ssh's questions - English 1answer

865 ssh questions.

I recently started a job at a small company where the CTO prefers to host SSH services at obscure, high numbered ports on our servers rather than the well known port 22. His rationale is that "it ...

I am looking to implement access controls through CA-signed public ssh keys, as described in the article Scalable and secure access with SSH. I am trying to conceive how our security team will manage ...

I've updated Kali 2.0 to newest version - it is installed using VMWare. Now, every time I use hydra to brute-force SSH, I get the following error: [ERROR] target ssh://192.168.16.128:22/ does not ...

I'm trying to set up corkscrew to make an SSH tunnel over HTTP, but I need to add custom headers after the "CONNECT" statement and before the ssh tunnel. Does corkscrew support it? If yes, how can I ...

In an ideal world, where all links are fully trustworthy from a data integrity point of view, with proper settings, modern SSH can be more or less assumed to be fully secure against eavesdropping on ...

In this question I asked, why the SSH-Host key shown when connecting to a gitlab repository does not match the one shown on the instance configuration page. Nevertheless, the accepted answer says that ...

I am looking to test a DPI (deep packet inspector). I currently have it set up to block SSH connections (which it does successfully). I have learned that DPI can be bypassed by obfuscating/encrypting ...

As far as I understand, bruteforcing ssh is only attempted for passwords, not keys (barring edge cases where presumably the NSA wants to break in). So if a server has disabled (in addition to root ...

According to the end of RFC 4253 § 6, the random padding introduced to each SSH packet is an arbitrary multiple of 8. It mentions that random padding lengths can mitigate traffic analysis: Note ...

My workflow involves running Jupyter Notebook on a server, and editing & runnig code from my laptop by connecting using ssh -L to that server. Recently, I made this systemd unit that maintains an ...

After searching and reading, I'm still clear on this. Maybe because it is a very rudimentary question? If I forward port "X" in my router settings to allow ssh to access a computer on my home network,...

Recently as we started contributing to a project hosted on GitHub we observed that there are problems with connecting securely: $ ssh -T git@github.com Connection closed by 192.30.253.112 port 22 ...

I tried to log into my university's gitlab via SSH. As expected, I was warned that the host is not known. Therefore, I tried to find the SSH host key on the "current configuration" page in the manual. ...

It is not clear to me why the SSH key authentication needs the public key saved on server. Usually the steps involved are: Generate a key pair on client The public key is saved on server and the ...

I currently have Xubuntu 18.04 with Remmina and for some reason, their SSH option doesn't work for me. So I'm left with insecurely accessing my remote machine over the Internet. So I ssh'd to my ...

So I have a shell into machine A which doesn't have ssh installed and I can't get a tty shell on (I've tried all of the tty cheat sheets, I think this is intentional) Through machine A I can see ...

I see this in my Ubuntu server's log file: in my ssh my user is root but i see other user Disconnected like "teamspeak", what does that mean? auth.log Jul 3 21:39:01 vmi189193 CRON[25937]: ...

I have many client devices that I need to reverse SSH tunnel into. I am finding that managing all these certificate files are becoming cumbersome. I am looking into a centralized authentication system....

I was pulled up by my ISP in work for having a machine making dozens of outbound SSH connections. I tracked down the machine and took it off the network. Problem is there are several other machines ...

Due to a stupid oversight on my side, I have opened my personal computer running Linux to the public internet for a little over 48 hours. Unfortunately, I realized my mistake too late and found ...

I ssh to my AWS instances through WinSCP and it has public-private key authentication. Password authentication is disabled. All the sessions are saved on WinSCP, so I click on the IP of the machine ...

I'm considering setting up a SSH honeypot listening on port 22 on my production servers. I'm hoping that not getting an immediate Connection refused would slow down potential attackers. Are there any ...

Does this output mean this IP is connected to SSH? root@ubuntu:/home/stg03# lsof -i sshd 16782 root 3u IPv4 59791433 0t0 TCP 192.168.3.237:ssh->**58.218.198.156:53245** (...

I'd like to know if I can further secure an AWS EC2 stack (in addition to the .pem file and the allowed SSH inbound ip address security-group) by requiring that an sms authentication code be entered ...

If I have a Raspberry Pi, and I install noobs on it. If i connect it to my router and log in with the default user pi over ssh to create another user to then delete the pi user, is it secure? Since ...

