Security :: Mapping Authorized Keys Enrty To Sshd Process?
Dec 19, 2010
When a user that has rsa public key set in ~/.ssh/authorized_keys file logs in via ssh an sshd process is started to handle the ssh session.Periodically we audit the authorized keys and remove them from the system and authorized_keys file. This means the next log in attempt will fail, which is fine.However we need to terminate current ssh sessions in progress that use the rsa key.I have not been able to determine a way to map sshd processes with authorized_keys entries.
View 11 Replies
ADVERTISEMENT
Apr 7, 2011
I'm running Debian (Squeeze) and I have a toshiba portege m700. It has five buttons on the front just under the screen, which are the only ones accessible when you flip the screen over into tablet mode. One of them is for rotating the screen, and another is for switching to external display. I want to remap the remaining three to control, alt and super so that I can use shortcuts with the stylusThe problem is, when I used showkey to find out the key codes, I found out that each button generates more than one key code:Button 1:
key 126 press >> super_r, although this is distinct from the actual super key (125)
key 7 press >> 6
key 7 release
key 126 release
View 4 Replies
View Related
Jan 17, 2011
Facing this issue where I need to ssh from a solaris server to Linux server.The flow is as below:
-Oracle Webserver on solaris server (oracle user) initiates a cgi script
-The CGI script then executes a shell on the solaris server that tries to ssh to linux server
Have already tried the below:
-Checked the permissions for the .ssh and related folder/files
-authorized keys updated correctly
-tried alternative ssh login from another user which works fine
Issue could be-
-I must try the first login manually, where I'll need to enter password and then the solaris server will get registered in the known_hosts of the linux server
-Cant do this because I donot have the oracle user access.
Please suggest a work-around to the issue that can be done from my end.
Or is it that I must simply ask the DBA to execute an ssh from their ends?
View 6 Replies
View Related
Aug 25, 2010
At first I thought that the following command will restart my sshd server:
/etc/init.d/sshd restart
but there is no "sshd" server in this directory.
How else do I (re)start the ssh server? How can I get the version/release number of the sshd server? Where (in which directory) should I put SSH keys?
View 1 Replies
View Related
Apr 17, 2011
I just ran my first Lubuntu session using a USB SD card install.Not bad overall.I would like to re-map two keys on my netbook to make this Lubuntu usable.I have learned that these two apps are the way to go.xevxmodmap Are they built into Linux?If they are, how do I run them?How do I get to a command line to run them once Lubuntu has loaded and I'm at the main screen?
View 9 Replies
View Related
Jun 7, 2011
I just finished my third edit of an article/tutorial I wrote on setting up RSA keys in OpenSSH and configuring SSHD to be a bit more secure than a fresh out of the box install. I also removed any derogatories about sudu Linux that might have been there Anyway, since it's kind of a big deal for anyone who uses it, and could potentially lock them out of their boxes I'd appreciate any comments related to the accuracy of the instructions, if you don't mind [URL]
View 10 Replies
View Related
Apr 9, 2010
I've just upgraded my installed software packages to last version of Lucid and noticed a weird issue: my keyboard keys are all messed up. Although my keyboard layout is still US-105 keys, when I press (for instance) "asdfg", I get "abfhj" and for "ASDFG" I get "1a1b1f1h1j" !? This only happens when I am logged as user in a X session. Root sessions are OK
View 2 Replies
View Related
Dec 10, 2014
I have a Logitech K830 wireless 'Living Room' keyboard for general use under Debian/Gnome. The function keys (F1-F12) operate in conjunction with the FN key. Various multimedia options are alternately available by pressing the function keys (F1-F12) without the FN key.
I want to make the function keys primary (not requiring FN). 'xmodmap -e "keycode 172 = F11"' reassigns F11 as expected, but xev reveals multicode output for some keys that I cannot similarly remap. The (de-tabulated) table shows xev output for press-events. Single F(n) keycodes are followed by the equivalent multimedia keycodes (e.g. F2[+FN] key is also 'Minimize window'[without FN]).
KEY STATEKEYCODE KEYSYM
FN+F1 0x0167 0xffbe, F1
Adjust backlight ---- -- ------, --
FN+F2 0x1068 0xffbf, F2
[Code]......
View 0 Replies
View Related
Dec 10, 2010
how to map the G keys. i tryed installing g15 daemon but now what am i supposed to do?
View 1 Replies
View Related
Apr 12, 2014
I have a Dell XPS 17 L702X running vanilla Wheezy. The laptop has 3 special soft touch keys above the keyboard. Using Dell software in Windows you can configure these for whatever, but in Debian/Linux they share the same functions as keyboard keys.
