Ubuntu Security :: Nautilus: Connect To Server Using Public Keys
Mar 31, 2010
I am using Nautilus to connect to an external server. Currently, I use password authentication, and all works fine. I just type sftp://SERVER and the connection is established after providing the login credentials. However, I changed the server to only accept Public Key Authentication and disabled password authentication, and as a consequence I could not login using Nautilus anymore. Is there some way to make this work?
View 9 Replies
ADVERTISEMENT
Mar 26, 2010
At the moment we have one SSH server with the private key being on a usb flash drive, and the public key being on the server in authorized_keys2. Now that three more servers are coming online, should we generate new keys, so we have muliple private and public keys (one pair for each server), or use the same two keys to access all the servers
View 5 Replies
View Related
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Mar 12, 2011
I've got a slight issue with logging into my server using public keys.
It was working fine, until I had to rebuild my desktop machine. I had the key copied to the server, and passwordless logins where fine.
However now I have rebuilt my desktop, I cant get to the login.
So heres whats happend.
Rebuilt id_rsa.pub, server will not allow login. Remove id_rsa.pub and the server allows password based login.
On the server, removed authorized_keys and known_hosts. makes no difference. Server still disallows keyfile, but will allow password when id_rsa is not present on the client.
Heres a -v of the login chat with keyfile
Code:
michael@eve:~$ ssh -v server
OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server [ser.ver.ip] port 22.
[Code]....
So, is there anyway of getting the server to forget the previous keys, it is remembering, As previousily said, I have completly removed the contents of ~/.ssh/ on both the clients and the server.
View 11 Replies
View Related
Jul 5, 2010
Since I have installed Fedora 13 it seems that I can't connect to WLAN APs which aren't secured by WPA. I'm surprised about the inserts to the messages logfile:
[Code]...
Most surprising insert for me: Jul 5 20:43:21 nbtobiaslnx NetworkManager[1328]: <info> Config: added 'key_mgmt' value 'WPA-PSK' Is this the reason for my problem? I use KDE and Network Manager for managing my networkconnections.
View 1 Replies
View Related
Jul 18, 2011
I want to use my personal computer remotely. The problem is my computer is connected to a local network that I can't modify. I can connect from my computer to another one that has public IP via ssh. Is it possible to login to the "proxy" computer from somewhere and somehow use the connection established before to connect to my PC?
View 3 Replies
View Related
Sep 23, 2010
I'm getting some errors while trying to do an update:How can I know which are the apps that are causing this, and how should I remove/update these?This is my /etc/apt/sources.list
Code:
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
deb http://linux.dropbox.com/ubuntu lucid main
deb-src http://linux.dropbox.com/ubuntu lucid main
[code]....
View 4 Replies
View Related
Jun 21, 2009
I have two computers running Debian Squeeze. I'm trying to set up the public keys for them so that I don't need to use passwords to log in. As far as I know, I did the same thing for both, however only one is working.Here is the connection output for eachBroken:
Code:
OpenSSH_5.1p1 Debian-5+b1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
[code]...
View 2 Replies
View Related
Sep 30, 2010
I've been searching for a while in forums about the issue I'm facing but couldn't find anything clear, or at least my net search skills are pretty lame. I'm facing a problem with prompted user password in a SSH chain connection when using authorized_keys.
I have: (1) Client - (2) Server - (3) Testing machine (testing machine is connect to Server via usb network)I've created keys for Client and Server, and updated authorized_keys in host machines with the key values: Testing machine has Server public key, and Server has Client public key.Until now everything is fine, if I try to connect via ssh the user password prompt is not shown since public key is found in authorized_keys.
For example: from Client: Code: ssh server Works fine, no password prompt.from Server: Code: ssh testing_machine Works fine, no password prompt.But if try to do that from Client only: from Client: Code: client:$ ssh server Works fine, no password prompt.from Client: Code: server:$ ssh testing_machine Asks for password.Bellow the verbose output from previous ssh command:
Code: ssh -v root(at)192.168.100.2
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.100.2 [192.168.100.2] port 22.
[Code].....
View 1 Replies
View Related
Feb 27, 2011
I'm trying to set up my laptop to ssh into my home server, but I'm trying to find how to generate the public/private keys. I was able to do it in Slack 12.2 by just running ssh-keygen, but that command is not in 13.x.
View 2 Replies
View Related
Mar 13, 2010
I'm trying to find a secure way to backup files on my Prod Server to Backup Server. It must be automated, so I will need to run a command with cron which will login to Prod Server from Backup Server and backup data. 1. Do you think it would be secure enough to do this by creating an passwordless RSA private key on Backup Server and adding it's public key to authorized_hosts file on Prod Server? I can't think of a way to Automate this without having to enter any passwords without passwordless RSA key. Is there another. more secure way? 2. Should I create a special user for backup, which will only have read access to all files in the directory that I am backing up? If so, How can I run a check that this new backup user indeed has read access to ALL files in the folder that I intent to back up? How can I ensure the backup process will not skip files due to some permission problem? 3. I'm thinking of using rsnapshot tool, which uses rsync.
