Stack Overflow
Stack Overflow

Questions tagged [ssh]

GENERAL SSH SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. Secure Shell (SSH) is a cryptographic network protocol for secure data communication. Use this tag for programming questions related to Secure Shell. Common authentication and configuration problems are off-topic for Stack Overflow.

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client (running SSH server and SSH client programs, respectively). The protocol specification distinguishes two major versions that are referred to as SSH-1 and SSH-2.

SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection and then use password authentication to log on.

Another is to use a manually generated public-private key pair to perform the authentication. This method allows users or programs to log in without having to specify a password. Anyone can produce a matching pair of different keys (public and private). The public key is placed on all computers that must allow access to the owner of the matching private key (the owner keeps the private key secret). Although authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key also owns the matching private key.

In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user.

Useful Links

Server Implementations

Client Implementations

Libraries

29979 questions
218
votes
19 answers

Find the IP address of the client in an SSH session

I have a script that is to be run by a person that logs in to the server with SSH. Is there a way to find out automatically what IP address the user is connecting from? Of course, I could ask the user (it is a tool for programmers, so no problem…
flybywire
  • 261,858
  • 191
  • 397
  • 503
218
votes
13 answers

How to scp in Python?

What's the most pythonic way to scp a file in Python? The only route I'm aware of is os.system('scp "%s" "%s:%s"' % (localfile, remotehost, remotefile) ) which is a hack, and which doesn't work outside Linux-like systems, and which needs help…
Michael Gundlach
  • 106,555
  • 11
  • 37
  • 41
217
votes
3 answers

How do I force detach Screen from another SSH session?

I had Screen running inside an SSH session. Terminal froze. After restarting Terminal, that Screen session still thinks it's attached. Maybe it is. Perhaps I don't really know what that means. I'd like to attach to that Screen session from a…
T. Brian Jones
  • 13,002
  • 25
  • 78
  • 117
216
votes
1 answer

SSH Port forwarding in a ~/.ssh/config file?

So I typically run this command a lot: ssh -L 5901:myUser@computer.myHost.edu:5901 I use it to do VNC over SSH. How do I convert that command into something that will work in a ~/.ssh/config file? ex: host yam HostName yam.myHost.edu …
Snow_Mac
  • 5,727
  • 17
  • 54
  • 80
216
votes
16 answers

ssh: Could not resolve hostname [hostname]: nodename nor servname provided, or not known

I am trying to set up a VPN with a Raspberry Pi, and the first step is gaining the ability to ssh into the device from outside my local network. For whatever reason, this is proving to be impossible and I haven't the slightest clue why. When I try…
qaxf6auux
  • 2,624
  • 4
  • 17
  • 19
211
votes
17 answers

Git error no matching host key type found. Their offer: ssh-rsa

I get the following error when using git: $ git pull Unable to negotiate with 172.16.42.42 port 22: no matching host key type found. Their offer: ssh-rsa fatal: Could not read from remote repository. Please make sure you have the correct access…
Jaroslav Bezděk
  • 6,967
  • 6
  • 29
  • 46
211
votes
9 answers

Work on a remote project with Eclipse via SSH

I have the following boxes: a) A Windows box with Eclipse CDT, b) A Linux box, accessible for me only via SSH. Both the compiler and the hardware required to build and run my project is only on machine B. I'd like to work "transparently" from a…
Kos
  • 70,399
  • 25
  • 169
  • 233
211
votes
17 answers

Perform commands over ssh with Python

I'm writing a script to automate some command line commands in Python. At the moment, I'm doing calls like this: cmd = "some unix command" retcode = subprocess.call(cmd,shell=True) However, I need to run some commands on a remote machine. Manually,…
fredley
  • 32,953
  • 42
  • 145
  • 236
210
votes
11 answers

Running SSH Agent when starting Git Bash on Windows

I am using git bash. I have to use eval `ssh-agent.exe` ssh-add /my/ssh/location/ every time when I start a new git bash. Is there a way to set ssh agent permanently? Or does windows has a good way to manage the ssh keys? I'm a new guy, please give…
zchholmes
  • 2,204
  • 2
  • 13
  • 8
209
votes
13 answers

com.jcraft.jsch.JSchException: UnknownHostKey

I'm trying to use Jsch to establish an SSH connection in Java. My code produces the following exception: com.jcraft.jsch.JSchException: UnknownHostKey: mywebsite.example. RSA key fingerprint is 22:fb:ee:fe:18:cd:aa:9a:9c:78:89:9f:b4:78:75:b4 I…
Alex
  • 16,409
  • 6
  • 40
  • 56
203
votes
7 answers

Github (SSH) via public WIFI, port 22 blocked

I'm currently on a public WIFI spot and I'm unable to use SSH (they probably blocked that port). However, I need that connection to do a git push. ➜ ssh -T git@github.com ssh: connect to host github.com port 22: Connection refused Is it possible to…
sougonde
  • 3,438
  • 3
  • 26
  • 35
202
votes
20 answers

ssh: The authenticity of host 'hostname' can't be established

When i ssh to a machine, sometime i get this error warning and it prompts to say "yes" or "no". This cause some trouble when running from scripts that automatically ssh to other machines. Warning Message: The authenticity of host '' can't be…
Senthil A Kumar
  • 10,306
  • 15
  • 44
  • 55
202
votes
8 answers

What is the proper way to sudo over ssh?

I have a script which runs another script via SSH on a remote server using sudo. However, when I type the password, it shows up on the terminal. (Otherwise it works fine) ssh user@server "sudo script" What's the proper way to do this so I can type…
darkfeline
  • 9,404
  • 5
  • 31
  • 32
197
votes
7 answers

SSH library for Java

Does anyone have an example of an SSH library connection using Java.
rperez
  • 8,430
  • 11
  • 36
  • 44
196
votes
8 answers

Error: Can't open display: (null) when using Xclip to copy ssh public key

I’m following in Generating SSH Keys, it says sudo apt-get install xclip Downloads and installs xclip. If you don't have apt-get, you might need to use another installer (like yum) xclip -sel clip < ~/.ssh/id_rsa.pub Copies the contents of the…
ZK Zhao
  • 19,885
  • 47
  • 132
  • 206
1 2 3
99 100