hangs. I'm assuming this is because it's not getting through our…
bencarter78
  • 3,555
  • 9
  • 35
  • 53
110
votes
28 answers

Can't push to bitbucket, Permission denied (publickey)

I am trying to push my project onto my bitbucket, been messing with this for about 4 days pouring through countless problem solving/pages/troubleshooting/tutorials. Im at a loss and very frustrated. I have done this before but on different…
josephleon
  • 1,219
  • 2
  • 9
  • 8
110
votes
9 answers

How to use ssh agent forwarding with "vagrant ssh"?

Rather than create a new SSH key pair on a vagrant box, I would like to re-use the key pair I have on my host machine, using agent forwarding. I've tried setting config.ssh.forward_agent to TRUE in the Vagrantfile, then rebooted the VM, and tried…
Matt V.
  • 9,703
  • 10
  • 35
  • 56
109
votes
2 answers

How do I get the public key of a pem file?

I have a .pem file containing my private key. However, a BitBucket deployment key has this format: ssh-rsa…
sdgfsdh
  • 33,689
  • 26
  • 132
  • 245
1 2 3
99 100