Stack Overflow
Stack Overflow

Questions tagged [ssh]

GENERAL SSH SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. Secure Shell (SSH) is a cryptographic network protocol for secure data communication. Use this tag for programming questions related to Secure Shell. Common authentication and configuration problems are off-topic for Stack Overflow.

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client (running SSH server and SSH client programs, respectively). The protocol specification distinguishes two major versions that are referred to as SSH-1 and SSH-2.

SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection and then use password authentication to log on.

Another is to use a manually generated public-private key pair to perform the authentication. This method allows users or programs to log in without having to specify a password. Anyone can produce a matching pair of different keys (public and private). The public key is placed on all computers that must allow access to the owner of the matching private key (the owner keeps the private key secret). Although authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key also owns the matching private key.

In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user.

Useful Links

Server Implementations

Client Implementations

Libraries

29979 questions
644
votes
36 answers

mysql_config not found when installing mysqldb python interface

I am trying to get a Python script to run on the linux server I'm connected to via ssh. The script uses mysqldb. I have all the other components I need, but when I try to install mySQLdb via setuptools like so:, python setup.py install I get the…
user904542
  • 6,965
  • 5
  • 20
  • 28
626
votes
13 answers

How to permanently add a private key with ssh-add on Ubuntu?

I have a private key protected with a password to access a server via SSH. I have 2 linux (ubuntu 10.04) machines and the behavior of ssh-add command is different in both of them. In one machine, once I use "ssh-add .ssh/identity" and entered my…
duduklein
  • 10,014
  • 11
  • 44
  • 55
617
votes
7 answers

Why are connections to GitHub over SSH throwing an error "Warning: Remote Host Identification Has Changed"?

Just sometime ago I started getting this warning when pushing to GitHub. WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle…
Dheeraj Vepakomma
  • 26,870
  • 17
  • 81
  • 104
607
votes
25 answers

SSH Key: “Permissions 0644 for 'id_rsa.pub' are too open.” on mac

I generate a ssh key pair on my mac and add the public key to my ubuntu server(in fact, it is a virtual machine on my mac),but when I try to login the ubuntu server,it says: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ …
土豆丫
  • 6,175
  • 3
  • 14
  • 16
533
votes
23 answers

Change key pair for ec2 instance

How do I change the key pair for my ec2 instance in AWS management console? I can stop the instance, I can create new key pair, but I don't see any link to modify the instance's key pair.
Michael Chen
  • 5,438
  • 3
  • 15
  • 9
525
votes
32 answers

Adding a public key to ~/.ssh/authorized_keys does not log me in automatically

I added the public SSH key to the authorized_keys file. ssh localhost should log me in without asking for the password. I did that and tried typing ssh localhost, but it still asks me to type in the password. Is there another setting that I have to…
user482594
  • 16,878
  • 21
  • 72
  • 108
516
votes
33 answers

Git error: "Host Key Verification Failed" when connecting to remote repository

I am trying to connect to a remote Git repository that resides on my web server and clone it to my machine. I am using the following format for my command: git clone ssh://username@domain.example/repository.git This has worked fine for most of my…
bootsz
  • 5,271
  • 3
  • 13
  • 4
514
votes
11 answers

Is it possible to specify a different ssh port when using rsync?

I have been attempting the following command: rsync -rvz --progress --remove-sent-files ./dir user@host:2222/path SSH is running on port 2222, but rsync still tries to use port 22 and then complains about not finding the path, cause of course it…
Ketema
  • 6,108
  • 3
  • 21
  • 24
507
votes
19 answers

Specify an SSH key for git push for a given domain

I have the following use case: I would like to be able to push to git@git.company.com:gitolite-admin using the private key of user gitolite-admin, while I want to push to git@git.company.com:some_repo using 'my own' private key. AFAIK, I can't solve…
Confusion
  • 16,256
  • 8
  • 46
  • 71
494
votes
15 answers

scp (secure copy) to ec2 instance without password

I have an EC2 instance running (FreeBSD 9 AMI ami-8cce3fe5), and I can ssh into it using my amazon-created key file without password prompt, no problem. However, when I want to copy a file to the instance using scp I am asked to enter a…
Hoff
  • 38,776
  • 17
  • 74
  • 99
492
votes
4 answers

Transferring files over SSH

I'm SSHing into a remote server on the command line, and trying to copy a directory onto my local machine with the scp command. However, the remote server returns this "usage" message: [Stewart:console/ebooks/discostat] jmm% scp -p ./styles/ usage:…
Josh Maurice
471
votes
9 answers

Pseudo-terminal will not be allocated because stdin is not a terminal

I am trying to write a shell script that creates some directories on a remote server and then uses scp to copy files from my local machine onto the remote. Here's what I have so far: ssh -t…
Matthew
  • 12,892
  • 6
  • 42
  • 45
464
votes
6 answers

.bashrc at ssh login

When I ssh into my ubuntu-box running Hardy 8.04, the environment variables in my .bashrc are not set. If I do a source .bashrc, the variables are properly set, and all is well. How come .bashrc isn't run at login?
Hobhouse
  • 15,463
  • 12
  • 35
  • 43
462
votes
7 answers

git clone with HTTPS or SSH remote?

git clone supports both HTTPS and SSH remote URLs. Which should I use? What are the advantages of each? GitHub's docs don't make a recommendation either way. I recall in 2013 GitHub used to recommend SSH (archive link). Why was that?
John Livermore
  • 30,235
  • 44
  • 126
  • 216
445
votes
14 answers

What is the cleanest way to ssh and run multiple commands in Bash?

I already have an ssh agent set up, and I can run commands on an external server in Bash script doing stuff like: ssh blah_server "ls; pwd;" Now, what I'd really like to do is run a lot of long commands on an external server. Enclosing all of these…
Eli
  • 36,793
  • 40
  • 144
  • 207
1
2
3
99 100