Re: SSH question
Hi! On Thu, 14 Aug 2008 10:06:46 +0800, EdwardKing [EMAIL PROTECTED] wrote: I use SSH to remote FreeBSD $ssh [EMAIL PROTECTED] password: Then I SSh to suspend client in that remote machine: $~ /home/tom: Permission denied Permission denied? Why? How to do that? In opposite to Matthew Seaman I don't think it's an escape code problem here. Instead, it seems you're trying to execute your home directory. :-) The $ sign seems to imply you're using the Bourne Shell. The same problem you described can be done using the C Shell: % ~ /home/poly: Permission denied. When I try this in BASH, I get this: $ ~ bash: /home/poly: is a directory Maybe % cd ~ is what you indended to do? -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SSH question
I use SSH to remote FreeBSD $ssh [EMAIL PROTECTED] password: Then I SSh to suspend client in that remote machine: $~ /home/tom: Permission denied Permission denied? Why? How to do that? -- Confidentiality Notice: The information contained in this e-mail and any accompanying attachment(s) is intended only for the use of the intended recipient and may be confidential and/or privileged of Neusoft Corporation, its subsidiaries and/or its affiliates. If any reader of this communication is not the intended recipient, unauthorized use, forwarding, printing, storing, disclosure or copying is strictly prohibited, and may be unlawful. If you have received this communication in error, please immediately notify the sender by return e-mail, and delete the original message and all copies from your system. Thank you. --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH question
EdwardKing wrote: I use SSH to remote FreeBSD $ssh [EMAIL PROTECTED] password: Then I SSh to suspend client in that remote machine: $~ /home/tom: Permission denied Permission denied? Why? How to do that? What happened here is that you were trying to type an escape code into ssh -- eg. ~^Z (suspend) or ~. (quit) However, '~' is actually a fairly common character in normal usage, so ssh will pass it through to the remote login session unless you get the escape sequence exactly right. The ~ character must be the first thing on a new line, and it must be followed by one of the known key codes, which you can list by using the ~? escape during a ssh session. It seems that you typed something wrong: perhaps you managed to type ~~ which means your shell on the remote machine would receive the ~ character. This it would duely expand to be the path to your home directory. It then tried to execute that path, but directories are not executable, resulting in the 'permission denied' message. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
An ssh Question
I have a machine that is my firewall/gateway to a private network NATing non-routable addresses. I can ssh at-will from hosts on the private network to machines out on the net, but when I try to ssh from the firewall machine to a particular address, it just hangs and eventually times out. Verbose output is: OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to xx.com [x.x.x.x] port 22. What is really baffling is that if I try the exact same thing from, say, a cygwin session on a host on the private network - this works fine. So ... it's not a firewall problem as near as I can tell. It may be an ssh configuration problem - that is, the FreeBSD ssh client can't do it, but another client (cygwin) can. Ideas? -- Tim Daneliuk [EMAIL PROTECTED] PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
On Sat, Jul 07, 2007 at 02:52:21AM -0500, Tim Daneliuk wrote:
I have a machine that is my firewall/gateway to a private network NATing
non-routable addresses. I can ssh at-will from hosts on the private
network to machines out on the net, but when I try to ssh from the
firewall machine to a particular address, it just hangs and eventually
times out. Verbose output is:
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to xx.com [x.x.x.x] port 22.
What is really baffling is that if I try the exact same thing from, say,
a cygwin session on a host on the private network - this works fine.
So ... it's not a firewall problem as near as I can tell.
It sure sounds like a firewall problem to me. Why do you think
otherwise?
