Networking :: SSH Setup - Public / Private Key Authentication?
May 7, 2010
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies
ADVERTISEMENT
Jan 28, 2011
I created a private/public pair. I put the public on github.But I can never push to github.Every time, it says public denied. In order to push, I need to do this:eval ssh-agentssh-add ~/.ssh/github_dsaThis is driving me nuts that I have to do this every time. So, I just put it in my ~/.bashrc file. I feel like that's a hack. Is this normal?
View 1 Replies
View Related
Mar 27, 2010
So after tinkering for a while, I was able to configure ssh for private/public key authentication and disabled Password-Authentication. In the past I had some issues with people brute force trying passwords/usernames so I want to avoid this, but I need some form of secure FTP that now doesn't work due to the aforementioned setting.
View 2 Replies
View Related
Jan 26, 2010
I installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla. In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)? Or, is there an automated way to set this up via Webmin?
View 1 Replies
View Related
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Jun 2, 2011
I have a strange problem and I can't seem to find clear information on how to do this . I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
internal vip - 192.168.0.199
external vip - 195.x.x.21
lb1 -master
bond0 - private - 192.168.0.239
[code]...
View 1 Replies
View Related
Feb 12, 2011
My Ubuntu server is now providing routing duties to my network, but I'm having trouble opening ports to my network. I have a DynDNS account, so the IP is always current, but I can't ping even my IP directly.
My network map looks like
Internet > SpeedTouch DSL modem with DHCP > eth1 > Ubuntu > eth0 > LAN
With the modem providing a 192.168.1.xx IP to eth1, I can browse fine. The default gateway is my modem. I switched to the public IP of the modem so I could use iptables for firewall duties, but I was locked out of the internet. No gateway was set when I did that, but eth1 received the public IP of my modem.
How can I use the public IP assigned to eth1?
View 6 Replies
View Related
Jan 11, 2011
We have to connect one PC in private network (campus) with other PC (mostly a modem in our case)in public network. Connection should be peer to peer like and we have to use C coding for establishing connection between this two systems. Is it possible if we use port forwarding or is there any other way?
View 2 Replies
View Related
Feb 6, 2010
I'm trying to connect to my Xubuntu box (zelda) remotely using my RSA key. I'm using Cygwin on my Windows box (link) to SSH in to the Xubuntu box. I've created the key and placed it in the authorized_keys file on my remote box. Here's where it gets weird. When I ssh into zelda the first time, it prompts me for my password. However, if I'm already connected to zelda and try to open another connection, it prompts me for my RSA passphrase. This is very confusing, and I have no idea what's going on.Here's my sshd_config file on zelda.
Code:
# Package generated configuration file
# See the sshd(8) manpage for details
[code]...
View 9 Replies
View Related
Jan 6, 2010
I have an ssh (OpenSSH_5.1p1 Debian-6ubuntu2) client A and a server B set up for public key authentication as described in [URL]
The problem is the following: ssh asks for a password when connecting from A to B without any other ssh session going on between A and B; but if I connect from A to B whenever there is another ssh session between A and B, either I get prompted for the passphrase I used to encrypt the private key or I get logged automatically.
I already checked permissions on B: .ssh is 700 and authorized_keys is 600. I already tried "StrictModes no" in sshd_config. Printing debug information using DEBUG3 does not any useful insight. Moreover, there is no /var/log/secure (is it supposed to be there?)
Right now the computer is far far away from my reach, but when I configured the system I noted that whenever I was locally logged to B and then ssh'ed from A to B, I was logged in without any problem; whenever I was not logged in locally I was asked for a password. Note that at that time I was using a different public/private key pair whose private part had no passphrase.
how to know exactly what cipher is ssh/sshd using for a particular session? Is there a way to know any statistics for a given session (something like the ~s option in section 5 of [URL]
P.S. 2: does the following mean that ssh is using protocol 2.0 or something different than protocol 2.0?