Key 1 -> Super_L Q
Key 2 -> Brightness Down
Key 3 -> Doesn't seem to do anything and xev doesn't report any key codes
Apparently other XPS models have similar keys with the same problem. It's not a show stopper but it would be nice to have them working.
View 0 Replies
View Related
Sep 23, 2010
I'm trying to change mapping for a couple of keys in Russian phonetic layout.
View 7 Replies
View Related
Oct 25, 2010
I have an access to a machine on lan via ssh and I use key based authentication.
I created one more account on the remote machine and copied.
Code:
I was wondering I had added same keys to old account so why did simple copying the authorized keys from one account to another did not worked.
Because when I did cat id_rsa.pub > authorized_keys in new account I had created same file which was in old account.
View 4 Replies
View Related
Jun 19, 2011
have a workstation, that, even after a fresh reboot, has a constant network activity.I used Wireshark on the machine, and i saw there is a constant HTTP trafic(even after a fresh reboot).I just know that my local TCP/44188 port is used to send the HTTP trafic to the web server on Internet.However; I don't know which process is doing that.How can I identify the binary responsible for using this particular TCP port and sending data?
View 2 Replies
View Related
Dec 10, 2010
I'm running Ubuntu 10.10. I recently installed the open ssh server so that can sftp stuff. However, I do not want the server to always be on, only when I manually start So, I did an 'update-rc.d -f ssh remove'and now I don't see any startup scripts in the rcx.d directories any more.However, when I do a 'ps ax', there is always a '/usr/sbin/sshd' process running. I try to kill it but it keeps restarting under a different process ID.How do I disable sshd?
View 3 Replies
View Related
Jan 15, 2010
I've a DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).
1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.
2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization.
View 2 Replies
View Related
Jan 21, 2010
A DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization
View 2 Replies
View Related
Mar 9, 2011
I want to enable sshd from Internet, but I want to secure it as much as possible.Therefore, despite the fact that the service will run on a tcp port above 2000 to prevent most scans, I would like to :- First, force the use of a client certificate, to avoid brute force attack on my users/passwords- second force the use of a username/password to avoid someone having access to my system just by stealing my key..When I look at the configuration, it's possible to enable both, but one of them is sufficient to login, but I can't find how to make them both mandatory...
View 2 Replies
View Related
Mar 9, 2010
I have a RHEL server with users logging in via ssh. I want to start using public keys instead of passwords with ssh. But public key is as good as a rotten tomato if it is unpassphrased and I cannot guarantee that all users will use passphrases. Therefore I will generate both private and public key on the server and will distribute the private key to the user via user-friendly web interface and thats where I will force them to use passphrase. I know they can change later the passphrase or remove it totally but my users are not so advanced.
So now I am trying to setup a centralized authorized_keys file with to be able to make them only root writable so they cannot put their own public keys on the server , it will be handled by scripts. Now the actual problem. I created /etc/ssh/keys directory instead of ~/.ssh and changed AuthorizedKeysFile to /etc/ssh/keys/%u in sshd_config But when I try to connect with the key I get the following error in the logs (after enabling DEBUG3 in sshd_config)
<CUT>
Mar 8 15:22:28 stagesmpp sshd[12248]: debug3: mm_request_receive entering
Mar 8 15:22:29 stagesmpp sshd[22358]: debug2: channel 0: rcvd adjust 33544
Mar 8 15:22:30 stagesmpp sshd[12248]: debug3: monitor_read: checking request 20
[code]...
View 2 Replies
View Related
Nov 4, 2010
Quick explanation about what this thread is: by way of an article featured on linuxtoday, I learned about what appears to be an actively managed IP blacklist: [URL]
# This is a compiled list of dirty hosts associated with
# bruteforcing attempts, spam, botnets, RBN and the list
# continues to grow. The data is comprised of information
# compiled from Arbor Networks, Project Honeypot, FIRE
# (maliciousnetwork.org), Host Exploit, Shadowserver and
# a variety of other similarly based sites.
Quick explanation about what this thread is not: this is not intended to be a discussion about default deny vs. default allow (i.e. whitelists vs. blacklists), nor is this a call for enumerations of your own sshd hardening strategy. Please try to keep on point. That said, can anyone speak to the quality of the blacklist information noted above? And/or are there any suggestions for a readily available blacklist of "known better" quality? I plan to try including an actively maintained blacklist like this into a multi-layered approach for hardening an sshd bastion host.
