Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[King Beowulf]

On 02/24/2017 06:41 PM, Erik Lane wrote:
snip-
>>
>>
> Is there any reason why the public and private keys need to be different on
> the different computers? (Purely out of curiosity about the technical
> implementation.) It seems like you could create them on one computer and
> copy paste to the relevant files to make them both the same. I don't see
> any benefit to doing this, and some possible security risks, depending on
> the situation, but I'm just curious.

Best practice is to have each host have its own key pair. If ssh stays
on your internal network and is not connected to the internet, you can
get by with a common set.  With a unique set you can track logs to see
if anyone tries to get in...

> 
> I have had a couple instances where I actually needed to create the keys as
> root as well. I was using rsync with sudo, (and the files were owned by a
> different user for Owncloud) so I had to have root create the keys, since
> that was what would be running the ssh transfer. Well, there might have
> been other options, I really don't know, but setting it up that way took
> care of it for me. Once I got it working I stopped looking for other ways
> to do it. :)
> 

having root do anything on the "cloud" (esp the way some distros
configure sudo) is absolutely insane.  Nuts.  Bonkers.

As computer users, we all need to be more proactive regarding security.
Just look at the news (No, not about Trump: the REAL news!) to notice
all the network security breaches of late. After all, we don't leave the
house unlocked, do we?  In the 21st Century locking down your computer
is just as important, nay, more so.  Your personal data is very
valuable.  More valuable than that new 4K TV or fancy stereo rig.

Enough ranting for a Friday night!

Have fun
-Ed
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Tom]

I apologize for contributing to further confusion.
I have not realized that you had two different email threads with
different subjects going on the same topic.
I should have staid out of it with so many messages in flight.
Maybe, it would help to re-read the man page for ssh and make some
notes for the next time... That is what I do with confusing and
infrequent issues... Perhaps even automate the setup, so that you can
easily reset the configuration.
Tomas
On Fri, 2017-02-24 at 14:46 -0800, Rich Shepard wrote:
> On Fri, 24 Feb 2017, Tom wrote:
> 
> > a) Yes it will wipe all existing entries from known_hosts file, but
> > they will be all recreated when you login to those hosts again in
> > the
> > future.
> 
> Tom,
> 
>I thought this is the case when I moved the public key files to
> authorized_keys and found instant connection from the laptop to the
> desktop
> with ssh. Whew! I thought I had this all configured when I replaced
> the hard
> drive on the laptop with a 500G SSD and installed Slackware
> -14.2/x86_64 on
> it. Obviously, I did not set up ssh keys at that time.
> 
> Much appreciated,
> 
> Rich
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Tom]

Hi Denis,

Need to run to remove unused old versions of kernels and other
packages?
Run: sudo apt autoremove --purge

That should fix that for you automagically.

If you want to prevent the problem happening in the future without
remembering the command, you can configure it by following this guide:
http://ubuntuhandbook.org/index.php/2016/05/remove-old-kernels-ubuntu-1
6-04/

I just run the "autoremove" command whenever I remember, one a year
maybe. 

Hope it helps, Tomas
On Fri, 2017-02-24 at 07:57 -0800, Denis Heidtmann wrote:
> The last time this happened Tomas told me what to do, but I did not
> write
> it down and my mind is a sieve.  What is the solution?  There are 9
> archived images.  How do I safely throw out the older ones?
> 
> Thanks,
> -Denis
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Erik Lane]

On Fri, Feb 24, 2017 at 2:53 PM, King Beowulf  wrote:

> On 02/24/2017 02:16 PM, Rich Shepard wrote:
> > On Fri, 24 Feb 2017, King Beowulf wrote:
> >
> >> for ssh or scp (cp over ssh), you only need one pub key for the
> >> connection to work.  NOT the ones in /etc/ssh.  One of the ones in
> ~/.ssh
> >
> > Ed,
> >
> >Here's what I've done; there's still something left for me to do.
> >
> >On laptop:
> >
> >1) ssh-keygen (using same passphrase as on other hosts).
> >2) ssh-add
> >3) tried ssh-copy-id to desktop but was denied.
> >4) copied ~/.ssh/id_ed25519.pub to thumb drive.
> >5) added desktop's ~/.ssh/id_25519.pub to laptop's ~/.ssh/known_hosts.
> >
>  No, not in "known_hosts", forget "known_hosts". That file is NOT used
> to authenticate user login.
>
> >On desktop:
> >
> >1) added laptop's ~/.ssh/id_ed25519.pub to ~/.ssh/known_hosts.
> >
> No. See above.  Doing this can prevent you from accessing the computers
> remotely
>
>
> >> cat laptop_key.pub > ~/.ssh/authorized_keys
> >
> >Now I'm confused about what should be in each host's
> > ~/.ssh/authorized_keys and ~/.ssh/known_hosts.
>
> 1. take the LAPTOP id_ed25519.pub key and put it in DESKTOP
> ~/.ssh/authorized_keys
>
> 2. take the DESKTOP *.pub key and put it in LAPTOP ~/.ssh/authorized_keys
>
> Note that even if you use the same passphrase, the private keys for each
> computer are unique.  also, you need to generate the keys as a USER not
> ROOT!
>
>
Is there any reason why the public and private keys need to be different on
the different computers? (Purely out of curiosity about the technical
implementation.) It seems like you could create them on one computer and
copy paste to the relevant files to make them both the same. I don't see
any benefit to doing this, and some possible security risks, depending on
the situation, but I'm just curious.

