I want to connect to the same machine that that I have OpenSSH server on which uses keys and I have disabled password-based logins (for ssh). Apparently, this also affects SFTP which makes sense. How do I setup SFTP to use key-based authentication?
View 5 RepliesI have setup SFTP and it is running without any problems. The problem I have is finding a client that supports key based logins through Linux. I do not want user based logins available and so far the solution works through my Windows machines using WinSCP. The only client I have found for Linux seems to be FileZilla but I have to convert my private key to the FileZilla format which removes the passphrase leaving it nice and insecure.
View 4 Replies View RelatedI run some IT systems for my schools Engineering student organization.
We are upgrading our systems and I just purchased a new server system which I am configuring.
I am using Ubuntu 10.04 Lucid Lynx and the new likewise-open packages.
The points I bring up following this sentence are to fulfill this final goal : Get SFTP, SSH, and Network Share's over our private network all using the schools Active Directory for auth and it's groups to derive privs.
So... Here's what i've done and what i've tried to do.
1 ) I set up likewise-open and got it to join the domain. When I do this I can ssh to localhost as 'schoolnetworkADname'. So that part works (hurray). To get a network share to use these same auth methods I have tried installing likewise-open-server. Everything launches find and the daemons run, but when I go into computer management on a windows server to set up the actual shares, I get permission denied. The account it is giving permission denied to is the same AD account that join likewise-open to the network, so... what is going on.
2 ) Samba, fail. I can't seem to get samba to run on this machine at all, which is strange because even my Samba expert was puzzled. It just won't let Samba join the domain properly, and due to this, I want to keep on the newer likewise package... unless I have to switch to this.
How I can get the lame likewise-open-server to work?
I'm wanting to setup SFTP in a chroot, which is simply enough to do and I already have it working; however I also want it so that when they connect via SFTP it goes directly to their home directory. Currently I have the following in "/etc/ssh/sshd_config":
Code:
Subsystem sftp internal-sftp
Match Group sftp-users
ChrootDirectory /home
AllowTCPForwarding no
ForceCommand internal-sftp
Which works perfectly fine, however when they connect there are shown the contents of the "/home" directory which they then have to "cd username" to get to their home directory. This I do not like, and it confuses our clients who connect saying they can see "random folders that aren't mine", or some that think they've "hacked" the server. I really need it so upon connection they go to "username" directory. I can do this by using:
Code:
usermod -d /username username
Which changes the users home directory to "/username", and then upon connection it works just fine, they are taken directory to their home directory. However, I really really do not like the fact that "/etc/passwd" shows a different home directory to their real home directory, i.e it states "/username" when actually it is "/home/username".I've spent the entire day looking a different ways of doing it, and I can't come up with anything.
I need to set up ssh/sftp/network shares all authenticating with AD. I want to use likewise to do the auth, but to mount the network shares I need to use an older version of samba so it can connect with likewise.How can I go about installing an older version of samba onto this new distro of the OS? I've tried installing the lenny and etch versions but I always get an error during install just saying that samba errored.
View 4 Replies View RelatedI'm new around here and pretty new to ubuntu and linux in general. I am setting Up an sftp server. I set it up using openssh and it worked fine for a few months. Then recently we experienced a power outage. Now the server will boot fine, all users can login locally, but when they try to login remotely they enter their user info and then are denied with some generic network error. Again, being a noob at this I tried to trouble shoot this a little bit but I'm not quite sure what to look for. I believe the ssh service is running but I don't know what else to look for.
View 9 Replies View RelatedI want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies View RelatedTo begin, this is the thread that I always use to set up my Ubuntu boxes for AD authentication:
[URL]
I've had this 10.04 server running for about three months with AD authentication running on it perfect. I have multiple Samba shares that authenticate from AD as well. For some reason, this week it decided to completely stop accepting any authentication from AD.
I checked all of my config files, they are all untouched. I have restarted the machine multiple times. I have unjoined and rejoined the domain on the Ubuntu server. I have no audit failures in my security logs on the domain controller.
Output of /var/log/auth.log whenever I try to log on via an AD user:
Code:
Nov 4 11:58:50 caribbean sshd[1869]: Invalid user justin from 10.3.17.12
Nov 4 11:58:50 caribbean sshd[1869]: Failed none for invalid user justin from 10.3.17.12 port 54738 ssh2
Nov 4 11:58:51 caribbean sshd[1869]: pam_winbind(sshd:auth): getting password
[Code].....