--
Jonathan Chen [EMAIL PROTECTED]
--
char *p=char *p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to xx.com [x.x.x.x] port 22. What is really baffling is that if I try the exact same thing from, say, a cygwin session on a host on the private network - this works fine. So ... it's not a firewall problem as near as I can tell. It may be an ssh configuration problem - that is, the FreeBSD ssh client can't do it, but another client (cygwin) can. It would be helpful if you include your firewall ruleset, plus sshd_config. It's possible that one or more is misconfigured, but we would have no way of knowing without your telling us about them. SC ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
Jonathan Chen wrote: On Sat, Jul 07, 2007 at 02:52:21AM -0500, Tim Daneliuk wrote: I have a machine that is my firewall/gateway to a private network NATing non-routable addresses. I can ssh at-will from hosts on the private network to machines out on the net, but when I try to ssh from the firewall machine to a particular address, it just hangs and eventually times out. Verbose output is: OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to xx.com [x.x.x.x] port 22. What is really baffling is that if I try the exact same thing from, say, a cygwin session on a host on the private network - this works fine. So ... it's not a firewall problem as near as I can tell. It sure sounds like a firewall problem to me. Why do you think otherwise? Because machines *behind* the firewall can get out to the machine in question, but the firewall machine itself cannot... -- Tim Daneliuk [EMAIL PROTECTED] PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
Simon Chang wrote: OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to xx.com [x.x.x.x] port 22. What is really baffling is that if I try the exact same thing from, say, a cygwin session on a host on the private network - this works fine. So ... it's not a firewall problem as near as I can tell. It may be an ssh configuration problem - that is, the FreeBSD ssh client can't do it, but another client (cygwin) can. It would be helpful if you include your firewall ruleset, plus sshd_config. It's possible that one or more is misconfigured, but we would have no way of knowing without your telling us about them. SC I have opened up the firewall entirely just to test, and this does not solve the problem: 00100 162 18088 divert 8668 ip from any to any via fxp0 001000 0 allow ip from any to any via lo0 002000 0 deny ip from any to 127.0.0.0/8 003000 0 deny ip from 127.0.0.0/8 to any 65000 206 21586 allow ip from any to any 65535 3872 652732 deny ip from any to any The ssh config is untouched and has only comments in it: # $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $ # $FreeBSD: src/crypto/openssh/ssh_config,v 1.27.2.4 2006/11/11 00:51:28 des Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for # users, and the values can be changed in per-user configuration files # or on the command line. # Configuration data is parsed as follows: # 1. command line options # 2. user-specific file # 3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end. # Site-wide defaults for some commonly used options. For a comprehensive # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. # Host * # ForwardAgent no # ForwardX11 no # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no # BatchMode no # CheckHostIP no # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no # VersionAddendum FreeBSD-20061110 -- Tim Daneliuk [EMAIL PROTECTED] PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
Tim Daneliuk wrote: Simon Chang wrote: Nevermind - it was total pilot error on my part involving being up way too late and not using my noggin' ... sorry to disturb... carry on ;) -- Tim Daneliuk [EMAIL PROTECTED] PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: An ssh Question
On Sat, Jul 07, 2007 at 11:59:28AM -0500, Tim Daneliuk wrote: Jonathan Chen wrote: On Sat, Jul 07, 2007 at 02:52:21AM -0500, Tim Daneliuk wrote: I have a machine that is my firewall/gateway to a private network NATing non-routable addresses. I can ssh at-will from hosts on the private network to machines out on the net, but when I try to ssh from the firewall machine to a particular address, it just hangs and eventually times out. Verbose output is: OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to xx.com [x.x.x.x] port 22. What is really baffling is that if I try the exact same thing from, say, a cygwin session on a host on the private network - this works fine. So ... it's not a firewall problem as near as I can tell. It sure sounds like a firewall problem to me. Why do you think otherwise? Because machines *behind* the firewall can get out to the machine in question, but the firewall machine itself cannot... So, the question is: Is firewall configured so that the firewall host is allowed to outgoing ssh connections to the 'Net or the internal network? What firewall software is being used? -- Jonathan Chen [EMAIL PROTECTED] -- Power corrupts, Absolute Power is pretty neat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SSH question (some kind off-topic)
