I've read that blowfish encryption is much faster and still safe enough to transfer files between hosts.What's the default encryption used by openSSH? (if not already blowfish)
I have an OpenSSH server running on Ubuntu 10.04, and it works fine.
I'm concerned that my SSH key may have been compromised and would like to replace it.
I tried replacing keys before and reinstalling OpenSSH and SSH before but ran into terrible trouble so I'm asking for instruction before touching anything this time.
Code: laeg@skyrocket:~/.ssh$ ls authorized_keys id_rsa id_rsa.ppk id_rsa.pub known_hosts Code: laeg@skyrocket:/etc/ssh$ ls
[Code]....
So can I just synpaptic 'fully' uninstall SHH (although probably even less necessary than..) and OpenSHH, backup sshd_config, delete the two dirs referenced above, reinstall both packages, insert my sshd_config backup, and then start from scratch following the guides linked below?
I suppose that my main Linux user account password serves as my SSH password as well. Is there a way I can modify this? As it turns out, I'd like to have a REALLY secure SSH password for obvious reasons, but a less secure local password, as it makes typing in passwords a heck of a lot easier on a machine. Is there a way I can change my account password in SSH without changing my Linux user password?
I have two Debian 5 servers which running on both the same version of OpenSSH (5.1p1) and OpenSSL (0.9.8g).
One week ago, I set ssh keys on both of them and create the file "authorized_keys". I was able to connect on each server via SSH without password (which is the purpose of ssh keys) but I had an issue with the SSH service and I had to restart one of my server. And since this time, when I try to connect to my other server with the same ssh command, the command ask me to type the password...
This is the result of the ssh command (with the argument -v):
Code: OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to MY_SERVER [1.2.3.4] port 22. debug1: Connection established.
I can see what Firestarter is blocking in the Firestarter/Events tab, but after reading all the man pages of UFW, I still don't know how to check what the UFW is blocking.
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./ deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
i was thinking that is there a way to check data flow for viruses? i mean if i set up calm av in my internet sharing server could it detect anything in incoming and outgoing data ?!!
I'm trying to do an online security check on my Linux system.I would like to do a Firewall/Antivirus test. What free online sites do you know?For instance, I use ShieldsUp to test some firewall's components.Does someone recommend anything else?I still can't find a site that tests for the presence of virus/malware installed.Are there any?
Is there a plugin or some other way to check to see if a website has https available, and use that instead? I know some sites, like Wikipedia have a different hostname for SSL support while others have the same hostname, just What I would really like to seesome kind of header in the http reply or the html that saysSecureAvailable= is there any system like this in place? There's too many issues with with unencrypted http to continue having that as the default.
I have been forbidden to enable automatic updates on our Ubuntu servers, for both security and regular packages.When I log into any of my four Ubuntu servers, the welcome message contains this:
39 packages can be updated. 26 updates are security updates.
However, when I run the Nagios plugin that monitors APT, I get:
% /usr/lib/nagios/plugins/check_apt APT WARNING: 33 packages available for upgrade (0 critical updates).
I need to know how to properly detect that there are pending security updates, and regular updates. Once I can do that, I plan to write a Nagios script that will return WARNING for pending regular updates, and CRITICAL for pending security updates.
I have been using the new ocr app 'cuneiform' that has appeared in the Lucid repo.It is command line and works very well.However, the rest of the household would like to use it and desire a gui front-end.Mepis has this and it is called YAGF. Works well.We are told to install only from trusted sources.how can I check the integrity of this .deb and freedom from malware before installing it?
Im trying to make a script that will test the suitability of a password. I understand that all the features I want are in the /etc/pam.d/common-password file. From here I can change the length of a password, what characters must be in a password, if the words are in the dictionary, etc... but I don't know how to change these values by using a script. I want it in a script because I want to be able to suggest a more suitable password if the original password doesn't meet the criteria.
I was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).
Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.
I need to do a pentest on a Microsoft IIS webserver to test the efficiency of the HIPS i have installed on. methods to simulate attacks so that i can check if the HIPS will detect them?
There is a suspicious amount of data (more than a megabyte) being uploaded from my computer whenever I log onto a commercial web site on which I advertise rental properties.
Is there any way I can see the data being uploaded - I am pretty familiar with the Unix/Linux system and commands.
Just wanted input for this script i have cobbeled together. Its not done yet. I am trying to think of ways to close up my outgoing while maintaining full functionality of my laptop ( irc, web stuff, a torrent or two, etc.) . Anyways, I have done some myself; as well as, pulling bits and pieces from other stuff out on the web. I am starting to wonder why i have to write a specific rule to check for spoofed packets if my default input is set top drop. wouldnt it be caught?
I have set up a user to login remotely to our Red Hat 5 server via SSH. A rule in our department firewall enables this user to login from a single static ip address. The ssh port on our server is 22. I am able to login to port 22 from locations within our department firewall. Our administrator says the firewall configuration is unchanged. The remote user had been successful logging in. But now the remote user gets a Connection Timed Out message, before being asked to authenticate by the server.
I regenerated security keys, but the remote user still gets the connection timed out message. (I can login locally with the new keys). I suspect either a firewall or an authentication problem--inclining a firewall problem. Am I correct? Is there a Linux command to check whether port 22 is available or blocked, prior even to authentication, for login from the user's remote location?
Using Ubuntu 10.04 on an old HP DV4000 laptop. Trying to do a backup from my laptop's disk to an external USB drive using DD while booted from an Ubuntu boot disk. The laptop's hard drive is not mounted. I was also using a checksum to verify the backup against the hard drive like so:
Unfortunately over two separate attempts I have not got the checksums to match. However, I have mounted the dd image and retrieved part of the backup from the image, with no apparent corruption. Are there any reasons other than data corruption that could be causing this? I have not tried to restore from said image to see if it "works" (for obvious reasons).
