Syndicate content

ssh

Ever wondered how to verify the remote host fingerprint on SSH connect?

WARNING: This is actually wrong. The -F is a SEARCH feature. Not a way to recalculate the value on your own system. So you can verify that the value is the same in your database, but SSH already does that and shows you that terrible warning... so in effect it is the exact same command.

Whenever you connect to a computer with SSH, it gives you a fingerprint of the host.

Ever wondered how to check whether that fingerprint is a match? Yeah... I figured, 99% of us don't even know how to make sure that it is indeed a match.

There is the command line to generate that fingerprint:

    ...

Gnome Keyring stopped working...

At some point in time, I upgraded Ubuntu and my Gnome Keyring stopped working. So each time I do ssh I have to enter the password at the prompt and that's a bit annoying after a while (depends how much I access the servers, obviously.)

I read many threads ZERO of them gave me an answer I want to hear. All of them speak of things that do not make sense in that situation. So I tried to install a brand new clean 14.04 server + ubuntu-desktop and guess what... Gnome Keyring is installed and everything makes me think that is is correctly installed (I get the correct SSH_AUTH_SOCK value) and ...

Lost SSH key graphical prompt and auto-add to SSH agent

At some point in the past, my system somehow lost the ability to avoid asking me for my key every time I connect to one of my servers. It generally okay, I don't do so much work on that server that I'd have to connect all the time...

However, it is annoying when, once in while, I end up doing a lot of work, back and forth.

The ssh-agent was installed and working. I could add the key manually:

ssh-add ~/.ssh/my-secret-key
ssh-add -l

The ssh-add command allows you to add and remove keys from the ssh-agent. The -l command line option lists the keys currently held by the agent.

...

Supermicro X9SCI/X9SCA, video is gone!

As I am still trying to get my computers to work with a dual seat (or multiseat), I did an attempt in using the onboard video (a relatively decent Matrox card.) So I went in the BIOS and changed the setup for the video from Offboard to Onboard. Big mistake!

The video stopped working. On reboot the computer beeped 8 times and booted the OS normally (I have SSH setup so I could access the computer, but absolutely no video on either port: on board and off board.)

I have a Supermicro X9SCI/X9SCA. Searching for "no video" or "missing video on boot"... returned nothing ...

Using non-default private key for Launchpad

As I was looking around for the way to specify the correct key for launchpad, I could not find it. Luckily the ssh process is running when it asks for the passphrase so I could see the URL used to access the launchpad server from Bazaar. It is:

bazaar.launchpad.net

The address is not visible by default because you use the lp: protocol instead of a full URI to access launchpad.

  Host bazaar.launchpad.net
    HostName bazaar.launchpad.net
    User <your launchpad username>
    PasswordAuthentication no
    HostbasedAuthentication no
    IdentitiesOnly yes
    IdentityFile ...

Remote access to another MS-Windows computer

I have used several different software to gain remote access to other's computers.

With a Unix system, it's easy. You use ssh and you can do everything you want (although some people just cannot handle a console, I'm fine with such, but ssh allows you to access X-Windows if you'd like with the -X command line option.)

With MS-Windows, since that system is just a desktop application, you need a special tool in order to achieve that feat. Most of them are for money or make use of things that do not work under Linux. Yet, there is one that I like, it is called TeamViewer. It was ...

Hacking my NVG510 device

Earlz found a way to hack the NVG510 device and wrote a page about it: Rooting The NVG510 from the WebUI

He also offers a page that one can use to allow telnet connections to the NVG510 (by default it is locked up.) From there you can allow ssh and tftp connections too.

Note that this means if you are logged in your NVG510 and you click on a link on a bad server, you could actually allow remote connections from anyone! So that's a dangerous back door, although if you are not logged in the Web interface, then it is fine (assuming you do not then log in without thinking!?)

Just in case ...

Prevent shutdown from GUI while using ssh from another computer

Polkit-1

This feature works along systemd and loginctl to create sessions for users and check current statuses defined in rules files. This is supposed to be enough to prevent someone from shuting down a computer from the GUI when an administrator is logged in via SSH.

Thus far, I have not been able to find a way to get that to work for like 1 year. I'm going to put information about my research. Various pages talking about, documentation, etc.

First of all, there is a manual page which is likely already installed on your system:

man pklocalauthority

Now a list of pages I have ...

Too many authentication failures for <username>

Today I tried to make use of sftp to transfer a website to SourceForge.net. Unfortunately, it kept giving me an error:

Received disconnect from <IP address>: 2: Too many authentication failures for <username>

I looked around why that would happen and could not really find anything decisive... until I found an issue in the trac system that SourceForge.net uses. That issue mentioned the fact that the ssh-agent could be the culprit.

It was. Somehow the ssh-agent was sending key after key after key... exhausting the number of keys that SourceForget.net will accept and thus made it

SSH authorized_keys features

Pretty much every day I learn something... Today it will be the fact that you can enter variables in front of a key that will request the SSH deamon to verify a certain number of facts in regard to the connection being made.

For instance, it can automatically test that the IP address of the person connecting is a specific IP (if you have a static IP address, very practical!)

Syndicate content Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.