Questions tagged [ssh]
Secure Shell (SSH) is a protocol primarily for encrypted shell connections. This tag is also used for questions about sshd and openssh, the two standard applications for using SSH.
8,909
questions
0
votes
0
answers
16
views
Custom Linux AMI: How does AWS know where to install account SSH .PEM files when an AMI is provisioned?
We are building a custom AMI from a template EC2 EBS instance snapshot (Oracle Linux 8). This page shows there are many different user names depending on the AMI you choose:
https://docs.aws.amazon....
- 151
0
votes
0
answers
30
views
Error connecting with ssh - external network
I know it's a very discussed topic, but after following lots of tutorials and checking most common troubleshooting problems, I'm facing the following situation
We have a small server in the office ...
1
vote
0
answers
25
views
ssh_config capture group (or similar)
I like to namespace (simple prefix) remote servers that share a common network disposition or other logical access/grouping.
Is there a way to reference the contents of the wildcard (capture group or ...
- 111
0
votes
1
answer
43
views
Changing the root folder of the ssh server
There are some similar questions but not same. I don't want to change the default folder. so i want to set the ROOT FOLDER for ssh connection. I mean the only folder that the client has access to , is ...
-1
votes
0
answers
62
views
+50
Rsync from remote Ubuntu server to WSL on Win11 fails with "unexplained error (code 255)" after exactly 90 seconds
Okay, so I have a small minecraft server in my basement running Ubuntu Server 22.04.3 LTS (GNU/Linux 5.15.0-87-generic x86_64)
I have a Windows 11 machine upstairs with WSL installed. Everything is ...
- 59
0
votes
0
answers
12
views
Feeding config into SSH via pipe
I need to make individual ssh connection configuration dynamic. Ideally it should work as follows:
#!/usr/bin/env bash
ssh -F <(config_provider_command) hostname
Many Linux and GNU commands would ...
- 151
0
votes
1
answer
87
views
How to redirect ssh port to another port by username?
I have sshd: Listen 2222 on server, and what I want to do is:
ssh -p 2222 userA@ip, and server finds userA, then redirects this connect to 6122 port of this server, but I don't want to modify on my ...
- 1
0
votes
0
answers
25
views
SSH connection slow after authentication
I have a few servers where SSH'ing into them can take a minute or so before I get a prompt. I connected with ssh -vvv and it hangs after authentication succeeds, so it's none of the usual stuff (...
- 474
0
votes
0
answers
38
views
Firewalld: restrict ssh access to specific IP and allow that IP to access services in the interface zone
The target setup is the following: I want to restrict ssh access to the server to a specific IP, and allow the http service to all. Now, to start from "scratch" I defined a new zone which I ...
0
votes
0
answers
19
views
ssh to the same server of openvpn, tries to connect with original IP instead of VPN IP
I'm using ubuntu Linux 22.04.3 LTS with OpenVPN 2.5.5 and i have ssh server installed there too.
i want people to be able to connect to that server by ssh only if they are connected to the VPN.
that ...
- 333
0
votes
0
answers
33
views
Google Authenticator - What to keep for emergency restore [migrated]
I started to use Google Authenticator to secure my SSH servers with 2FA.
Running $ google-authenticator generates and prints a set of emergency keys beside a secret key and a verification code.
Your ...
- 239
1
vote
1
answer
64
views
Remote Linux server GitHub permission denied publickey issues
I am experiencing publickey permission issues when trying to pull a private repo from GitHub to a remote Linux server.
Update
Ran ssh -v -o IdentitiesOnly=yes -i ~/.ssh/id_rsa [email protected] command ...
github
- 141
0
votes
0
answers
38
views
Should I run as a docker user, and keep sshd running all the time, or as root but start/stop sshd on demand
I'm creating a docker container that will be used as a reverse tunnel. I'm now looking to harden the solution but I've an interesting dilemma and I'm not sure what the best approach is.
Current the ...
- 121
0
votes
0
answers
26
views
Authorization error in AWS ec2 instances in windows [closed]
user aws ############ is not authorized to perform: compute-optimizer:GetEnrollmentStatus on resource: * because no identity-based policy allows the compute-optimizer:GetEnrollmentStatus action
0
votes
1
answer
131
views
powershell detect login is sftp
tl;dr in powershell, how can I detect a login is specifically SFTP and not SSH or local?
On Windows 10 I have the built-in OpenSSH service running. For SFTP protocol connections, the server uses the ...
- 725
0
votes
0
answers
19
views
Unable to log in linux server from windows 10 with ssh
Since a few months I can only access the server (Ubuntu 18.04) from my computer (Ubuntu 20.4). Any attempt to access from my other Windows 10 computers gives me an error.