What ubuntu server setup will work the best on a non web mostly data based via sockets (mysql php phpadmin) will be the easiest to use and what sockets to use? Lamp?
View 1 Replies View RelatedI need to setup an linux cluster ..so i prefer ubuntu because of support and i personally i use ubuntu.. and can any one explain in breif ..what all the things needed to setup an ubuntu based cluster my configuration for each node will be (totally 6 nodes) core2 duo with 4 gb ram i need 4 nodes and 2 for load balancing..
View 1 Replies View Relatedi have a vsftpd server running well but i want to make/force all users to use sftp and not just ftp is this possible?
View 1 Replies View RelatedWhat is the fastest setup to do this? All I want is an internally authenticated webmail server that other servers can send mail to for collection of test emails. Don't need LDAP or anything fancy, just a internal LAN only webmail server. I've got Squirrelmail setup on Ubuntu Server and can't get authentication setup with Squirrelmail and every tutorial I read is way over complicated or has nothing on how to authenticate Squirrelmail with internal, system users.
View 2 Replies View RelatedI have setup a home based web server to host a photo blog for myself and my friends. I will be running wordpress and possibly a phpbb3 forum. I'd like to open this to discuss server administration, server setup, and server maintenance. However, I have a pretty good start on all of those but serving a domain name to my static ip. Here my static ip is 24.10.202.144. I registered a domain through [URL]... It appears that I have the domain working to forward to my ip. However, I am still getting this output file from apache.
[code]...
I have tested the domain name across a few different computers on different ips. It works appropriately. I just want to make sure I have it set correctly on the (apache) server side of things. Then I can get more into Zone Editing etc.
Server A: Generated RSA Key
Server B: Added the RSA Key to authorized_keys list
SFTP from A to B.
Still prompts for password.
I will be sftp-ing both from Server B to Server A and 'A to B'. Sever B to Server A works fine. No prompting for password. But from A-B it this is what is happening sftp -v log...
debug1: Offering public key: ~InfAdmin-.ssh-id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: ~InfAdmin-.ssh-id_dsa
debug1: Next authentication method: password
InfAdminATServerB's password:
Why is this trying id_dsa private key? From Server B to Server A when I do the same, it does not say 'Trying Private Key -id_dsa' This is what it says
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
How do I enforce that Server A does the same? Why is it trying the dsa private key when I have used RSA.
If i were to build an sftp client which launched with logon details, and could then controlled by sending commands to that daemon; would that be ideal way to create an sftp client with disposable credentials?
View 1 Replies View RelatedI am attempting to set up an automatic transfer via sftp using public key authentication. I have created a public/private key pair to connect to the remote server without using a password. I have also been able to use this key pair to login from the command line: sftp -vvv -oPort=<server-side port> user@server.Debug info from interactive command:
Code:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
[code]...
Im trying to set up my workflow to a terminal-based setup, so that accessing my computer through SSH will provide many of the things I need and use right off the bat. I have Mutt working great with my GMail account, so that's good. I do have a question though. Using the application Calcurse (featured on Lifehacker a few days ago, [URL] I am at a loss to figure out how to interface with Google Calendar. Is there a trick that Im missing, or does anyone know of another terminal app that plays better with Google Calendar?
Also, I was looking for a 'Digital Clock', essentially, again, a terminal/text based large print clock; similar to the one in the lower left corner on the attached pic. I was looking for a telnet server from the Atomic Clock, but no such luck so far.....
On Ubuntu server 10.10, with a relay smtp server with authentication via postfix; I keep getting 535: Incorrect authentication data. I'm sure my username and password is correct. Heres how I set up postfix: I created a file called smarthosts.conf in my /etc/postfix/ directory that contains the following:
[Code].....
my server uses plain text authentication on port 25. I would like to use security like SSL, but this particular server is unsecured.
I was asked to setup 802.1x Port Based Authentication for users connecting to a Managed Cisco Switch. From what I was told, it should work like this:
- User plugs workstation into switch.
- Workstation asks user for radius credentials.
- Workstation is then able to authenticate to the Radius server.
- After workstation is authenticated, the switchport then becomes unrestricted and allows the workstation to communicate on the network.
Install and configure Samba as a primary domain controller with LDAP on Linux.i setup it step by step following article without error until step 10.i want to join windows client when press user name and password for domain then display message:The following error occurred attempting to join the domain BIGTIME:
The network path was not found.