Hi list. When a password is send (via a POP3 session without SSL, or without establishing a secure connection) it can be retrieved by the ISP, or somebody ahead, right. AFAIK, making an SSH session to a server and forwarding, for instance, port 110 (POP3) to the SSH session, or some other port / application, passwords and / or traffic cannot be retrieved as easy by proxy servers or sniffers. So my question is what happens in the SSH server then, the traffic can be analyzed on that side? Really I don't know what happens when traffic reach the SSH server and keep their way. Thanks in advance. Please reply-me directly, I have delivery disabled some time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH question (some kind off-topic)
At 5:42p -0400 on 19 May 2007, Arvee Klesk wrote: Hi list. When a password is send (via a POP3 session without SSL, or without establishing a secure connection) it can be retrieved by the ISP, or somebody ahead, right. AFAIK, making an SSH session to a server and forwarding, for instance, port 110 (POP3) to the SSH session, or some other port / application, passwords and / or traffic cannot be retrieved as easy by proxy servers or sniffers. So my question is what happens in the SSH server then, the traffic can be analyzed on that side? Really I don't know what happens when traffic reach the SSH server and keep their way. Sounds like your asking How does ssh work? I'm not sure at what level you're asking this question, but let me point you to a couple of websites and perhaps you can figure out what you need, or come back with a more direct question. http://en.wikipedia.org/wiki/Public-key_cryptography http://www.linuxforums.org/forum/linux-security/53254-how-does-ssh- exactly-work.html You might also Google for the keywords trusting trust and Ken Thompson HTH, Kevin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tarring over ssh question - pulling from the source to tarfiles
On Wed, 2 Nov 2005 05:51 pm, Glenn Dawson wrote: At 11:20 PM 11/1/2005, user wrote: Hello, Sometimes I have a bunch of data that I want to transfer from source to destination over ssh, but I want to tar it up on the way over (that is, I don't have enough space on the source to create a tarball of the data and then just scp the tarball over...) I do that like this: tar cf - /files | ssh [EMAIL PROTECTED] cat /usr/home/user/file_data2.tar or if I want to split it into multiple files: tar cf - /files | ssh [EMAIL PROTECTED] split - -b 1024m /usr/home/user/file_data2.tar This works just fine. - My question is, what if I want to initiate this process from the destination machine ? In the above example, I am on the source machine, and I ssh to the destination, making the tar files as it goes. What if, instead, I am logged into the destination machine, and I want to do the same thing - all from the destination machine ? That is, I know that there is a directory /files on the source that I want, and I have a login to ssh them to me, but I do not want to logon to the source - I want to suck /files to me, but also tar them up on the way. Is that possible ? rsync/rdist are not available. I need to do this over ssh and tar, as in the above examples. rsync would be a much better choice for your needs. You must have more information than revealed in the query to know this. user does say that he requires a tar file. To user From the other end:- % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar Redirection following ssh ( '|' and '' ) occur at the local end unless within quotes. Thus: % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar or: % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar would attempt to create the tar archive on the remote machine. Malcolm -Glenn thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tarring over ssh question - pulling from the source to tarfiles
Malcolm Kay wrote: On Wed, 2 Nov 2005 05:51 pm, Glenn Dawson wrote: At 11:20 PM 11/1/2005, user wrote: Is that possible ? rsync/rdist are not available. I need to do this over ssh and tar, as in the above examples. To user From the other end:- % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar Redirection following ssh ( '|' and '' ) occur at the local end unless within quotes. ah, nice . thanks for the tip!:) Thus: % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar or: % ssh [EMAIL PROTECTED] tar -f /files | cat /usr/home/user/file_data2.tar would attempt to create the tar archive on the remote machine. FWIW, | dd of=/usr/home/user/file_data2.tar should work as well instead of | cat /usr/home/user/file_data2.tar Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tarring over ssh question - pulling from the source to tarfiles
On Nov 1, 2005, at 11:20 PM, user wrote: I do that like this: tar cf - /files | ssh [EMAIL PROTECTED] cat /usr/home/user/file_data2.tar or if I want to split it into multiple files: tar cf - /files | ssh [EMAIL PROTECTED] split - -b 1024m /usr/home/user/file_data2.tar This works just fine. - Have you tried using scp as opposed to SSH? I'm not sure if the piping of output would work correctly, but it's a thought. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
tarring over ssh question - pulling from the source to tarfiles
Hello, Sometimes I have a bunch of data that I want to transfer from source to destination over ssh, but I want to tar it up on the way over (that is, I don't have enough space on the source to create a tarball of the data and then just scp the tarball over...) I do that like this: tar cf - /files | ssh [EMAIL PROTECTED] cat /usr/home/user/file_data2.tar or if I want to split it into multiple files: tar cf - /files | ssh [EMAIL PROTECTED] split - -b 1024m /usr/home/user/file_data2.tar This works just fine. - My question is, what if I want to initiate this process from the destination machine ? In the above example, I am on the source machine, and I ssh to the destination, making the tar files as it goes. What if, instead, I am logged into the destination machine, and I want to do the same thing - all from the destination machine ? That is, I know that there is a directory /files on the source that I want, and I have a login to ssh them to me, but I do not want to logon to the source - I want to suck /files to me, but also tar them up on the way. Is that possible ? rsync/rdist are not available. I need to do this over ssh and tar, as in the above examples. thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tarring over ssh question - pulling from the source to tarfiles
At 11:20 PM 11/1/2005, user wrote: Hello, Sometimes I have a bunch of data that I want to transfer from source to destination over ssh, but I want to tar it up on the way over (that is, I don't have enough space on the source to create a tarball of the data and then just scp the tarball over...) I do that like this: tar cf - /files | ssh [EMAIL PROTECTED] cat /usr/home/user/file_data2.tar or if I want to split it into multiple files: tar cf - /files | ssh [EMAIL PROTECTED] split - -b 1024m /usr/home/user/file_data2.tar This works just fine. - My question is, what if I want to initiate this process from the destination machine ? In the above example, I am on the source machine, and I ssh to the destination, making the tar files as it goes. What if, instead, I am logged into the destination machine, and I want to do the same thing - all from the destination machine ? That is, I know that there is a directory /files on the source that I want, and I have a login to ssh them to me, but I do not want to logon to the source - I want to suck /files to me, but also tar them up on the way. Is that possible ? rsync/rdist are not available. I need to do this over ssh and tar, as in the above examples. rsync would be a much better choice for your needs. -Glenn thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VNC + SSH question..
Hey guys had a SSH forward question so here goes... I have 2 computers on my lan one of them is a server and the other is my desktop. Desktop 192.168.1.104 Server 192.168.1.103 Now I have port forwarding setup on my crappy linksys router so 22 is pointing to my Server (192.168.1.103) My question is this... I would like to tightVNC to my Desktop (192.168.1.104) forwarding it through SSH. Now from what I understand If my router was pointing to my desktop this would not be a problem at all. All I would have to do is SSH to my IP while forwarding 22 to 5900. However I cant do it this way since 22 is pointing to my server. So I figured I would ssh into my server and issue a command such as ssh 192.168.1.103 -L22:192.168.1.104:5900 however once im in and I run vncview it obivoiusly can be displayed becuase Im not running X on the server. Am I way off here? Is there a way to do this? Will I need to forward 22 on my router to the desktop as well as server? Is there a way to connect to my server thats not running X and some how vnc into my desktop? On the remote machines I'd be useing PuTTY for windows and SSH on Linux box's. Prehaps someone can give me a step by step guide? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VNC + SSH question..
On Aug 31, 2005, at 9:22 AM, Eric Murphy wrote: Hey guys had a SSH forward question so here goes... I have 2 computers on my lan one of them is a server and the other is my desktop. Desktop 192.168.1.104 Server 192.168.1.103 Now I have port forwarding setup on my crappy linksys router so 22 is pointing to my Server (192.168.1.103) My question is this... I would like to tightVNC to my Desktop (192.168.1.104) forwarding it through SSH. Now from what I understand If my router was pointing to my desktop this would not be a problem at all. All I would have to do is SSH to my IP while forwarding 22 to 5900. However I cant do it this way since 22 is pointing to my server. So I figured I would ssh into my server and issue a command such as ssh 192.168.1.103 -L22:192.168.1.104:5900 however once im in and I run vncview it obivoiusly can be displayed becuase Im not running X on the server. Am I way off here? Is there a way to do this? Will I need to forward 22 on my router to the desktop as well as server? Is there a way to connect to my server thats not running X and some how vnc into my desktop? On the remote machines I'd be useing PuTTY for windows and SSH on Linux box's. Prehaps someone can give me a step by step guide? Thanks. To my knowledge TightVNC doesn't support access to X via the :0'th display. That may be your problem and not your port forwarding setup, because it appears-at least to me-that it is correct. So, try a different display or if you want access via display :0 try x11vnc. Note that it may be considered more of a security issue since it would connect directly to your desktop's display. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VNC + SSH question..