View 10 Replies
View Related
Jan 26, 2010
I installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla. In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)? Or, is there an automated way to set this up via Webmin?
View 1 Replies
View Related
Jul 19, 2010
Another question though...i have a fedora 12 server set up and i have created 3 sudo users. I have created 3 putty keys (public and private) using putty key gen and basedn my research i was told to put the public keys in /home/"user"/.ssh/authorized_keys .I did that but when i tried to log on using the key...the server is saying "server refused key" could anyone assist in this issue
View 4 Replies
View Related
Aug 10, 2010
My ISP has for a long time had a broken forward/reverese DNS so that my ADSL connection with static IP address resolves to a completely different IP address on a reverse query. This has not been a problem until I upgraded a remote server from 10.3 to 11.3 last weekend and now ssh connections from my ADSL connection to it using public/private keys are being rejected with the following message in /var/log/messages (IP addresses changed):
Aug 10 12:00:32 penguin1 sshd[1270]: Address 83.175.246.243 maps to 83-175-246-243.static.dsl.aupex.com, but this does not map back to the address - Possible Break in Attempt!
But if I log in interactively with username & password, the connection succeeds. I've changed the StrictModes setting in sshd_config to 'no' but this hasn't resolved the problem. Obviously something in 11.3 is being stricter about this IP mismatch than it was in 10.2 (and no, the server is not using a firewall). There must be something I can change to make sshd more permissive? I've tried before to get my ISP to fix their problem but no luck. This needs to be sorted as a server at my home (which does not run SuSE) retrieves backups from the remote OpenSuSE 11.3 server every night using scp and these are now failing.
View 3 Replies
View Related
Sep 9, 2010
My calling application will accept only strings and interger. we are replacing RSA bsafe library to openssl. using RSA bsafe, we have generated the private and public key in BER format. Then convert the keys, BER format into ASCII format to send the calling function. (these everything done by using RSA supplied bsafe library) same way i have to right using openssl..i m now able convert the RSA public and private key into DER format
rsa = RSA_generate_key(1024, 3, NULL, NULL);
{
size_t size;
[code]....
View 1 Replies
View Related
Jul 16, 2010
I need to connect to an FTP server that only accepts active FTP connections. (In Windows, I have to uncheck the "use passive FTP" option in Folder Options in order to connect) Is there a way to do this with Ubuntu's Connect to Server system/Nautilus? I would like to be able to interact with the files as if they were local, as I can on other FTPs and on Windows.
View 3 Replies
View Related
Mar 30, 2010
I have recently secured a server by preventing root from logging in via SSH. Now I log in with a non-root account and use 'su' when necessary.However, now I can't do something I used to do, which is open 'sftp://user@ipaddress' in nautilus and be able to edit files as root. Is there anyway to get nautilus to give me root permissions on the server? Or at least end up with root permissions in a GUI text editor on my computer? I don't mind if I have to use bash to start the process, once I can get a GUI for editing files.
Note 1: Yes, I realize I could ssh in and use nano/vi etc, but I'd rather use my graphical text editor.
Note 2: The server does not run X, so I can't just forward it.
View 1 Replies
View Related
Oct 24, 2015
I have done a minimal install of jessie stable on a 2004 laptop with openbox as the window manager. My problem is the nautilus connect-to-server returns "This file server type is not recognized" when entering sftp: or ssh: I have also tried installing Thunar with the same result. I can use cli and connect using both sftp and ssh.
View 3 Replies
View Related
Jan 20, 2010
I'm trying to use Nautilus's connect to server to connect to an ftp server, but I'm having a problem. The username on the ftp server is "anonymous", but it requires a password. When Nautilus sees "anonymous" as the username it assumes it's dealing with a public ftp server and doesn't prompt for a password, and then, of course, I fail to connect.
I've tried modifying the .gtk-bookmarks file to account for this, but this leads to another problem. The password opens with a / and for whatever reason, this leads to Nautilus popping up an error: "Could not connect to ftp://anonymous:0/[rest of password]@[server]". It's adding a "0" to the beginning of my password for some reason. Is there any way to fix this without changing the password?
View 2 Replies
View Related
Jul 8, 2010
I recently got a nice, lightly used IBM Thinkpad laptop. It has wireless capability for the Internet. Linux is the only OS in the laptop. At home, I don't have wireless-- I have a wired DSL connection for my laptop and for my IBM desktop (which also only has Linux as OS).
