I set up an SSH server on my home machine and finally figured out that I needed to disable password authentication to get RSA authentication enabled. Now I'm having problems with that too.ssh -v -i id_rsa ashtray@x.x.x.83
Code:
OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
[code]....
Currently I am having troubles getting my ssh key to work correctly. I have had a desktop crash which has been reformatted to use ubuntu. The key residing in id_rsa.pub has been copied over to the ssh server into the authorized keys of the given user. however When we try to login we get a "permission denied (public key, keyboard-interactive)" error. below is the debug option:
jv@ops-desktop:~/.ssh$ ssh -v jv@x.x.x.x
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
[Code]....
I am working currently on my server on an issue, I configured the SSH Deamon that only people who have a valid ssh-key can login on to the server, and kicked the password option. Now I've added a user account git. I navigate to his home folder created the folder ".ssh" and created in that folder the file "authorized_keys" I copied my public key in there. Now on my local machine I added that identity (via ssh-add) and I wanted to connect to my server. but when I'm trying to login myself I can't the only message I get is "Permission denied (publickey)."
View 1 Replies View RelatedI have trouble with rsa authentication:
I did create an rsa certificate with ssh-keygen using my root account on a client: ssh-keygen -t rsa -b 2048 no passphrase I did copy the rsa pub_key from my client to the server scp id_rsa sampleuser@sampleserver:/home/sampleuser/.ssh/authorized_keys
I did change the ownership to the "sampleuser" of the pub key file on the server: I trayd to connect:
ssh sampleuser@sapleserver
I get that: permission denied (public key)... I know I do smth wrong but I don't know what.
Since FC6, NFS became very finicky and seemingly causes servers to randomly denying mounts from some terminals but not others, with all exactly the same new FC installation and exactly the same hardware - crazy!. The only difference is hostnames of the terminals trying to mount NFS volumes on the server and I made sure that /etc/hosts on all terminals and servers contain each others ip addresses and hostnames. I always uninstall SELinux which is truly a huge pain in a corporate environment. Is there ANY way I can relax the NFS authentication on the server in order to make sure clients can mount volumes?
e.g. the following is encountered often, with sometimes crazy situations that clients can only mount nfs volum es from the server after I first boot the server and then ALL the terminals. It is painful as you might agree! Other way round, no go, client will not mount until server is booted and then client booted.
In this case I really prefer windows lackey security. It works. Never mind how crappy windows is, at least I don't have diabolical access problems on servers.. NFS used to be very nice about 6 years ago but truly sucks recently imo. /]# mount -o soft -t nfs nfsserver:/public /xfer mount.nfs: access denied by server while mounting nfsserver:/public
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies View RelatedI run the following file with the >log.log redirector and it does not capture errors.
#!/bin/bash
echo ************************BEGIN LOG******************************
date +"%m/%d/%Y %H:%M:%S $HOSTNAME"
cp -f /scripts/original/clamscans.log /scripts
[code]....
The following errors show up when I run from the file from the term window, but are not written to log.log:
tar: /public/public/clamscans/*.txt: Cannot stat: No such file or directory
tar: Error exit delayed from previous errors
mv: cannot stat `/public/public/clamscans/*.txt': No such file or directory
I know with windows you can add the 2>&1 to capture error data. Is there such a thing for Linux?
How can I forward all traffic from a public IP to another public IP. Let's say I have a first debian box named box1 with eth0 = 1.1.1.1 and eth0:1 = 1.1.1.2 and I want to forward all traffic from 1.1.1.2 to "box2" located somewhere else over the internet and having for eth0 2.2.2.2 Both 1.1.1.0/24 and 3.3.3.0/24 are public IP ranges.
View 1 Replies View RelatedI'm trying to connect to my Xubuntu box (zelda) remotely using my RSA key. I'm using Cygwin on my Windows box (link) to SSH in to the Xubuntu box. I've created the key and placed it in the authorized_keys file on my remote box. Here's where it gets weird. When I ssh into zelda the first time, it prompts me for my password. However, if I'm already connected to zelda and try to open another connection, it prompts me for my RSA passphrase. This is very confusing, and I have no idea what's going on.Here's my sshd_config file on zelda.
Code:
# Package generated configuration file
# See the sshd(8) manpage for details
[code]...
ls -al ../public-back
drwxrwxr-x 4 apache apache 4096 Apr 19 03:32 templates
ls -al ../public-back/templates
drwxrwxr-x 2 apache apache 4096 Apr 19 03:33 content
[code]....
How do I move the contents of /public-back/templates recursively with permissions into /public/templates ?
I have an ssh (OpenSSH_5.1p1 Debian-6ubuntu2) client A and a server B set up for public key authentication as described in [URL]
The problem is the following: ssh asks for a password when connecting from A to B without any other ssh session going on between A and B; but if I connect from A to B whenever there is another ssh session between A and B, either I get prompted for the passphrase I used to encrypt the private key or I get logged automatically.
I already checked permissions on B: .ssh is 700 and authorized_keys is 600. I already tried "StrictModes no" in sshd_config. Printing debug information using DEBUG3 does not any useful insight. Moreover, there is no /var/log/secure (is it supposed to be there?)
Right now the computer is far far away from my reach, but when I configured the system I noted that whenever I was locally logged to B and then ssh'ed from A to B, I was logged in without any problem; whenever I was not logged in locally I was asked for a password. Note that at that time I was using a different public/private key pair whose private part had no passphrase.
how to know exactly what cipher is ssh/sshd using for a particular session? Is there a way to know any statistics for a given session (something like the ~s option in section 5 of [URL]
P.S. 2: does the following mean that ssh is using protocol 2.0 or something different than protocol 2.0?