View 4 Replies
View Related
May 11, 2011
I am running a fresh installation of RHEL 6 box and it shipped with Openssh 5.3.But, /etc/ssh/moduli file doesn't exist even in this new installation and the SSH log warns as below:PHP Code:WARNING: /etc/ssh/moduli does not exist, using fixed modulusDoes this imply that it is using the same random number for key exchange purpose ? Also, does it impose any security risks
View 2 Replies
View Related
Feb 18, 2011
I have an sshd server up and running (F13 64bit) I'd like to connect to a pc that's behind a firewall using ssh tunnelling, so I have something like
ssh -R 1234:127.0.0.1:22 myuser@mypc
then from mypc I can succesfully login to the remote pc. I have just une question. How can I list the ssh active connections and the forwarded ports ?
I've only got to
netstat -tunva
but this returns only (filtered)
tcp 0 0 127.0.0.1:1234 0.0.0.0:* LISTEN
tcp 0 0 ::ffff:172.16.0.XXX:22 ::ffff:172.16.1.XXX:60744 ESTABLISHED
Now I know that the first is the tunnel end but how can I connect the two lines if I don't know the port number (ie: someone else estabilieshes another tunnel)
View 4 Replies
View Related
Jan 18, 2010
I'm having troubles trying to understand this problem:my homeserver until yesterday had a public IP, staying on network, with sshd running and all was fine;this evening I changed the IP, giving it a local lan address, and what happened if I tried to connect to it by ssh?I got an error about "Connection closed by remote host". Google helped me finding that was regarded to hosts.deny file, that was actually containing a lineALL:ALLthat I commented, and all was fine.My question is: why the hosts.deny (that has never changed) was observed only with the local IP?I tried to switch back to the public IP and leaving ALL:ALL, and it did connect without any problem
View 1 Replies
View Related
Feb 9, 2011
What is happening when I log in to my Ubuntu server machine via ssh and putty. trying to understand everything, primarily securing my server.
I have specified the ssh server to listen on port 5525, and can login without a problem.
When I look at the logs though it says I connected from xxx.xx.xx.xx on port 53602.
What is happening here and why is the logged connection a different port to the one specified in the config file?
View 1 Replies
View Related
Jun 11, 2011
I've been using ssh for a LONG time to connect my laptop to my desktop with no problems. I use a non-standard port (nnnnn) and keys. After a power outage that caused a shutdown and reboot, I can no longer ssh into the desktop. The only changes I've made are updates (laptop and desktop both running ubuntu 10.04).
$ ssh -p nnnnn Desktop
ssh: connect to host Desktop port nnnnn: Connection refused
No messages are generated in any of the logs on Desktop!
$ /usr/sbin/sshd -T
port nnnnn
protocol 2
addressfamily any
listenaddress 0.0.0.0:12023
listenaddress [::]:12023 .....
View 9 Replies
View Related
Mar 6, 2010
I'm trying to setup ssh access on my Fedora 12 laptop. I get the following error message in /var/log/secure when I try to login from another machine using ssh and the login is denied:
Code:
sshd[3025]: error: Could not get shadow information for <user>
sshd[3025]: Failed password for <user> from <ip> port <port> ssh2
If I do a 'setenforce 0' I can login and no error is logged.
View 10 Replies
View Related
Mar 28, 2010
Quote:
Code:
I've used these commands to generate my new keys and immediately got my sshd server running.
However, I now have the problem where the password is not being recognized and is repeatedly asked for.
View 2 Replies
View Related
Jun 7, 2011
I am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:
1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?
2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.
3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?
4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?
5)give me links to fairly current documentation on this stuff?
6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.
View 9 Replies
View Related
Jan 9, 2010
I want to do port mapping on a linux machine using iptables.I have a service listeneing on port 2000 udp and I want to add iptables rule, which will map incoming packets on port 2001 to port 2000, so that service will accept the connections.The idea is that I don't want to change the default port for the service, but to make internal port redirection from (2001 to 2000), so the default service port will be filtered by iptables, and the other port will be open to the outside. The internet host connects to the linux machine on port 2001. The linux machine change destiation port from 2001 to 2000 and the service (on the same machine) process the packets and accepts the connection.I tried adding the following to my iptables rules, but it didn't work out:
$IPTABLES -A FORWARD -p udp --destination-port 2001 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -i eth0 -p udp --dport 2001 -j REDIRECT --to-port 2000
View 6 Replies
View Related
May 25, 2011
Tried google and searching this forum to no avail. Under Fedora 14, there is an selinux policy which blocks sshd from making outbound connections on port 80 or 443. This can occur when a client box tries to tunnel through the ssh connection for encrypted access to the web.
While I did manage to allow this happen by creating a permissive domain for sshd with this command:
Code:
The preferred way would be to allow sshd to make connection on other ports with a similar command that does not seem to work:
Code:
Is this the correct way of allowing an outbound port connection for the sshd daemon?
View 2 Replies
View Related
Apr 28, 2011
Is there an ssh or sshd parameter that can be set to block out a user after a set number of attempts tp login ?
View 1 Replies
View Related