When I took the laptop to the public library, wireless is provided there for free and I had no trouble connecting to the system there. But since I'm new to wireless, what do I need to have installed to have a secure laptop when in the public library (or when I'm anywhere else that offers free wifi) using the wireless connection? [I use Firestarter as my firewall in the laptop and in the desktop.] Do I have to install some software to make sure my laptop is secured from spying and invasions when in the library or is the Firestarter enough? If Firestarter is not enough, what is that wifi security software by name?
[My OS is MEPIS 8.5, a Debian-based distro.]
View 2 Replies
View Related
Jun 7, 2011
I am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:
1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?
2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.
3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?
4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?
5)give me links to fairly current documentation on this stuff?
6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.
View 9 Replies
View Related
Mar 21, 2011
In the kde realm, with the dolphin file browser, I can open a terminal in whatever folder is in the gui by using the shift and f4 keys. I'd like to be able to accomplish the same in gnome with the nautilus file browser but can't figure out how to do same. So far I have to open a terminal and then cd to the desired folder. Or do I have to use some other file browser and which one?
View 2 Replies
View Related
Jan 2, 2010
Im a total beginner when it comes cryptography and networking. Finally managed to create a connection with OpenVPN on Ubuntu to a vpn provider called ivacy. On this page:http://ivacy.com/en/doc/user/setup/winxp_openvpn they give configuration files and keys, which I used. The question is, if someone wanted to see my network traffic, could they do it using the keys provided on that page. Reading the OpenVPN documentation i saw that it is also possible to create your own keys. Would that be more secure?
View 10 Replies
View Related
Mar 7, 2010
I am trying to figure out the best way to set up 1-1 NAT for three public ips to three private ips through a ubuntu gateway machine.
I am running ubuntu server 9.10 and the set up is:
Internet/ISP modem -> NIC 1 Ubuntu Gateway Machine NIC 2 -> Three PCs with Private IPs
I had a few questions on how to do this correctly and securely.
1) What packages do I need to install (aside from the basic ubuntu server installation and possibly DHCP3-Server)
2) How do I assign all three public IPs to the NIC connected to the ISP modem? All addresses will be static, will I need the DHCP3-Server package?
3) Once I have the three public IPs assigned how do I map each specific public IP to the private IP address associated with it and provide the correct loopback? I want to make sure each response from the internal machines are sent out as their specific public IP.
4) Aside from allowing all connections, how should IP tables be configured to allow web services to one internal machine, mail to another internal machine and DNS to the other internal machine?
View 14 Replies
View Related
Jun 6, 2011
I've got a p12 certificate (I own the secret key), and I would like to export the public key to gpg keyservers. How to achieve this?It works flawlessly inside gpgsm and kleopatra, but I cannot send keys:
Code:
$ gpgsm --send-keys 0xDA4E5DD0
gpgsm: this command has not yet been implemented
View 1 Replies
View Related
Oct 18, 2010
I have an encrypted document (with my key) which I should decrypt. After the generation of my key, my computer is formated and new reinstalled. Now GnuPG find my key public and I can't use it for decryption!
View 9 Replies
View Related
Feb 7, 2011
Even though I enabled "X11Forwarding yes" I am not able connect via as "GUI" by using "connect to server" in places. but i could do by nautilus command. as root both way possible, by user unable to connect in GNOME. repeatedly prompting for server password
In KDE no issue every thing is working fine.
View 2 Replies
View Related
Sep 8, 2010
I can't get this to work on my machines.
So far I have:
1. created a key with ssh-keygen on the server to be logged in to
2. copied the .pub key to my local machine
3. chmod 700 ~/.ssh on both machines
4. chomd 600 ~/.ssh/ic_rsa on the server, and on known_hosts on my local machine
5. added the .pub key to ~/known_hosts on my local machine
my local machine doesn't have an "authorized_keys" file which is what everything is telling me I should append my .pub key to. The only thing that was in my .ssh folder was known_hosts, so I tried that. I also tried making an authorized_hosts file to no avail, changing permissions appropriatly on all files.
Should I/Can I reset ssh in some way? Is there are reason I don't have an authorized_keys file or is my known_hosts file my authorized_keys file?
Would it be better just to uninstall/reinstall ssh?
View 2 Replies
View Related
Jul 17, 2011
how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies
View Related
Dec 2, 2010
looking at my router logs i've noticed for the past while a range of source ports from 60000 to about 65000 from my source external ip to destination external ip always on port 80. I have 3 boxes on this network and this only seems to happen when i connect the one laptop. I even reinstalled the distro downloaded from trusted source but the router is still logging this.. netstat -ntulp shows nothing operating in this range. chkrootkit shows nothing.. Was thinking maybe someone was spoofing the external address but it's been happening on network startup for a month now
View 4 Replies
View Related
