rm ~/.ssh/known_hosts ; sudo rm /etc/ssh/*key* ; sudo dpkg-reconfigure openssh-server
sudo apt-get install keychain ssh-askpass
killall ssh-agent ssh-agent $SHELL ssh-add $HOME/.ssh/id_rsa && ssh-add -L && ssh-copy-id localhost && ssh localhost
redirect HTTPS port to standard port 22 :
iptables -t nat -A PREROUTING -p tcp --dport 143 -j REDIRECT --to-ports 22
ssh -p 22 localhost # ok ssh -p 143 localhost # ko
Software : http://gstm.sourceforge.net/?page_id=5
key auth:
l=localhost u=$USER for h in $l ; do cat ~/.ssh/*.pub | ssh $u@$h "cat >> ~/.ssh/authorized_keys"; done
Tunnel
ssh -R 1234:here:8022 thereuser@therehost # @ Here ssh -p 1234 hereuser@localhost # There
sudo httptunnel -A USER:PASS -P ${PROXY}:3128 -F 222 remote:22 # here behind ssh -R 1234:localhost:22 -P 222 user@localhost # @ remote
ssh -L localport:remotehost:distport ? ssh -R distport:localhost:localport ?
export HERE_HOST=localhost export HERE_PORT=8800
ssh -L 8800:localhost:3128 # @here ssh -R ? :localhost: ? # @here
ssh localhost:1234 # @here , will connect to @there
ssh-add -L || ssh-add || eval $(ssh-agent) ssh-agent | tee ~/.ssh/tmp.sh && . ~/.ssh/tmp.sh && ssh-add ssh-copy-id localhost && ssh localhost
ssh-keygen -p -f ~/.ssh/id_rsa # update passphrase
cat *.tar.bz2 | ssh -C root@tel 'mkdir -p /home/ && cd /home && tar xfvj -'
echo $SOCKS_SERVER
man ssh ssh2 SSH_SOCKS_SERVER If SOCKS is used, it is configured with this vari able. The format of the variable is socks://user name@socks_server:port/network/netmask,network/net mask ... f
scp user@host:port:/path/ ./ FATAL: failed to begin relaying via HTTP. ssh_exchange_identification: Connection closed by remote host
Port seems ignored , workaround :
grep Port /etc/ssh/ssh_config Port 443
OpenSSH_7.3p1, OpenSSL 1.0.2l 25 May 2017
Permissions 0644 for '/cygdrive/h/.ssh/id_rsa' are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /cygdrive/h/.ssh/id_rsa
# [[Cygwin]] chmod -v 700 ~/.ssh chmod -v 400 ~/.ssh/id_dsa chmod -v 644 ~/.ssh/id_dsa*.pub chmod -v 644 ~/.ssh/ssh_config chmod -v 644 ~/.ssh/known_host chmod -v 644 ~/.ssh/authorized_key
http://www.nocrew.org/software/httptunnel.html
Server:
sshd hts -forward-port localhost:22 80
Client:
htc -forward-port 1022 ${sshd_host}:80 ssh -L 1110:${mail_host}:110 ${USER_SSH}@localhost -p 1022
Check mail at localhost:1110 (will fwd to mailhost:110)
debug1: read_passphrase: can't open /dev/tty: Permission denied Host key verification failed.
ssh_exchange_identification: Connection closed by remote host
check using nmap ?
nmap -p $port $host Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-28 01:14 CET Nmap scan report for $host ($ip) Host is up (0.078s latency). rDNS record for $ip: $host PORT STATE SERVICE $port/tcp filtered unknown
On CygwiN
ssh -vvv root@rpi ssh_exchange_identification: read: Connection reset by peer
Solution:
check /etc/hosts.deny chown /var/lib/empty
[[SystemD]]
Q:
ssh -vvv $host
[root@archlinux rzr]# journalctl -f | grep ssh Feb 19 09:03:09 archlinux sshd[8332]: Authentication refused: bad ownership or modes for file /home/rzr/.ssh/authorized_keys Feb 19 09:03:09 archlinux sshd[8332]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
A:
file ${HOME}/.ssh # should be a dir and not a fuse mounted dir chmod g-w ${HOME} chmod 700 ${HOME}/.ssh chmod 600 ${HOME}/.ssh/authorized_keys
"X11 forwarding request failed on channel "
/etc/ssh/sshd_config +X11UseLocalhost no
sshfs $host:$dir $dir -o nonempty -o uid=1001 -o gid=1001 -p 443 -o sshfs_debug -o debug -o LogLevel=DEBUG3 debug1: Sending subsystem: sftp debug2: channel 0: request subsystem confirm 1 debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32668 debug2: channel_input_status_confirm: type 100 id 0 subsystem request failed on channel 0 read: Connection reset by peer
sudo aptitude reinstall --purge openssh-sftp-server