(..........) sshd[2606]: debug1: Enabling compatibility mode for protocol 2.0
I'm trying to get OpenSSH public key authentication to work. My server runs ubuntu. My client is a windows machine, and I'm using cygwin. I tried using the instructions here: [URL]... If I test it out using this line: ssh -v -v -v -o PreferredAuthentications=publickey server.example.org
I get this:
debug3: no such identity: /home/Julie/.ssh/identity
debug1: Offering public key: /home/Julie/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1477
[Code]...
I'm trying to restrict command line ssh and yet keep NoMachine working, so I followed this post [URL]... and tried adding this to /etc/ssh/sshd_config:
AllowUsers nx@*.*.*.* paul@*.*.*.* *@::ffff:127.0.0.1 *@127.0.0.1
On restarting the ssh daemon other users can't login by the terminal, but I can. However, NoMachine won't log me in. I get: NX> 502 ERROR: Public key authentication failed. As a server side check:
[code]...
My Ubuntu server is now providing routing duties to my network, but I'm having trouble opening ports to my network. I have a DynDNS account, so the IP is always current, but I can't ping even my IP directly.
My network map looks like
Internet > SpeedTouch DSL modem with DHCP > eth1 > Ubuntu > eth0 > LAN
With the modem providing a 192.168.1.xx IP to eth1, I can browse fine. The default gateway is my modem. I switched to the public IP of the modem so I could use iptables for firewall duties, but I was locked out of the internet. No gateway was set when I did that, but eth1 received the public IP of my modem.
How can I use the public IP assigned to eth1?
I want to use my personal computer remotely. The problem is my computer is connected to a local network that I can't modify. I can connect from my computer to another one that has public IP via ssh. Is it possible to login to the "proxy" computer from somewhere and somehow use the connection established before to connect to my PC?
View 3 Replies View RelatedHow to do NAT in Iptables? ..I am trying to NAT IP public:Port to Internal IP:Port (202.a.b.c SMTP to 172.16.1.169 SMTP) ..
View 14 Replies View RelatedI have a PC which has a Public IP.It is a webserver but it is not a proxy server.I want to be ableto do an ssh to the machines which are behind this webserver on LAN in one step.Right now I do an SSH to this webserver and then do an SSH to any other machine on my LAN how can I do it in one step.
View 3 Replies View RelatedI just set up my ubuntu 10.10, which boot up by usb drive,
and I found a problem that I can't get my internet when I was
sitting in a public library. The firefox show me every website is
untrust. Normally, when first connect to this network, I need to
accept a library contract on webpage, which called spyder.local.
Does anyone could fix it? or there is something related to the
firefox setting. I currently keep every setting by default
I recently purchased a block of 5 IPs from Comcast. I have a computer running Arch Linux connected to the Comcast gateway they gave me. On my connected computer I have 2 Windows XP virtual machines running. Now I was wondering how can I make each of those virtual machines have a different public IP, because currently the only thing I can get working is have the computer and both virtual machines sharing the same public IP.
View 3 Replies View Relatedi am working at a place that has 2 physical web servers yadayada1 and yadayada2 but only one public ip address i can use dyndns to register 2 dynamic domains on the same ip address
how can i get yadayadayada1.dyndns.org to route to yadayada1 and yadayadayada2.dyndns.org to route to yadayada2 ?
I have cent OS 5.5, i am not getting proper command for the same.
View 6 Replies View RelatedI've been trying to get it work for 2 days now..
Here's my setup.
MODEM -> router (ISP one don't have access)
from the router it split into 2 connection one to my GW (linux debian) and another to a switch which is connected to a web/email server and the gateway.
My gw use x.x.x.27 and x.x.x.26 (everything I use on these ips is ok)
on the web/email server I have x.x.x.28 29 and 30
With this setup it's ok but I want to eliminate the link to the switch and make it pass thru the GW and i can't manage to get it work!
I have problem with qmail. From today I can't connect to my server, when I login via ssh on serwe and check
Code:
telnet localhost 110
I can connect but when I try
[code]....
My web server public IP is: 202.1.2.3 and it was natted to internal IP 172.16.1.31 just confusing why I am unable to browse http://202.1.2.3 from LAN? (I able to browse http://172.16.1.31 from LAN)
View 11 Replies View RelatedHow I can benefit from a public external IP? Do I need a public IP to access my computer from a remote site?run a tftp server ?
View 1 Replies View RelatedMy router is crap. If I use DHCP it sets all the computers DNS to itself and all DNS requests get cached in the router. It even starts to loose some DNS request if to many are made at once. On my windows PCs this isnt a problem I just set DNS to google's public DNS servers (8.8.8.8 & 8.8.4.4) and bypass my router and ISP alltogether but when i go to pref>network_connections i have to either set DHCP or manual, there is no option to set DHCP with custom DNS.
I'm sure there must be a way to do this in terminal, can someone tell me how?
I'm using ubuntu 10.10.
So I want to put some of my folders on my network. I open up nautilus and go to my home folder and right click -> properties-> share and then selected share this folder, made it so that others could modify stuff on it and have guest access (which is what I want), and changed the share name to "home". Then I clicked create share. I then went to Places->Network->******'s public files on [the name of my computer]. But then some stupid error message popped up saying:
"DBus error org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus)"
Using my laptop, I'm trying to get onto the local library's wireless network, with zero results so far.Basically, I can see the network, but when NetworkManager tries to connect it just spins for a few minutes and then rejects the connection. (Or the connection is rejected by the router) My wireless connection works fine when connecting to my WPA home network.
View 4 Replies View RelatedAs waht it says above. I can't access public wifi as any browser on every single distro i've tried (15+) won't load just stuck in perpetual loading. No error message or nothing.
Also the browser wouldn't work until i disabled ipv6 in about:config. All browsers do this. is there something i could do to disable it completely so i have a browser choice?
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies View Related