Hey guys had a SSH forward question so here goes... I have 2 computers on my lan one of them is a server and the other is my desktop. Desktop 192.168.1.104 Server 192.168.1.103 Now I have port forwarding setup on my crappy linksys router so 22 is pointing to my Server (192.168.1.103) My question is this... Not sure this will help since I'm not sure where exactly you're viewer is, but maybe it will... http://www.pjkh.com/wiki/vnc_through_an_ssh_proxy -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VNC + SSH question..
On 8/30/05, Eric Murphy [EMAIL PROTECTED] wrote: Hey guys had a SSH forward question so here goes... I have 2 computers on my lan one of them is a server and the other is my desktop. Desktop 192.168.1.104 Server 192.168.1.103 Now I have port forwarding setup on my crappy linksys router so 22 is pointing to my Server (192.168.1.103) My question is this... I would like to tightVNC to my Desktop (192.168.1.104) forwarding it through SSH. Now from what I understand If my router was pointing to my desktop this would not be a problem at all. All I would have to do is SSH to my IP while forwarding 22 to 5900. However I cant do it this way since 22 is pointing to my server. So I figured I would ssh into my server and issue a command such as ssh 192.168.1.103 -L22:192.168.1.104:5900 however once im in and I run vncview it obivoiusly can be displayed becuase Im not running X on the server. Am I way off here? Is there a way to do this? Will I need to forward 22 on my router to the desktop as well as server? Is there a way to connect to my server thats not running X and some how vnc into my desktop? Why not just forword it to a diffrent port, at the router forward port 23 (any port) to 192.168.1.104:22? On the remote machines I'd be useing PuTTY for windows and SSH on Linux box's. Prehaps someone can give me a step by step guide? http://www.maths.utas.edu.au/People/Hill/vnc/vnc.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VNC + SSH question..
On 8/30/05, Eric Murphy [EMAIL PROTECTED] wrote: Can you give me an example at what that would look like if im useing a linux box...can you giev me the command line santax? I used port to point to 192.168.1.104:22 Umm? I'm talking about simple NAT port forwarding: VNC Putty SSL Tunnel:23 -- Internet -- [Port23 - (NAT/Router/Firewall) - Port22] -- FreeBSD Desktop. Something like this; just change the Ext. port to 23 and Int. to 192.168.1.104:22: http://www.m0n0.ch/wall/screens/firewall_nat.png Why can't you do that? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dump/restore over ssh question
From: Andy Firman [EMAIL PROTECTED] On Fri, May 06, 2005 at 04:28:40PM +0100, Xian wrote: To restore the filesystems: Boot from a rescue disk and create the partitions of on the disk. I've never smashed anything badly enough to need to work out how to do this. At least the partitions were still there. Well this is more complicated than it seems. First of all, using the fixit mode from 4.11-RELEASE-i386-disc2.iso and trying to use disklabel -e does not work. It gives this error: disklabel: /mnt2/stand/vi: No such file or directory It turns out vi is located at /mnt2/usr/bin/vi and one has to set EDITOR=/mnt2/usr/bin/vi for disklabel to work. Is that a bug? This also happens when I boot off disk1, enter fixit mode, and use the live filesystem with disk2. It is very easy to dump filesystems for backup, but it is not easy to restore filesystems. (I am trying to do this all over ssh...not tape) It is probably just better, easier, faster, to backup all your data and config files (rsync -e ssh -avp ...) and in case of disk failure, replace the disk, install fresh OS, then restore data and config files. What do you think? Why not just create a bootable disk *as* your backup. That's what I do. I run it once a week and then also backup every night to a disk based backup server. If my system disk fails, I just need to but off of my backup disk and then restore my nightly backups. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dump/restore over ssh question