I have had a couple instances where I actually needed to create the keys as
root as well. I was using rsync with sudo, (and the files were owned by a
different user for Owncloud) so I had to have root create the keys, since
that was what would be running the ssh transfer. Well, there might have
been other options, I really don't know, but setting it up that way took
care of it for me. Once I got it working I stopped looking for other ways
to do it. :)




> now just from laptop
>
> ssh -i id_ed25519 rshepard@desktop
>
>
> >
> >Do the id_ed25519.pub files from one host belong in the
> authorized_keys
> > files on other hoste? If so, what goes in the known_hosts file in each
> host?
> known_hosts is just used to say you TRUST the remote computer.
> authorized_keys tells the host what remote user is allowed to login.
>
> >
> > Getting there,
> >
> > Rich
> > ___
> > PLUG mailing list
> > PLUG@lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
>
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Looking for Recruiter Recommendations

[Chuck Hast]

Have to give it some thought...

I recall applying for a field service job servicing automatic barriers,
like those
used in secure facilities and embassies. The ones that pop up out of the
ground.
I submitted my resume on line, two minutes go by and I get a call, "can you
come
to our office in Clearwater, (FL) tomorrow?" I told them yes as I lived in
Tampa
at that time and it was just a drive across the bay. Went to the interview
the next
day everyone wanted to talk to me from the owner down. They made me an offer
that matched what I was making at the old place of employment (which had got
rid of all of the USA and EU FSE's because they were hiring them out of SE.
Asia at wicked cheap rates). They told me I was the guy they needed, and
that
they just had to go through the act if interviewing, I got a couple of
calls over
the next 3 days that all was going well and I would be back in there the
next
week to do paper work. Then they went dark. I let a week go by and called.
They
told me that they had found a guy to do the job for $35K/year and had hired
him. Turns out right after they hired him they shipped him off to Iraq to
work on
automated barriers there. FOR $35K/year. Glad I did NOT get it because they
would have had to pay me a LOT more than that to go to Iraq...

That technology had all kinds of electronics and PLC's associated with it,
there
were cameras and image recognition, neat stuff.

On Fri, Feb 24, 2017 at 3:50 PM, Jonas Augusto  wrote:

> Write it all, please. I am curious
>
> On 24 Feb 2017 15:46, "Chuck Hast"  wrote:
>
> > Ha! I lost my job back at the end of Sept. I have been doing all of the
> > usual
> > stuff too. No joy! I think that most of them want entry level people and
> > when
> > they see my resume they know that I will probably not stay around long be
> > cause they are not paying enough, so they do not even worry, or I get the
> > usual "we have looked at your resume you are very good but we have
> decided
> > to go with another party".
> >
> > Another one I am running into is the "We are sorry to inform you that we
> > lost
> > the funding for the position" so we will not be hiring anyone... Why did
> > you offer
> > in the first place?
> >
> > I am a field service guy used to heavy travel, have a passport and global
> > access, I have been shot at, (Nicaragua, Bahamas) Bombed (airport in
> > Managua
> > Nicaragua) and walked away from 3 airplane crashes, and other disasters,
> > but
> > still love field service. Maybe I should try to write a book and
> retire...
> > Naw people
> > who retire die...
> >
> >
> > On Fri, Feb 24, 2017 at 3:31 PM, c  wrote:
> >
> > > I am trying to find work in Portland from out of town. I have some
> > friends
> > > in town, but no-one that has gotten their jobs through an agency or
> > > recruiter.
> > >
> > > Can anyone recommend anyone that they have worked with as being
> > reasonably
> > > decent?
> > >
> > > Thanks,
> > > Purcell
> > >
> > > p.s. Yes I am doing the standard searching for jobs on linkedin and
> > > craigslist too.
> > > ___
> > > PLUG mailing list
> > > PLUG@lists.pdxlinux.org
> > > http://lists.pdxlinux.org/mailman/listinfo/plug
> > >
> >
> >
> >
> > --
> >
> > Chuck Hast  -- KP4DJT --
> > Glass, five thousand years of history and getting better.
> > The only container material that the USDA gives blanket approval on.
> > ___
> > PLUG mailing list
> > PLUG@lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 

Chuck Hast  -- KP4DJT --
Glass, five thousand years of history and getting better.
The only container material that the USDA gives blanket approval on.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Looking for Recruiter Recommendations

[Chuck Hast]

I have been looking for some headhunter or agency that specializes in field
service work, but so far no real luck. Most of them shotgun you with a lot
of
useless stuff like killing bugs and rodents... (under field service)

On Fri, Feb 24, 2017 at 3:38 PM, chris (fool) mccraw 
wrote:

> I've had stellar success as a job hunter with Edgelink :
> http://www.edgelink.com.  They are more about "let us figure out what
> you're good at and filter jobs for you" than "throw you at everything
> available and see what sticks".  They'll interview you before suggesting
> anything.  They found me two kickass jobs in a period of a couple of years
> and that's it - never sent another opportunity my way other than the 2 that
> I took.  Batting 1.000 for a recruiting agency feels amazing to me (since
> just about every other recruiter experience I had before them was crappy),
> so I recommend them over and over again.
>
> Even before I look on craigslist and linkedin (and indeed, I'm assuming?) I
> check out this job board: https://jobs.siliconflorist.com/
>
>
>
> On Fri, