At the moment we have one SSH server with the private key being on a usb flash drive, and the public key being on the server in authorized_keys2. Now that three more servers are coming online, should we generate new keys, so we have muliple private and public keys (one pair for each server), or use the same two keys to access all the servers
View 5 RepliesI installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla. In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)? Or, is there an automated way to set this up via Webmin?
View 1 Replies View RelatedI'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies View RelatedI'm trying to set up my laptop to ssh into my home server, but I'm trying to find how to generate the public/private keys. I was able to do it in Slack 12.2 by just running ssh-keygen, but that command is not in 13.x.
View 2 Replies View RelatedAnother question though...i have a fedora 12 server set up and i have created 3 sudo users. I have created 3 putty keys (public and private) using putty key gen and basedn my research i was told to put the public keys in /home/"user"/.ssh/authorized_keys .I did that but when i tried to log on using the key...the server is saying "server refused key" could anyone assist in this issue
View 4 Replies View RelatedMy ISP has for a long time had a broken forward/reverese DNS so that my ADSL connection with static IP address resolves to a completely different IP address on a reverse query. This has not been a problem until I upgraded a remote server from 10.3 to 11.3 last weekend and now ssh connections from my ADSL connection to it using public/private keys are being rejected with the following message in /var/log/messages (IP addresses changed):
Aug 10 12:00:32 penguin1 sshd[1270]: Address 83.175.246.243 maps to 83-175-246-243.static.dsl.aupex.com, but this does not map back to the address - Possible Break in Attempt!
But if I log in interactively with username & password, the connection succeeds. I've changed the StrictModes setting in sshd_config to 'no' but this hasn't resolved the problem. Obviously something in 11.3 is being stricter about this IP mismatch than it was in 10.2 (and no, the server is not using a firewall). There must be something I can change to make sshd more permissive? I've tried before to get my ISP to fix their problem but no luck. This needs to be sorted as a server at my home (which does not run SuSE) retrieves backups from the remote OpenSuSE 11.3 server every night using scp and these are now failing.
My calling application will accept only strings and interger. we are replacing RSA bsafe library to openssl. using RSA bsafe, we have generated the private and public key in BER format. Then convert the keys, BER format into ASCII format to send the calling function. (these everything done by using RSA supplied bsafe library) same way i have to right using openssl..i m now able convert the RSA public and private key into DER format
rsa = RSA_generate_key(1024, 3, NULL, NULL);
{
size_t size;
[code]....
In my ~/.ssh I have a number of public keys and one private key (id_rsa). How can I verify which one makes a pair with the private one.Or, can one generate the public one from the private key (in reasonable time)?
View 4 Replies View RelatedI am using Nautilus to connect to an external server. Currently, I use password authentication, and all works fine. I just type sftp://SERVER and the connection is established after providing the login credentials. However, I changed the server to only accept Public Key Authentication and disabled password authentication, and as a consequence I could not login using Nautilus anymore. Is there some way to make this work?
View 9 Replies View RelatedI would like to set up an ubuntu server to forward outside requests directed to different domains to different computers on my local network. The bind is I only have ONE public IP.
Here's an example of what I want to do.
- if a request is sent to www.first-domain.com, I want to forward it to a local server (say 192.168.0.10)
- if a request is sent to www.second-domain.com, I want to forward it to a local server (say 192.168.0.20)
and so on...
I will need to forward these requests not only for web sites but for other services such as SSH, mail, RDP, VNC, etc etc PS Once it hits those local servers, I know how to use iptables to forward them as desired.
i am working at a place that has 2 physical web servers yadayada1 and yadayada2 but only one public ip address i can use dyndns to register 2 dynamic domains on the same ip address
how can i get yadayadayada1.dyndns.org to route to yadayada1 and yadayadayada2.dyndns.org to route to yadayada2 ?
Ubuntu 10.10 Server is loaded. Openssh has been loaded.
I have multiple users which need access to server via ssh.
My impression from reading about ssh is that a key needs generated for each person. Thus, each key will have a passphrase that is unique to them.
In /etc/ssh/sshd_config, the default sshd_config suggest using:
%h/.ssh/authorized_keys
My assumption is %h is a variable that will allow the current user to use the public key stored in his home directory under the .ssh folder in a file called authorized_keys. Is their a command string that automatically populates the authorized_keys file?
I am surprised that even though there are a number of hidden (e.g. .****) files located in the home folder, there is not one automatically generated as .ssh. It appears I have to create that directory myself. I am especially surprised by this since it appears the instructions for generating a key seems to load the key in the home directory instead of proceeding to create a .ssh folder to store the keys in.
It is not clear, but it appears that the public key needs to be copied or appended to the authorized_keys file, but, using the scheme above, the public key needs to be copied or appended to each users authorized_keys file instead of appending all public keys to a single authorized_keys location.
It then appears that each persons authorized_keys file needs permissions set to 600.
It also appears that if I decide to use RSA instead of DSA, I would do the same thing above but would use authorized_keys2 file instead.
Why doesn't the home folder which gets automatically set up for each user automatically get a .ssh folder generated? i.e Why does it have to be created by hand? Does it need the same permission on the .ssh folder? ie 600?
My aim is to allow many to log on via ssh simultaneously and then allow many to simultaneously vnc into their respective gnome desktops.
i noticed that all files can be seen by another computer if the drive is accessed
can I stop this? can i set a private folder?
So after tinkering for a while, I was able to configure ssh for private/public key authentication and disabled Password-Authentication. In the past I had some issues with people brute force trying passwords/usernames so I want to avoid this, but I need some form of secure FTP that now doesn't work due to the aforementioned setting.
View 2 Replies View RelatedMy Ubuntu server is now providing routing duties to my network, but I'm having trouble opening ports to my network. I have a DynDNS account, so the IP is always current, but I can't ping even my IP directly.
My network map looks like
Internet > SpeedTouch DSL modem with DHCP > eth1 > Ubuntu > eth0 > LAN
With the modem providing a 192.168.1.xx IP to eth1, I can browse fine. The default gateway is my modem. I switched to the public IP of the modem so I could use iptables for firewall duties, but I was locked out of the internet. No gateway was set when I did that, but eth1 received the public IP of my modem.
How can I use the public IP assigned to eth1?
For using SSH, why does a host also need to have a public and private key? And how can I generate a public/private key pair for myself?
View 5 Replies View RelatedI created a private/public pair. I put the public on github.But I can never push to github.Every time, it says public denied. In order to push, I need to do this:eval ssh-agentssh-add ~/.ssh/github_dsaThis is driving me nuts that I have to do this every time. So, I just put it in my ~/.bashrc file. I feel like that's a hack. Is this normal?
View 1 Replies View RelatedAfter years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies View RelatedI have a strange problem and I can't seem to find clear information on how to do this . I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
internal vip - 192.168.0.199
external vip - 195.x.x.21
lb1 -master
bond0 - private - 192.168.0.239
[code]...
I have a class in which a have declared a private variable "time". In one of the public functions, I am returning the value of "time" (either directly by using "return time;" or by something similar to "x=time; return x;" but I keep getting a compiling error saying that "time" is not declared in this scope.
View 3 Replies View RelatedMost of our machines have public facing and backend mgmt private nics(ie: 192 or 172 networks). I wrote a rule that matches source ip(our monitor on a 192 network) on udp 161 accept. I want to prevent listening on that port on the public. Is the source rule sufficient or should I match the interface and then source? I know there a many ways to do this. I need to verify from the public network with a port scanner?
View 2 Replies View RelatedI was using enigmail and thunderbird to do gpg encryption, and now that I reinstalled, I cannot get them working to decrypt my messages again.I have a backup of the home directory, how can I recover my private key?
View 3 Replies View Relatedi am totally new to Opensuse and to filezilla. I formerly used winscp - a windows-client for ssh.now i have a linux box and want to connect to the server via ssh ing filezilla.Can i use the same keys as i used in WinSCP - where should i store them and the third question.I read something about a certain so called certificate-file that has to be created!?
View 1 Replies View RelatedWe have to connect one PC in private network (campus) with other PC (mostly a modem in our case)in public network. Connection should be peer to peer like and we have to use C coding for establishing connection between this two systems. Is it possible if we use port forwarding or is there any other way?
View 2 Replies View RelatedI have one doubt that is how can we actually connect a system in private network with the system in a public network using IP address. I have one system in private network (in my campus) I need to connect it with the system on public network (home) using IP address and communicate with each other. How can I do it or is there any other way of connecting these two systems more easily?
View 4 Replies View RelatedI want to know that it is possible to do public and private ftp server in one host without using tcp wrapper.
View 1 Replies View RelatedI configured ssh on one of my servers to require public/private key authentication and deny access to login requests not using a public/private key. Now I need to unconfigure that,but I can't remember how I did it. I've looked through ssh_config and sshd_config, and nothing rings a bell. Googling only tells me how to enable public/private key authentication, not how to require it or stop requiring it.
View 2 Replies View RelatedI'm getting some errors while trying to do an update:How can I know which are the apps that are causing this, and how should I remove/update these?This is my /etc/apt/sources.list
Code:
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
deb http://linux.dropbox.com/ubuntu lucid main
deb-src http://linux.dropbox.com/ubuntu lucid main
[code]....
I have two computers running Debian Squeeze. I'm trying to set up the public keys for them so that I don't need to use passwords to log in. As far as I know, I did the same thing for both, however only one is working.Here is the connection output for eachBroken:
Code:
OpenSSH_5.1p1 Debian-5+b1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
[code]...
I've been searching for a while in forums about the issue I'm facing but couldn't find anything clear, or at least my net search skills are pretty lame. I'm facing a problem with prompted user password in a SSH chain connection when using authorized_keys.
I have: (1) Client - (2) Server - (3) Testing machine (testing machine is connect to Server via usb network)I've created keys for Client and Server, and updated authorized_keys in host machines with the key values: Testing machine has Server public key, and Server has Client public key.Until now everything is fine, if I try to connect via ssh the user password prompt is not shown since public key is found in authorized_keys.
For example: from Client: Code: ssh server Works fine, no password prompt.from Server: Code: ssh testing_machine Works fine, no password prompt.But if try to do that from Client only: from Client: Code: client:$ ssh server Works fine, no password prompt.from Client: Code: server:$ ssh testing_machine Asks for password.Bellow the verbose output from previous ssh command:
Code: ssh -v root(at)192.168.100.2
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.100.2 [192.168.100.2] port 22.
[Code].....