similar to: ssh as root with and without private key

Hi. There should be a checklist of everything that can go wrong with making an ssh connection. Here's one entry for the list, which I didn't know before, and * I couldn't see the problem from the -ddd and -vvv output, and * there were no /var/log/* file entries to give hints. Here's what I did sudo kill <pid-of-sshd> /usr/sbin/sshd No good. Usually I did kill

Hi all, I wanted to schedule some rsync backups and found that CentOS is by default using anacron. I'm mostly used with the historical cron, but let's follow the progress :-) - I made a shell script in /etc/cron.daily/dobackup - I made it 755, root.root. - In /etc/anacrontab, START_HOURS_RANGE=21-23 (I kept the other lines unchanged) - When I manually run /etc/cron.daily/dobackup, it

Hello everyone, We are setting up a server at work, and we have run into something that I am not sure how to resolve. We have set up sshd (OpenSSH server) on the machine. We have placed ssh keys into each user's home directory that needs to access the system (and they work). We want to disable everyone from logging in, using a password, utilizing ssh keys only to access the system. I have

HI: I tried to deploy a SFTP server with chroot but when i tried to connnect the client send the next error: Write failed: Broken pipe Couldn't read packet: Connection reset by peer The sshd_conf file is the next: ------------------------------------------------------------------- # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and

[Not subscribed to this list, so please respond directly if you need to speak to me] In man5/sshd_config.5, a permissible keyword in a 'Match' block is missing. It currently lists only: AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin,

Hello. I'm not 100% sure if this is a configuration error on my side or a 'bad idea' on sshd/FreeBSD sides. A remote root ssh connection to a FreeBSD 4.10 server (with no remote root access) will allow you to 'work out' the root password. However, if you try the same against 5.2.1 FreeBSD, you have little chance. The following are pretty clear examples. If this is a config

Try adding a star at the end. eg : /home/bob/.mozilla/firefox/* If this is still not excluding as you expect then please let me know. On 16/04/2009, at 8:19 AM, Robert Parker wrote: > Reading and re-reading the man page has got me nowhere with this issue > and searching your site on '--exclude-from' got me to the same place. > > Here is the script I am using: >

Reading and re-reading the man page has got me nowhere with this issue and searching your site on '--exclude-from' got me to the same place. Here is the script I am using: #################################### #/bin/bash suffix=`date +%Y%m%d` echo Suffix is "$suffix" fromdir=/home/bob/ echo Source dir is "$fromdir" todir="$maxtor6"BackupOfHome

This problem can be solved by chowning the rc (and user conf files) files to some other user and chmod'ing the group and other write bits off. I say this because usually, when people use "ForceCommand" the intention is to severely restrict a particular account. Going down this path requires that you do a lot of homework around restricted shells/profiles/etc. and changes you

https://bugzilla.mindrot.org/show_bug.cgi?id=2618 Bug ID: 2618 Summary: net-misc/openssh-7.2_p2: Terribly slow Interactive Logon Product: Portable OpenSSH Version: 7.2p2 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd

Hi, As I understand the "ForceCommand" in the sshd_confing file is meant to ignore any command supplied by the client, but if user's home is shared by server and client machines over network (ex. NFS) then user can still put something else into ~/.ssh/rc file and overcome this limitation. Is it possible to disable execution of the ~/.ssh/rc file in such a case? Thaks, Mike

https://bugzilla.mindrot.org/show_bug.cgi?id=2282 Bug ID: 2282 Summary: When group member count exceeds 126, config reliant fails Product: Portable OpenSSH Version: 5.3p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sftp-server

https://bugzilla.samba.org/show_bug.cgi?id=10963 Bug ID: 10963 Summary: rsync to multiple destinations Product: rsync Version: 3.0.6 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee: wayned at samba.org Reporter: Dave at

http://bugzilla.mindrot.org/show_bug.cgi?id=1266 Summary: incompatibility between s/key and keys Autentification Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org

Hi, We are preparing to make the release of OpenSSH 4.8 soon, so we would greatly appreciate testing of snapshot releases in as many environments and on as many operating systems as possible. The highlights of this release are: * Added chroot(2) support for sshd(8), controlled by a new option "ChrootDirectory". Please refer to sshd_config(5) for details, and please use this

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

https://bugzilla.samba.org/show_bug.cgi?id=2395 wayned@samba.org changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|major |normal Status|NEW |RESOLVED Resolution| |WORKSFORME -------

OpenSSH 6.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

I am thinking of configuring a service where multiple users have their own private keys to do rsync over ssh. I don't want each of these users to have their own UID. I want them each to share a UID, but to have space on the ssh server isolated from any other user. Let us assume that I also wish to prevent them from using any service other than rsync. Is this possible? Is a sensible approach

https://bugzilla.samba.org/show_bug.cgi?id=6543 Summary: when crashing, announce the last file that was correctly copied Product: rsync Version: 3.0.6 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org