From my Ubuntu 20.04 I ...
0
votes
0
answers
21
views
SSH tunnel to access dual stack resources in AWS (IPv4 + IPv6)
I am trying to setup a Bastion and use it as an SSH proxy to access all my private resources in AWS.
I am having hard time debugging why an SSH tunnel to a specific host with dual stack (IPv4 + IPv6) ...
- 1
0
votes
0
answers
50
views
docker compose fail; SSH to host doesn't work any more
I have a Proxmox-VM on this VM runs Rocky Linux and docker with all basic plugins.
Rocky Linux 8.6 (Green Obsidian)
Docker 20.10.21
Docker compose v2.12.2
If I try to run the command docker compose ...
2
votes
0
answers
60
views
Why on earth would rsync over SMB run nearly five times faster than rsync-to-rsync (over SSH)?
I just modified many files on a 36TB Unraid array (not quite half full yet). Now I want to sync all of those changes up to a backup array using rsync.
My usual rsync backup was going a lot more slowly ...
- 129
0
votes
0
answers
32
views
SSH with LDAP authentication within a Docker container
Im trying to setup a ssh jumphost with docker that uses LDAP authentication. I'm running the container as rootless.
Note: This is all currently as testing but would love to hear some feedback about ...
- 1
0
votes
1
answer
62
views
Pubkey authentication not allowing to enter the server
I'm trying to access my server through SSH using pubkey authentication, but it's not working and I don't understand why. I've been around this same issue for 2 days now.
I'm using Ubuntu 20.04. All I ...
- 101
0
votes
0
answers
27
views
CopSSH home path discrepancy
We've got a current system running CopSSH v4, and we're implementing a replacement solution on v7.
One of the issues we've run into is the home path that the user is presented with when they connect ...
0
votes
1
answer
53
views
SSH prompts with wrong host key/fingerprint
Using SSH to connect to a server (running Oracle Linux 7.9) I have set up, and I wanted to replace the original key pair I used with a different one. I am able to connect to the server using the new ...
- 1
-1
votes
0
answers
24
views
Change remote ssh download server location on another disk
My Visual Studio Code was installed on my main driver - Local Disk (C:) and has also installed the remote ssh extension. However, local disk c is already full and there's no space anymore. I can't ...
- 1
1
vote
0
answers
22
views
ssh key order changing
I use pam_ssh_agent_auth for authorising
And also use id_rsa.pub for authorising between servers
And today I found problem - when I try to svn update , I can't do it, because my svn use ssh+svn:// - ...
- 793
-1
votes
0
answers
24
views
"Reverse" SSH connection over existing one
The way I understand it, using a reverse SSH tunnel to open a shell back on the original host requires the initial connection to have been set up with the -R flag.
In a situation where there is an ...
- 425
0
votes
1
answer
25
views
How can I Forward traffic through UBUNTU?
I have a Ubuntu Desktop client and two Ubuntu server.
Ubuntu servers are two separate VPS in Germany and Netherland.
I need to route SSH traffic through Germany VPS, for example;
When I run ssh root@...
- 21
-1
votes
0
answers
47
views
Forward all open ports to local server
I have a server running on my local network, but I can't open any ports up on the network since my ISP does not allow that. I want to still access databases and services I run on my machine.
So now I ...
- 19
0
votes
0
answers
20
views
apt sources.list ssh://[REMOTE REPO URL] getting connection timeout
We have created custom package repository for our edge device on the remote server.
We have specified the url in sources.list as below
sources.list file
This link was working fine earlier and we were ...
- 1
1
vote
1
answer
54
views
How to disallow multiple outstanding requests on openssh server
The openssh/sftp client has the ability to configure the max allowable outstanding requests with the -R option.
Is there something equivalent on the server side of things? I have a client that ...
- 481
2
votes
2
answers
531
views
'Hostname' in ssh client config converts to lower case; however, the 'Host' appears to be case sensitive. Is this intentional?
I have a long hostname with various arguments in my client config, so I created a second Host entry with the Hostname pointing to the long name (see below).
Host CT106-LongHost-Name-With-Mixed-Case
...
- 21
0
votes
0
answers
227
views
auth.log errors: kex_exchange_identification: banner line contains invalid characters
I have the auth log with thousands of:
error: kex_exchange_identification: banner line contains invalid characters
I can't find which process is causing this. How can I troubleshoot it?
Using: Ubuntu ...
- 137
0
votes
1
answer
43
views
Permission denied (publickey) using ProxyCommand
I have two servers which I ssh jump into using a third server. I can get into one of the servers, but not the other, even though my public key is marked on both servers under authorized_keys.
My local ...