I am using Ubuntu 9.10 to configure telecom equipments. The software downloading process to the equipment requires that my Ubuntu laptop should act as a SFTP server where the software bundle for the equipment is stored. The equipment act as a SFTP client and requests the software from the server. The equipment have SFTP client hardwired in its memory. The same process i did with windows and i used Putty and FreeFtpD and it worked. Now i want to move to Ubuntu as i want to show that it is better. I have installed OpenSSH server in my laptop and now i need to know few things that i could not find anywhere straight forword.
1)I am using a ubuntu live usb drive with persistancy. How do i set username and password for the client, that is how to create the account in OpenSSH server?
2)I need to keep the software for the equipment in a folder inside server, so that it can be transferred to client upon request. In windows I give the path of the folder to FreeFtpD server. How to do the same in OpenSSH server?
Setting up servers and clients in linux is completely new for me.If this is done (as i know it can be but dont know how) then i can completely move from windows to Ubuntu environment.
I have tried, to set this up, but failed what kind of ftp would you guys recomend, as i have been having slight problems over recent days, with unknowns logging onto my annon ftp server, delt with mind.
I am thinking about a proper login even for the annon account, fairly easy to setup.
I cant seem to find any new good working How to setup SFTP from scratch. Im running CentOS 5.4
View 2 Replies View RelatedI have recently configured sshd_config to have chrooted SFTP service. I'm using SFTP internal-sftp config. However now I have to figure out how to log file transfers happening using the SFTP service. I'm using the Ubuntu Server 10.04 (64bit)
View 3 Replies View RelatedI have a openSSH server, it works to connect to it within the local network but I can't connect to it from the Internet. What I would like to do is to connect to the server using filezilla client, simply by using username and password.To make it secure from brute force attacks will I only allow connections from specific IP number.
I have a server with the static internal ip 192.168.1.5, port is 2222. My global ip is 10.4.5.6 and I would like to connect with filezilla client from ip 11.1.2.3. How do I connect?
In Nautilus I have a sftp:// mount as favorite, how can I see where it is mounted ?
View 5 Replies View Relatedi want to allow some friends to ssh/sftp/scp into my system but i only want them to have access to my external hard drive (/media/externalHD/), and i dont want them to be able to delete or add anything, only download.i have found instructions on how to limit a user to his/her home directory and thought about just creating a user with the home directory /media/externalHD but idk if this will work and im afraid i might make a mistake and delete 800gb of 'files'
View 2 Replies View RelatedI've searched the interwebs and have never had this problem before but I can connect with ssh no problem. The problem arises when I try to connect with sftp. I get code...
View 1 Replies View Relatedi'm on 9, x86_64, and have successfully created chrooted SFTp users following this [URL] tutorial. however, i need to get into the sftp account programmatically to move and delete the deposited files. so i enabled ACL and set setfacl -R -m u:$USER:rwx,d:u:$USER:rwx /home/$SFTPUSER
this works well EXCEPT that now the sftp user cannot log in. the latter, of course, is the problem at hand! it's driving me crazy. as soon as i remove the acl and revert back to the plain old chmod/chown scheme, the sftp user can log in ... but i can't delete files in the sftp account. i tried to set facl to the sftp group ('jailed') but to no avail.
I have this strange problem which I am unable to web search on and not sure what to do next. My Linux knowledge is between basic to intermediate but I know how to troubleshoot general hardware problems.
My problem is that Ubuntu 9.04 Jaunty 64-bit hangs while SFTP is active and dynamic IP changes. For example, I SFTP into my home server and transfer file then suddenly my ISP decides to renew my IP and give me a new IP while my SFTP client is still uploading files to my home server. This causes my SFTP client to stop working. Upon checking, my router is still running with a new IP lease from my ISP. My Linux box still powers on but typing anything from the keyboard does not make it "wake up" and put things on the monitor. Nothing seems to make it respond and the only way is to get about it is to power off and on. During that time, you cannot SSH into the server as there is no respond. SFTP into the server is not possible too because connection fails.
The server has all new hardware, latest BIOS, etc. Memtest86 shows no errors after running for more then 5 hours. I am unable to find anything out of the norm in /var/log/kern.log or in dmesg. All hardware seems to be working.
When I think about it, I tend to think OpenSSH (probably that is the default package in Jaunty) is causing this system hang whenever there is an interrupted connection from the outside world. However, I fail to agree with this is because I am sure the daemon and Linux can tolerate this situation without resorting to system hang. FYI, I have installed vsftp as well but this should not be a problem.