On Fri, May 06, 2005 at 04:28:40PM +0100, Xian wrote: To restore the filesystems: Boot from a rescue disk and create the partitions of on the disk. I've never smashed anything badly enough to need to work out how to do this. At least the partitions were still there. Well this is more complicated than it seems. First of all, using the fixit mode from 4.11-RELEASE-i386-disc2.iso and trying to use disklabel -e does not work. It gives this error: disklabel: /mnt2/stand/vi: No such file or directory It turns out vi is located at /mnt2/usr/bin/vi and one has to set EDITOR=/mnt2/usr/bin/vi for disklabel to work. Is that a bug? This also happens when I boot off disk1, enter fixit mode, and use the live filesystem with disk2. It is very easy to dump filesystems for backup, but it is not easy to restore filesystems. (I am trying to do this all over ssh...not tape) It is probably just better, easier, faster, to backup all your data and config files (rsync -e ssh -avp ...) and in case of disk failure, replace the disk, install fresh OS, then restore data and config files. What do you think? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dump/restore over ssh question
I am following this guide: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/backup-basics.html and successfully dumped /, /usr, and /var over ssh to another box and called them root-back.gz, usr-back.gz, and var-back.gz. But I can't figure out the restore part. Let's say I replace the harddrive and need to restore the 3 dumped filesystems. How do I go about this for my 4.11 box? What I have done so far is: 1. Replace the hard drive 2. Minimal install of 4.11 so the drive is partitioned the same as before 3. Copied the 3 dumped/gzipped files over ssh to the system w/new drive 4. Then I booted into fixit mode, and am stuck here... How do I restore the 3 filesystems? Thanks, Andy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dump/restore over ssh question
On Friday 06 May 2005 15:34, Andy Firman wrote: I am following this guide: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/backup-basics.htm l and successfully dumped /, /usr, and /var over ssh to another box and called them root-back.gz, usr-back.gz, and var-back.gz. But I can't figure out the restore part. Let's say I replace the harddrive and need to restore the 3 dumped filesystems. How do I go about this for my 4.11 box? What I have done so far is: 1. Replace the hard drive 2. Minimal install of 4.11 so the drive is partitioned the same as before 3. Copied the 3 dumped/gzipped files over ssh to the system w/new drive 4. Then I booted into fixit mode, and am stuck here... How do I restore the 3 filesystems? Thanks, Andy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] To restore the filesystems: Boot from a rescue disk and create the partitions of on the disk. I've never smashed anything badly enough to need to work out how to do this. At least the partitions were still there. Then newfs the partitions. Assuming you are putting back /tmp as well. You will need some temp space for restore to work. newfs -O2 -U /dev/ad0s1a newfs -O2 -U /dev/ad0s1d newfs -O2 -U /dev/ad0s1e newfs -O2 -U /dev/ad0s1f Then mount the filesystems. cd /mnt mkdir root var usr tmp mount /dev/ad0s1a root . . . mount /dev/ad0s1f usr Set the temp dir so restore can use all the temp space it wants setenv TMPDIR /mnt/tmp Then for each file system to be restored, cd into the right place, fetch the backup and restore it. cd /mnt/usr ssh BoxWithBackupsOn cat /path/to/backup | zcat | restore -rf - It would be a wise idea to test this on another box if you can because it is much nicer to attempt a restore knowing it has been done before. -- /Xian When the going gets tough, the tough take a coffee break unknown author ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ssh question
After modifying the sshd.conf to allow my new IP access via ssh I can't connect. I have stopped and restarted the service and the server and double check the conf file. I have checked hosts.allow and found nothing wrong. Is there some other file I need to change as well? If not, how would I go about reinstalling/reconfiguring ssh? Thanks in advance ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh question