- 101
1
vote
0
answers
12
views
Is there a way to make overriding host-restricted declarations work in the presence of hostname canonicailzation in SSH config?
I like security, so my SSH config is set to insist on modern MACs by default. But my company which has a few rather old servers on its intranet, which don't support those MACs. So for those, i have an ...
- 427
0
votes
0
answers
15
views
How to use gnome-keyring in virt-manager / remote-viewer for decrypting an encrypted SSH key?
I use virt-manager to connect to a remote KVM/libvirt hypervisor over SSH. After connecting to the server, I can interact with machines just like if they were on my local computer (under the hood, ...
- 131
0
votes
0
answers
33
views
FreeIPA SSH keys not working with Ubuntu
I have FreeIPA setup and its working fine so far with Centos7, Rocky8 and Rocky 9 machines. Users can SSH into machines using their SSH keys.
Yesterday I added a Ubuntu machine and it wont let me SSH ...
- 31
0
votes
0
answers
21
views
SSH -- Open in browser window (GCP) isn't working
I have a virtual machine in Google Cloud Platform. I have been able until this morning to open a window using "SSH Open in browser window". I haven't changed anything. I stopped the machine ...
0
votes
0
answers
32
views
How safely obtain and check host public key for `known_hosts`?
For a newly deployed instance I get the following message for the first time SSH connection:
The authenticity of host '[hostname] ([IP address])' can't be established.
RSA key fingerprint is [key ...
- 216
0
votes
1
answer
46
views
certutil over ssh (RPC server is unavailable)
When executing a certutil request from a local powershell everything is ok.
PS C:\Users\admuser> certutil -ping -config 'caserver\ca'
Connecting to caserver\ca ...
Server "ca" ...
- 111
0
votes
1
answer
68
views
Suddenly, outbound scp, sftp, rsync, & ssh /bin/true fail; ssh still works
Problem
On my MacBook Pro running Mac OS 10.15.7, I cannot do outbound scp, sftp, or rsync to seemingly any server (I've tried ~10 I own). I also cannot run remote commands by ssh, e.g. ssh ...
0
votes
0
answers
42
views
SSH Egress Settings for Google Cloud Functions to connect to Egnyte SFTP
I'm attempting to use Google Cloud Function to connect with an Egnyte SFTP server and transfer files to Google Cloud Storage.
Currently, I have a Python script that uses Paramiko to connect and that ...
- 1
0
votes
1
answer
45
views
su command not set BASH_VERSION value and not load profile
I have a Ubuntu 20.04 LTS server version and have a strange problem creating a new user and use it in the shell from a ssh connection. The steps to reproduce it:
Use he root account to create new ...
- 173
0
votes
2
answers
88
views
SSH agent forwarding when Host and Hostname different
On my client I have an SSH agent setup and the following example config
Host gitserver
Hostname gitserver.example.com
ForwardAgent yes
User git
IdentityFile C:\Users\user\.ssh\id_rsa.pub
...
- 11
0
votes
0
answers
16
views
How to copy ssh-copy-id to vagrant guest os from host os
I've created a vagrant guest machine. Below is the Vagrantfile -
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/lunar64"
...
0
votes
0
answers
85
views
gcloud compute ssh asking for password
Here is my situation - I have been SSHing into my VM instances on Google Cloud Platform for years without any issue using the command:
gcloud compute ssh jackson@myservername
I just got a new macbook ...
google-compute-engine
0
votes
1
answer
77
views
How to setup a SSH connection using a variable hostname provided by jump server
I want to create a .sshconfig file for the case where I need to connect to a login node (the jump server), get the hostname from that node by running a command, and then ssh to that hostname using the ...
0
votes
1
answer
68
views
How to prevent OpenSSH from creating a new known_hosts file every time it updates it?
It seems that every time I accept a new host key, ssh (I've tested 8.6p1 and 9.3p2) does the following steps:
Move the known_hosts file to known_hosts.old;
Create a new known_hosts file;
Copy the ...
- 103
0
votes
1
answer
66
views
Why isn't the ProxyJump parameter inherited for specified IP range in SSH config?
I use a jump server (lab1) to connect to servers with IPs starting with 10.*. All other servers shouldn't use lab1 as jump server and need a different key.
In the main config there are two included ...
- 105
0
votes
1
answer
49
views
AD Domain joined linux server equivalent of NLA
First, some background.
Today, if you're in a mostly-Windows Server AD environment with just a small number of linux servers, you have a choice for authenticating to the servers via SSH:
Manage the ...
- 12.9k
0
votes
0
answers
21
views
2FA SSH authorization by a different user
Is there a way to enable two-factor (2FA) SSH authorization for multiple specified users (not everyone) when their login attempts are confirmed by a different person?
So, on the server with users a b ...
