OpenSUSE Network :: 11.3 - SSH Connections Using Public / Private Keys Rejected
Aug 10, 2010
My ISP has for a long time had a broken forward/reverese DNS so that my ADSL connection with static IP address resolves to a completely different IP address on a reverse query. This has not been a problem until I upgraded a remote server from 10.3 to 11.3 last weekend and now ssh connections from my ADSL connection to it using public/private keys are being rejected with the following message in /var/log/messages (IP addresses changed):
Aug 10 12:00:32 penguin1 sshd[1270]: Address 83.175.246.243 maps to 83-175-246-243.static.dsl.aupex.com, but this does not map back to the address - Possible Break in Attempt!
But if I log in interactively with username & password, the connection succeeds. I've changed the StrictModes setting in sshd_config to 'no' but this hasn't resolved the problem. Obviously something in 11.3 is being stricter about this IP mismatch than it was in 10.2 (and no, the server is not using a firewall). There must be something I can change to make sshd more permissive? I've tried before to get my ISP to fix their problem but no luck. This needs to be sorted as a server at my home (which does not run SuSE) retrieves backups from the remote OpenSuSE 11.3 server every night using scp and these are now failing.
View 3 Replies
ADVERTISEMENT
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Feb 27, 2011
I'm trying to set up my laptop to ssh into my home server, but I'm trying to find how to generate the public/private keys. I was able to do it in Slack 12.2 by just running ssh-keygen, but that command is not in 13.x.
View 2 Replies
View Related
Jul 19, 2010
Another question though...i have a fedora 12 server set up and i have created 3 sudo users. I have created 3 putty keys (public and private) using putty key gen and basedn my research i was told to put the public keys in /home/"user"/.ssh/authorized_keys .I did that but when i tried to log on using the key...the server is saying "server refused key" could anyone assist in this issue
View 4 Replies
View Related
Jan 26, 2010
I installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla. In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)? Or, is there an automated way to set this up via Webmin?
View 1 Replies
View Related
Mar 26, 2010
At the moment we have one SSH server with the private key being on a usb flash drive, and the public key being on the server in authorized_keys2. Now that three more servers are coming online, should we generate new keys, so we have muliple private and public keys (one pair for each server), or use the same two keys to access all the servers
View 5 Replies
View Related
Sep 9, 2010
My calling application will accept only strings and interger. we are replacing RSA bsafe library to openssl. using RSA bsafe, we have generated the private and public key in BER format. Then convert the keys, BER format into ASCII format to send the calling function. (these everything done by using RSA supplied bsafe library) same way i have to right using openssl..i m now able convert the RSA public and private key into DER format
rsa = RSA_generate_key(1024, 3, NULL, NULL);
{
size_t size;
[code]....
View 1 Replies
View Related
Mar 14, 2010
i am totally new to Opensuse and to filezilla. I formerly used winscp - a windows-client for ssh.now i have a linux box and want to connect to the server via ssh ing filezilla.Can i use the same keys as i used in WinSCP - where should i store them and the third question.I read something about a certain so called certificate-file that has to be created!?
View 1 Replies
View Related
Feb 26, 2010
I have openSUSE 11.2 installed and i need to create a gateway server that allows virtual private network connections. I want to play with my friends some lan games, but we are in different networks, so i want to create this gateway server so we can connect with VPN clients to this server and play freely.
View 7 Replies
View Related
Jan 11, 2011
We have to connect one PC in private network (campus) with other PC (mostly a modem in our case)in public network. Connection should be peer to peer like and we have to use C coding for establishing connection between this two systems. Is it possible if we use port forwarding or is there any other way?
View 2 Replies
View Related
Nov 17, 2010
For using SSH, why does a host also need to have a public and private key? And how can I generate a public/private key pair for myself?
View 5 Replies
View Related
Jan 28, 2011
I created a private/public pair. I put the public on github.But I can never push to github.Every time, it says public denied. In order to push, I need to do this:eval ssh-agentssh-add ~/.ssh/github_dsaThis is driving me nuts that I have to do this every time. So, I just put it in my ~/.bashrc file. I feel like that's a hack. Is this normal?
View 1 Replies
View Related
May 7, 2010
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies
View Related
Jun 2, 2011
I have a strange problem and I can't seem to find clear information on how to do this . I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
internal vip - 192.168.0.199
external vip - 195.x.x.21
lb1 -master
bond0 - private - 192.168.0.239
[code]...
View 1 Replies
View Related
Feb 6, 2011
I have a class in which a have declared a private variable "time". In one of the public functions, I am returning the value of "time" (either directly by using "return time;" or by something similar to "x=time; return x;" but I keep getting a compiling error saying that "time" is not declared in this scope.
View 3 Replies
View Related
Dec 7, 2010
Most of our machines have public facing and backend mgmt private nics(ie: 192 or 172 networks). I wrote a rule that matches source ip(our monitor on a 192 network) on udp 161 accept. I want to prevent listening on that port on the public. Is the source rule sufficient or should I match the interface and then source? I know there a many ways to do this. I need to verify from the public network with a port scanner?
View 2 Replies
View Related
Mar 27, 2010
So after tinkering for a while, I was able to configure ssh for private/public key authentication and disabled Password-Authentication. In the past I had some issues with people brute force trying passwords/usernames so I want to avoid this, but I need some form of secure FTP that now doesn't work due to the aforementioned setting.