(..........) sshd[2606]: debug1: Enabling compatibility mode for protocol 2.0
View 9 Replies
View Related
May 22, 2010
I'm trying to get OpenSSH public key authentication to work. My server runs ubuntu. My client is a windows machine, and I'm using cygwin. I tried using the instructions here: [URL]... If I test it out using this line: ssh -v -v -v -o PreferredAuthentications=publickey server.example.org
I get this:
debug3: no such identity: /home/Julie/.ssh/identity
debug1: Offering public key: /home/Julie/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1477
[Code]...
View 2 Replies
View Related
Dec 20, 2010
I'm trying to restrict command line ssh and yet keep NoMachine working, so I followed this post [URL]... and tried adding this to /etc/ssh/sshd_config:
AllowUsers nx@*.*.*.* paul@*.*.*.* *@::ffff:127.0.0.1 *@127.0.0.1
On restarting the ssh daemon other users can't login by the terminal, but I can. However, NoMachine won't log me in. I get: NX> 502 ERROR: Public key authentication failed. As a server side check:
[code]...
View 1 Replies
View Related
Feb 24, 2010
Currently my OS is Ubuntu 9.04 Jaunty Jackalope Desktop OS and my web server is Apache2. I have a public address 60.x.y.z and my pc local address is 10.x.y.z. I have a web app in my Apache2 which currently run in localhost(10.x.y.z).
I would like to enable the web app so that it could be browse from outside. I know there maybe some port forwarding process and some commands involved in order to do that. But I have no idea on the steps to do that.
View 5 Replies
View Related
Nov 17, 2010
For using SSH, why does a host also need to have a public and private key? And how can I generate a public/private key pair for myself?
View 5 Replies
View Related
Feb 6, 2011
I have a class in which a have declared a private variable "time". In one of the public functions, I am returning the value of "time" (either directly by using "return time;" or by something similar to "x=time; return x;" but I keep getting a compiling error saying that "time" is not declared in this scope.
View 3 Replies
View Related
Dec 7, 2010
Most of our machines have public facing and backend mgmt private nics(ie: 192 or 172 networks). I wrote a rule that matches source ip(our monitor on a 192 network) on udp 161 accept. I want to prevent listening on that port on the public. Is the source rule sufficient or should I match the interface and then source? I know there a many ways to do this. I need to verify from the public network with a port scanner?
View 2 Replies
View Related
Feb 27, 2011
I'm trying to set up my laptop to ssh into my home server, but I'm trying to find how to generate the public/private keys. I was able to do it in Slack 12.2 by just running ssh-keygen, but that command is not in 13.x.
View 2 Replies
View Related
Mar 14, 2010
i am totally new to Opensuse and to filezilla. I formerly used winscp - a windows-client for ssh.now i have a linux box and want to connect to the server via ssh ing filezilla.Can i use the same keys as i used in WinSCP - where should i store them and the third question.I read something about a certain so called certificate-file that has to be created!?
View 1 Replies
View Related
Jul 19, 2010
Another question though...i have a fedora 12 server set up and i have created 3 sudo users. I have created 3 putty keys (public and private) using putty key gen and basedn my research i was told to put the public keys in /home/"user"/.ssh/authorized_keys .I did that but when i tried to log on using the key...the server is saying "server refused key" could anyone assist in this issue
View 4 Replies
View Related
Jan 11, 2011
I have one doubt that is how can we actually connect a system in private network with the system in a public network using IP address. I have one system in private network (in my campus) I need to connect it with the system on public network (home) using IP address and communicate with each other. How can I do it or is there any other way of connecting these two systems more easily?
View 4 Replies
View Related
Feb 18, 2010
In my ~/.ssh I have a number of public keys and one private key (id_rsa). How can I verify which one makes a pair with the private one.Or, can one generate the public one from the private key (in reasonable time)?
View 4 Replies
View Related
May 13, 2011
I want to know that it is possible to do public and private ftp server in one host without using tcp wrapper.
View 1 Replies
View Related
Dec 29, 2009
I configured ssh on one of my servers to require public/private key authentication and deny access to login requests not using a public/private key. Now I need to unconfigure that,but I can't remember how I did it. I've looked through ssh_config and sshd_config, and nothing rings a bell. Googling only tells me how to enable public/private key authentication, not how to require it or stop requiring it.
