Thanks, Bruce, Belaow, my reply. Below, but before the reply another point of your post to Ken interests me too, perhaps will solve a problem I have.
--- Em qua, 3/4/13, Bruce Dubbs escreveu: > De: Bruce Dubbs > Assunto: Re: [blfs-support] openssh-6.2p1 messages > Para: "BLFS Support List" > Data: Quarta-feira, 3 de Abril de 2013, 14:45 > Fernando de Oliveira wrote: > > --- Em qua, 3/4/13, Ken Moffat escreveu: > > > >> De: Ken Moffat > >> Assunto: Re: [blfs-support] openssh-6.2p1 messages > >> Para: "BLFS Support List" > >> Data: Quarta-feira, 3 de Abril de 2013, 3:10 > >> On Wed, Apr 03, 2013 at 12:14:35AM > >> -0500, Bruce Dubbs wrote: > >>> Ken Moffat wrote: > >>> ... > >>> and sometimes had issues with networrk > timeouts > >> (ServerAlive*). I like > >>> to disable sshv1 also since it's not secure. In an ssh session, connection to one particular machine many times is lost. Perhaps what is happening is that timeout you mentioned. Would you please help me to learn how I could test and solve this? ... > > > > Perhaps you might find this useful. > > > > I have had this problem in a VM running ArchLinux, > using rsync (over > > ssh). > > > > Messages: > > > > no such identity: /home/USER/.ssh/id_rsa: No such file > or directory > > no such identity: /home/USER/.ssh/id_dsa: No such file > or directory > > no such identity: /home/USER/.ssh/id_ecdsa: No such > file or directory > > > > Solved by using > > > > cat >> ~/.ssh/config << "EOF" > > LogLevel ERROR > > EOF > > chmod -v 0600 ~/.ssh/config > > That looks like the output is coming from syslogd. > Look at > /etc/syslog.conf to see if anything is outputting from > there. Tuning > ssh's log level is a good idea too. The > default is INFO. First, I am glad with your and Ken's reply, reassured that no security problem could come from this solution above. In the ArchLinux VM, there is no syslog.conf. I found there syslog-ng, but it is not installed, system uses systemd. Thus, really do not know where to look for the system's default log level configuration. > > The levels of security vary a bit. You can create a > key without a pass > phrase, use ssh-agent, or manually type in a pass phrase > every time you > want to use a key. Then there is the type > of key and the key length > that can be varied. > As you well know, I still have a very very small knowledge about security, so, what follows might be obvious for others. I always type a password, for rsync from other machines to this LFS, so I think I am using "manually type in a pass phrase every time you want to use a key", of your reply. The key for the other machine has to be accepted, in the first session. A rule in iptables allows, in this LFS machine, connection only for tcp from the other ip, and only to one port. Hope this is secure enough. []s, Fernando I still miss very basic necessary knowledge, in Linux. Many decades ago, I was able to program in assembler Z80 and Intel 8086, and remember vaguely, I knew by heart most important memory addresses. I created then a graphical library to link with fortran, to display data on screen from fortran programs for data analysis of numerical calculations I was doing. At the time, I knew no other way to do that. It was MS-DOS. Not the same man I used to be. -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