After modifying the sshd.conf to allow my new IP access via ssh I can't connect. I have stopped and restarted the service and the server and double 'Allow your new ip address' ? What you can specify on /etc/ssh/sshd_config is the ip the server binds to, not the ip addresses of the clients connecting. (your words suggest you did this) - reconfigure your sshd_config to the old value (your ip address, or 0.0.0.0) and re-start sshd. To limit access to the sshd, use a firewall, like ipfw , pf , or ipfilter. check the conf file. I have checked hosts.allow and found nothing wrong. Is there some other file I need to change as well? If not, how would I go about reinstalling/reconfiguring ssh? Thanks in advance ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- www.6s-gaming.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh question
On Wed, 25 Aug 2004 13:42:52 -0500 Mark Tullos [EMAIL PROTECTED] wrote: After modifying the sshd.conf to allow my new IP access via ssh I can't connect. I have stopped and restarted the service and the server and double check the conf file. I have checked hosts.allow and found nothing wrong. Is there some other file I need to change as well? are you running a firewall? and if so, do you have a port open for ssh? If not, how would I go about reinstalling/reconfiguring ssh? Thanks in advance ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh question
After modifying the sshd.conf to allow my new IP access via ssh I can't connect. I have stopped and restarted the service and the server and double 'Allow your new ip address' ? What you can specify on /etc/ssh/sshd_config is the ip the server binds to, not the ip addresses of the clients connecting. (your words suggest you did this) - reconfigure your sshd_config to the old value (your ip address, or 0.0.0.0) and re-start sshd. To limit access to the sshd, use a firewall, like ipfw , pf , or ipfilter. in addition you can actually limit access to the sshd with the keywords AllowUsers and AllowGroups with the corresponding user/group _names_ (not uid/gid!!!). But there's no option to do this ip-based (this is possible with packetfilters or tcp-wrapper). Do a netstat -na|grep LISTEN|grep 22 to prove on which IP your ssh-Server is listening. -volker ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SSH question
Hello... Sorry if this is too OT, but I recently posted about copying some files from one server to another using scp...I thought I could get that set up easily since I've done it before. Silly me! The primary server is running # ssh -V OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090703f While the server I want to copy FROM is apparently running sshd2: SSH Secure Shell 3.2.3 (non-commercial version) on i686-pc-linux-gnu I have created the pub key on the FreeBSD system with ssh-keygen -t dsa then copied the resulting .pub file to the other server with the name ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Neither one seems to work, and I don't see errors being generated in the logs. The non-BSD system is of turnkey configuration, so I'm kind of limited in how much I can alter it or experiment to get the key working. The authentication for sshd2 says that allowedauthorization type includes publickey. Is there an alteration between openssh and ssh that I have to do to get the non-BSD server to see my BSD server's public key? Offered solutions via google don't seem to be working :-/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH question
On Mon, Jun 07, 2004 at 02:31:43PM -0400, Bart Silverstrim wrote:
While the server I want to copy FROM is apparently running
sshd2: SSH Secure Shell 3.2.3 (non-commercial version) on
i686-pc-linux-gnu
I have created the pub key on the FreeBSD system with
ssh-keygen -t dsa
then copied the resulting .pub file to the other server with the name
~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Neither one seems
to work, and I don't see errors being generated in the logs.
