I set up a Ubuntu on a Virtualbox VM instance, using bridged network. External SSH to it is very slow. I am not sure if it's a Ubuntu problem or a Virtualbox problem. I labeled some delay gaps in a debug ssh session:
ssh -v mybox.mydomain.xxx -l myid
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to mybox.mydomain.xxx [129.186.142.168] port 22.
debug1: Connection established.
debug1: identity file /home/hu/.ssh/identity type -1
debug1: identity file /home/hu/.ssh/id_rsa type 1
debug1: identity file /home/hu/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1
debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'mybox.mydomain.xxx' is known and matches the RSA host key.
debug1: Found key in /home/eded/.ssh/known_hosts:23
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
(-----pause 12 seconds------)
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/hu/.ssh/identity
debug1: Offering public key: /home/hu/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
(-----pause 5 seconds------)
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US
(-----pause 31 seconds------)
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic i686)
Any suggestions? Thanks in advance.
joe
I have been asked to setup an SFTP which uses RSA public key authentication.
AS it was already in use I have opted to use CygWin and I can get it to work with passwords fine.
we are going to be hosting the SFTP server with users from the clients office connecting to it. The client has sent me their public key.
Having done LOts of reading and even more attempting to configure the server I just cant get it to work. Most of thetime I get..
ebug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/ColoniAdmin/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_rsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_dsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_ecdsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
I have once managed to get it to the point of asking for a passphrase for the private key but I don't have a private key (that I know of) just the public key the client sent us. and I certainly don't want to have to use passphrases
Their public key is in the authorized_key file on our server within the .ssh folder of their home folder. I have amended paswd and sshd_config to set home location and to allow RSA authentication.
All and any advice is super welcome, I have been doing this for 2 weeks now and i just wont work.
HELP HELP HELP!!!!!! ;-)
Thanks
Hey Guys!
Using RHEL v5.7, I am trying to make a connection between two servers with rsa key auth. I need to connect directly to the root as it's privileges are needed for changing password. RSA key is working for normal users but I cannot connect to root. I changed the sshd_config file as
PermitRootLogin without-password
RSAAuthentication yes
PubkeyAuthentication yes
and restart it (on both sides). Files permissions are below:
(Sender server=> /root/.ssh directory's permission is 700)
-rw------- 1 root root 1675 May 25 15:14 id_rsa
-rw-r--r-- 1 root root 392 May 25 15:14 id_rsa.pub
-rw------- 1 root root 2743 May 21 09:13 known_hosts
-rw-r--r-- 1 root root 1177 Mar 30 09:38 known_hosts.old
(Remote server to connect)
-rw------- 1 root root 392 Apr 20 15:35 authorized_keys
-rw------- 1 root root 668 Mar 30 10:08 id_dsa
-rw-r--r-- 1 root root 601 Mar 30 10:08 id_dsa.pub
-rw------- 1 root root 1675 Apr 28 11:09 id_rsa
-rw-r--r-- 1 root root 393 Apr 14 14:40 id_rsa.pub
-rw-r--r-- 1 root root 1178 Apr 28 08:58 known_hosts
Also I provide the verbose output when I run the ssh connection:
Username: user_of_remote_server
New Password: OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to remote_IP [remote_IP] port 44.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug3: Not a RSA1 key file /root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 118/256
debug2: bits set: 512/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'remote_IP' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug2: bits set: 498/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x2b9f25eb6cf0)
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug3: input_userauth_banner
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@remote_IP's password:
debug3: packet_send2: adding 64 (len 60 padlen 4 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
Permission denied, please try again.
root@remote_IP's password:
Where is the problem ? I do not want to be asked password for root during rsa connection. That's why I am using without-password mode for PermitRootLogin. Thanks for your helps!
Dear Members,
I am trying to configure sftp on my Server (Redhat). But I am facing following issue.