View 2 Replies
View Related
Feb 12, 2011
My Ubuntu server is now providing routing duties to my network, but I'm having trouble opening ports to my network. I have a DynDNS account, so the IP is always current, but I can't ping even my IP directly.
My network map looks like
Internet > SpeedTouch DSL modem with DHCP > eth1 > Ubuntu > eth0 > LAN
With the modem providing a 192.168.1.xx IP to eth1, I can browse fine. The default gateway is my modem. I switched to the public IP of the modem so I could use iptables for firewall duties, but I was locked out of the internet. No gateway was set when I did that, but eth1 received the public IP of my modem.
How can I use the public IP assigned to eth1?
View 6 Replies
View Related
Jan 11, 2011
I have one doubt that is how can we actually connect a system in private network with the system in a public network using IP address. I have one system in private network (in my campus) I need to connect it with the system on public network (home) using IP address and communicate with each other. How can I do it or is there any other way of connecting these two systems more easily?
View 4 Replies
View Related
Feb 18, 2010
In my ~/.ssh I have a number of public keys and one private key (id_rsa). How can I verify which one makes a pair with the private one.Or, can one generate the public one from the private key (in reasonable time)?
View 4 Replies
View Related
May 13, 2011
I want to know that it is possible to do public and private ftp server in one host without using tcp wrapper.
View 1 Replies
View Related
Dec 29, 2009
I configured ssh on one of my servers to require public/private key authentication and deny access to login requests not using a public/private key. Now I need to unconfigure that,but I can't remember how I did it. I've looked through ssh_config and sshd_config, and nothing rings a bell. Googling only tells me how to enable public/private key authentication, not how to require it or stop requiring it.
View 2 Replies
View Related
Jul 14, 2011
I was using enigmail and thunderbird to do gpg encryption, and now that I reinstalled, I cannot get them working to decrypt my messages again.I have a backup of the home directory, how can I recover my private key?
View 3 Replies
View Related
Dec 30, 2009
I am setting up a publicly exposed ssh server.uld like to require both password and private key. Does anyone know how to configure this
View 4 Replies
View Related
May 17, 2011
I'm trying to make changes to several computers at once in a private network. I have ssh keys setup so that I can ssh from the main computer to all the other computers without having to enter my password. So I wrote a bash script like for computers in `cat computer list` do ssh $computers #type changes here exit done
but instead of executing the commands on every computer, it opens a shell on every computer for me to type into, just as if I had used ssh myself and not in a script. how to get this to work? I want to be able to add lines at the comment like "echo "test" > /testFile.txt" and be able to see the changes on each machine, in this case see testFile.txt on every machine.
View 6 Replies
View Related
Jun 21, 2009
I have two computers running Debian Squeeze. I'm trying to set up the public keys for them so that I don't need to use passwords to log in. As far as I know, I did the same thing for both, however only one is working.Here is the connection output for eachBroken:
Code:
OpenSSH_5.1p1 Debian-5+b1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
[code]...
View 2 Replies
View Related
Sep 23, 2010
I'm getting some errors while trying to do an update:How can I know which are the apps that are causing this, and how should I remove/update these?This is my /etc/apt/sources.list
Code:
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
deb http://linux.dropbox.com/ubuntu lucid main
deb-src http://linux.dropbox.com/ubuntu lucid main
[code]....
View 4 Replies
View Related
Sep 30, 2010
I've been searching for a while in forums about the issue I'm facing but couldn't find anything clear, or at least my net search skills are pretty lame. I'm facing a problem with prompted user password in a SSH chain connection when using authorized_keys.
I have: (1) Client - (2) Server - (3) Testing machine (testing machine is connect to Server via usb network)I've created keys for Client and Server, and updated authorized_keys in host machines with the key values: Testing machine has Server public key, and Server has Client public key.Until now everything is fine, if I try to connect via ssh the user password prompt is not shown since public key is found in authorized_keys.
For example: from Client: Code: ssh server Works fine, no password prompt.from Server: Code: ssh testing_machine Works fine, no password prompt.But if try to do that from Client only: from Client: Code: client:$ ssh server Works fine, no password prompt.from Client: Code: server:$ ssh testing_machine Asks for password.Bellow the verbose output from previous ssh command:
Code: ssh -v root(at)192.168.100.2
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.100.2 [192.168.100.2] port 22.
[Code].....
View 1 Replies
View Related
Mar 12, 2011
I've got a slight issue with logging into my server using public keys.
It was working fine, until I had to rebuild my desktop machine. I had the key copied to the server, and passwordless logins where fine.
However now I have rebuilt my desktop, I cant get to the login.
So heres whats happend.
Rebuilt id_rsa.pub, server will not allow login. Remove id_rsa.pub and the server allows password based login.
On the server, removed authorized_keys and known_hosts. makes no difference. Server still disallows keyfile, but will allow password when id_rsa is not present on the client.
Heres a -v of the login chat with keyfile
Code:
michael@eve:~$ ssh -v server
OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server [ser.ver.ip] port 22.
[Code]....
So, is there anyway of getting the server to forget the previous keys, it is remembering, As previousily said, I have completly removed the contents of ~/.ssh/ on both the clients and the server.
View 11 Replies
View Related
Jan 13, 2010
Does anyone know how to permanently enable X connections from all machines on my local network. I keep having to enter 'xhost +' to allow X connections.
View 2 Replies
View Related