Yes -- the public keys generated by OpenSSH and SSH Corp versions of
ssh(1) are in different formats. You can use ssh-keygen(1) to convert
a public key produced by the SSH Corp product into a format the
OpenSSH can cope with:
% ssh-keygen -i -f ssh-corp-key.pub openssh-key.pub
Or you can got the other way round:
% ssh-keygen -e -f openssh-key.pub ssh-corp-key.pub
('i' is for import, 'e' is for export). You want to do the second,
and then copy the transformed public key into the authorized_keys file
on the target host.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgpXNSXQuoADt.pgp
Description: PGP signature
Re: Quick SSH question
Le 17/05/2004 à 22:22:57-0700, Matt Navarre a écrit When using DSA publuc key authentication with SSH does the [EMAIL PROTECTED] at the end of the public key have any bearing on whether the key wil authenticate or not? It's just for your information. You can put anything (event nothing). Regards -- Albert SHIH Universite de Paris 7 (Denis DIDEROT) U.F.R. de Mathematiques. Heure local/Local time: Tue May 18 13:35:33 CEST 2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Quick SSH question
When using DSA publuc key authentication with SSH does the [EMAIL PROTECTED] at the end of the public key have any bearing on whether the key wil authenticate or not? Anyone know off the top of their head? -- [EMAIL PROTECTED] it was a hard sell, since he's a database person, and as far as I've seen, once those database worms eat into your brain, it's hard to ever get anything practical done again. To a database person, every nail looks like a thumb. Or something like that. - jwz ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Rsync autologin over ssh question
Here is what I need to do: I need to somehow automate an rsync from 1 box to several others. I have set up SSH for RSAAuthentication, the method I'd prefer to use (over RHostsRSA). I am able to slogin to the other boxes w/o supplying the passphrase. But here is where I'm stuck. How do I make a script run w/o the passphrase? The goal is to put this script in the users crontab. I've googled for help on this, which is how I got to the point I'm at, but now I need some further guidance. I am notified by email when the boxes reboot, so logging back into them to add the passphrase back into memory isn't a problem. I'd rather not use Rhosts if I can avoid it, and I also want to avoid running rsync daemon. If anyone has suggestions on a better and/or more secure method to do this, happy to hear it. Ultimately, I'd also like to be able to trigger this sync from a webpage, so if anyone has done that (using sudo I'd imagine), feel free to suggest things there too. Brent ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Rsync autologin over ssh question
On Fri, Apr 09, 2004 at 12:21:33PM -0700, Brent Wiese wrote: Here is what I need to do: I need to somehow automate an rsync from 1 box to several others. I have set up SSH for RSAAuthentication, the method I'd prefer to use (over RHostsRSA). I am able to slogin to the other boxes w/o supplying the passphrase. But here is where I'm stuck. How do I make a script run w/o the passphrase? The goal is to put this script in the users crontab. I've googled for help on this, which is how I got to the point I'm at, but now I need some further guidance. I am notified by email when the boxes reboot, so logging back into them to add the passphrase back into memory isn't a problem. I'd rather not use Rhosts if I can avoid it, and I also want to avoid running rsync daemon. If anyone has suggestions on a better and/or more secure method to do this, happy to hear it. Ultimately, I'd also like to be able to trigger this sync from a webpage, so if anyone has done that (using sudo I'd imagine), feel free to suggest things there too. This is covered in the SSH FAQ -- http://www.snailbook.com/faq/no-passphrase.auto.html Since you have ruled out RhostsRSA, you're left with two options: i) SSH key with plaintext key file (ie. no passphrase). If you choose this method, be sure to read the section in sshd(8) about the options you can use in the ~/.ssh/authorized_keys file, to minimize the possible damage that could occur if that key gets stolen. ii) Public key with SSH agent. Read about ssh-agent(1) and ssh-add(1). For scripting purposes, you can start up a long-running ssh-agent process, saving the output to a file: # ssh-agent -s ssh-agent-env Then manually ssh-add the key and passphrase to that agent: # sh -c '. ssh-agent-env ; ssh-add my-remote-access-key' All your scripts need to do then is source the environment settings you saved: #!/bin/sh . ssh-agent-env [... etc ...] In either of these cases be sure that each machine has the ssh public key of the other in the appropriate known-hosts files and that you verify that you can use ssh with your key on the command line to get into the machine without being challenged for a password. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
ssh question
Hello all, I was just in the process of compiling something through ssh(i.e. I ssh'd to my machine at home and ran make install) but during the compilation, my ssh client crashed. Does that mean that my build was killed as well? Thanks Tyler To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: ssh question
On Thu, Jan 30, 2003 at 12:46:30PM -0500, Tyler Parrott wrote: Hello all, I was just in the process of compiling something through ssh(i.e. I ssh'd to my machine at home and ran make install) but during the compilation, my ssh client crashed. Does that mean that my build was killed as well? I'm afraid so. screen (in the ports) may be of interest to help you avoid this in future. Dan -- Daniel Bye PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc PGP Key fingerprint: 3D73 AF47 D448 C5CA 88B4 0DCF 849C 1C33 3C48 2CDC _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