Link used: https://www.linode.com/docs/tools-re...ian-and-ubuntu
These are the parameters added to /etc/ssh/sshd_config file :
Quote:
Match group filetransfer
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Permission home Directories are as follows :
Quote:
ls -ld /home/test1/
drwxr-xr-x 7 root root 4096 May 14 09:49 /home/test1/
ls -l /home/test1/
total 12
drwxr-xr-x 2 root root 4096 May 14 09:49 docs
drwxr-xr-x 2 root root 4096 May 13 11:43 nitish
drwxr-xr-x 2 root root 4096 May 14 09:49 public_html
Debug Command : sftp -vvv test1@Ipaddress
Code:
debug1: Next authentication method: password
test1@IP-address's password:
debug3: packet_send2: adding 64 (len 53 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 1421
debug1: Authentication succeeded (password).
debug2: fd 4 setting O_NONBLOCK
debug3: fd 5 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug3: Wrote 128 bytes for a total of 1549
debug3: Wrote -1 bytes for a total of 1549
Write failed: Broken pipe
Couldn't read packet: Connection reset by peer
I need the user can't access/see the other directories other than it's own directory
Waiting for your response.
Thank you
Redhat-Keeda
Hi,
I try to co connect to a linux server and get following message:
Code:
me@host:~> ssh -X target -vvv
OpenSSH_5.1p1, OpenSSL 0.9.8j-fips 07 Jan 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to target [192.103.143.9] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /users/me/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /users/me/.ssh/id_rsa type 1
debug1: identity file /users/me/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
Now I am trying to figure out what the problem is but I cannot connect to the target server. Is there any other way to connect except using ssh?
Thanx
I am using debian 7.7 stable and when I open the root terminal it asks for the password.
But if I open it again, I get the message: 'Granted permissions without asking for password. The /usr/bin/x-terminal-emulator program was started with the privileges of the root user without the need to ask for a password, due to your system's authentication mechanism setup'.
Oh, really? Because I don't remember setting up any 'authentication mechanism setup'.
How can I change this so the root terminal always asks for the password?
Do I have a trojan already? Because I installed the OS just a few days ago.
Thanks very much.
I have been getting permission denied issues when trying to log into as root. I have set my password and when I type su - root and enter in my password I keep getting either password incorrect when I know I am typing it in correctly or acess permission denied from su. Can anyone explain what I am doing wrong. I am trying to get into /etc/passwd for homework assignment and I get permission denied when logged in as my user. Any help will be great. I have in the past been able to logg in to root but now I cant seem to get into it. This is a new install of ubuntu 14
Hi, I forgot my password so went into root to change it.
From grub menu, Ubuntu : advanced options : ubuntu recovery : network : root
input passwd then typed in a new password and re-entered password. rebooted.
Tried to uninstall Firefox from software centre but the new password was not accepted for authentication.
Could anyone advise what the problem could be or suggest what I may have done wrong. The password appeared to be accepted ok in root. Thanks
I have an expect script to SSH to a remote host and obtain some user inputs and information about the server/network configuration. The responses are saved in a text file that I then need to copy to my local host so that I can read the lines into variables for use in the parent shell script.
Is there a way to do this without needing to enter the username and password for the local host to use function scp? I have tried the following in my expect script to no avail:
Code:
spawn scp $usr@$host:$flnm .
expect {
-re "(.*)assword:" {
send -s "$pswd\r"
}
}
I have also tried to directly scp the file and enter the username and password to try to debug the issue, and that doesn't work either:
Code:
spawn scp file.txt user@host:file.txt
expect {
-re "(.*)assword:" {
send -s "password\r"
}
"you sure you want to continue connecting" {
send -s "yes\r"
exp_continue
}
}
In both scenarios I have used exp_internal 1, and there are no errors. But I do not end up with the file on my local host.
Following the copy, I would like to delete the file from the remote host. Any suggestions on how to accomplish this?
Hey guys!
So I decided to set up some basic user authentication on my apache2 server, and I am running into some problems. I followed the documentation provided by apache on their website, but I cant create the password file for some reason. I did a little trouble shooting myself, and found out that I need to use htpasswd2.1 as opposed to htpasswd(which is nowhere to be found).
The specific part I am stuck with, is running this command:
htpasswd2.1 -c /opt/apache2/passwords user1
It's displaying htpasswd2.1: command not found.
I am completely stuck, and seeking assistance. Thanks in advance for taking the time to review this.