I have 2 severs and 12 systems (All having UBUNTU) connected to each other over LAN. The 12 systems use multiple databases (Redis/Postgres etc.) hosted on the 2 servers using LAN. Now, I need to ...

When I use an Ubuntu from linode ssh-keygen -l defaults to looking for an RSA file to "list". Yet ssh issued from a client asks for verification of the remote linode's ECDSA key. This means that ...

I am trying to SSH into my fresh Ubuntu 12.04 server. At the client I have deleted known_hosts. SSH to the host for the first time has it offering me an ECDSA key to verify. The problem is I know ...

When you first connect to an SSH server that is not contained inside your known_hosts file your SSH client displays the fingerprint of the public key that the server gave. I found from this question ...

I have seen this answer and it just tells the difference between SFTP and VPN ftp. But I am asking for How exactly SFTP works? The first SSH make a secure tunnel but then how do I use FTP?

WireGuard is extremely simple and fast kernel-space VPN based on modern cryptography. I want to use it in production and need automatic IP assignment for new peers. The project provides two short ...

So I come from windows background and new to SSh. We are in Linux environment now and as much as I like SSh and see its benefits, what I have realized is that it can be implemented in different ways. ...

So I'm performing an authentication cracking lab using Hydra, I use the following command; hydra -L /usr/share/ncrack/minimal.usr -P /usr/share/wordlists/s1.txt -f -V 192.168.99.22 telnet The ...

I'm planning to automate copying a large file to a remote server over ssh using rsync, using following command : sshpass -p '<PASS>' rsync --partial -av --progress --inplace --rsh='ssh -p 22' ${...

While inspecting some flow logs, I noticed some port 22 traffic destined to a few local servers (at 10.x.x.x) . What was surprising is that the traffic originated from a 169.254.x.x IP address. Is ...

Is it better to create a separate SSH key for each host and user or just using the id_rsa key for all host to authenticate? Could one id_rsa be a malpractice for the privacy/anonymity policies? ...

I'm wondering if it is possible to use a Yubikey to unlock for example a GnuPG key on a server, so can I somehow pass the generated token from the YubiKey over SSH to the server in an easy way?

It seems that they are mutually exclusive, as disabling one gives me the other, and vice versa. Two-factor auth for my ssh servers sounds really nice, so is there any way to accomplish this?

How Symmetric Key occurs in SSH process? As I think that the Asymmetric key used for the only Authentication but my main problem is "How Server generates the Symmetric Key which will use to do secure ...

In an answer to What is the difference between SSL, TLS, and HTTPS, it's said that HTTPS is HTTP over SSL/TLS. That is, an SSL/TLS connection is established first, and then normal HTTP data is ...

I have read a degree of mixed reports on the security implications and/or value of allowing TCPKeepAlive yes in /etc/ssh/sshd_config (for OpenSSH-server). Anything definitive on the security best ...

I am trying to brainstorm how I might either: 1) create a protocol (although against this option) 2) use an existing protocol That does the following: 1) allows 1 way communication from 1 node to ...

What is the difference between SSH and SSL? Which one is more secure, if you can compare them together? Which has more potential vulnerabilities?

When I ssh to a server - let's call it x.x.x.x - over one network, Network A, I get a message that the remote host identification has changed. If I use one of two other networks - call them Network B ...

I am working on React web app build on my local PC at port 443, and I want to make it accessible via internet for testing purposes. One solution that I came across was SSH remote port forwarding as ...

Does a service, for example, SSH, generate traffic when only listening (e.g. does it advertise itself in some way) when there is no connection established? I ask as on Android devices for example, we ...

I have a condition that I am far away from my laptop that I use to work. All I have is my Android Samsung J2. Sometimes I need to work remotely on my server, checking some stuff like traffic data, ...

I am developing an application where one can add SSH credentials for servers and then an automated python script can fetch those credentials to login to the server and perform certain automated tasks. ...

Although this is closely related to the recently closed question Evil maids in the server room [closed], I believe that it's more answerable. I'd like to unlock LUKS volumes on remotely hosted ...

I have a medium-sized team (~10 people, but we expect to grow) that manages a set of EC2 servers on AWS (currently a few dozens, but this is also expected to grow). As EC2 requires you to have an ...

Related tags

Hot questions

Language

Popular Tags