View 2 Replies
View Related
Aug 10, 2010
My ISP has for a long time had a broken forward/reverese DNS so that my ADSL connection with static IP address resolves to a completely different IP address on a reverse query. This has not been a problem until I upgraded a remote server from 10.3 to 11.3 last weekend and now ssh connections from my ADSL connection to it using public/private keys are being rejected with the following message in /var/log/messages (IP addresses changed):
Aug 10 12:00:32 penguin1 sshd[1270]: Address 83.175.246.243 maps to 83-175-246-243.static.dsl.aupex.com, but this does not map back to the address - Possible Break in Attempt!
But if I log in interactively with username & password, the connection succeeds. I've changed the StrictModes setting in sshd_config to 'no' but this hasn't resolved the problem. Obviously something in 11.3 is being stricter about this IP mismatch than it was in 10.2 (and no, the server is not using a firewall). There must be something I can change to make sshd more permissive? I've tried before to get my ISP to fix their problem but no luck. This needs to be sorted as a server at my home (which does not run SuSE) retrieves backups from the remote OpenSuSE 11.3 server every night using scp and these are now failing.
View 3 Replies
View Related
Mar 26, 2010
At the moment we have one SSH server with the private key being on a usb flash drive, and the public key being on the server in authorized_keys2. Now that three more servers are coming online, should we generate new keys, so we have muliple private and public keys (one pair for each server), or use the same two keys to access all the servers
View 5 Replies
View Related
Sep 9, 2010
My calling application will accept only strings and interger. we are replacing RSA bsafe library to openssl. using RSA bsafe, we have generated the private and public key in BER format. Then convert the keys, BER format into ASCII format to send the calling function. (these everything done by using RSA supplied bsafe library) same way i have to right using openssl..i m now able convert the RSA public and private key into DER format
rsa = RSA_generate_key(1024, 3, NULL, NULL);
{
size_t size;
[code]....
View 1 Replies
View Related
Nov 27, 2008
We have a new Bussiness DSL line with 16 public addresses.What we want is to setup a DMZ to run some services and internet to the LAN. Here's a schematic of what we want:
Code:
Backup Internet Main Internet
connection connection
| |
| |
SDSL Modem BDSL Modem
[code]....
The webserver has the following settings:
IP: 12.34.56.125
subnet: 255.255.255.240
gateway: 12.34.56.126
What IPTABLES rules do i need to setup to "see" all IP's in the DMZ-2 from the internet?
View 2 Replies
View Related
Jul 8, 2011
I am running CentOS release 5.6 (Final) and have successfully installed PPTPD and this works great internally.
I want to access my Linux box remotely on the internet via my VPN tunnel. However I am not sure what I need to do on the Linux box to make this happen. My linux box is multihomed as follows
PSTN WWW <===========> ADSL Router Firewall <----------------> [eth1 192.168.x.x] Linux Box [eth0 172.16.x.x] <-----> to LAN
The desired topology is as shown.
VPN Client <------> Home ADSL Router <======= PSTN WWW =======> ADSL Router <------> eth1 Linux Box
1. The VPN is setup and bound to eth1 and eth0 and works well internally
2. IPSec, GRE and PPTP rules have been declared on the router which port map to eth1
However I am still unable to setup a VPN connection to Linux Box I suspect something hasn't been done or I have setup my NATing or IPTables correctly on the linux box.
View 4 Replies
View Related
Feb 14, 2011
I was testing my authorized_hosts setup, so deleted my local private key. I then successfully ssh'd into my remote server using RSA authentication. I was expecting to get a permission denied, seeing as there is no longer a private key to guarantee I'm me. Guessing I'm misunderstanding something fundamental. Anyone know what's going on? It doesn't look like ssh-add is holding my private key:jake@clyde:~$ sudo pkill -9 ssh-agent
View 2 Replies
View Related
Mar 1, 2011
I keep getting the above message when trying to login to my server using a private key,is there something I am missing from the configs here?Quote:
#$OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
[code]...
View 8 Replies
View Related
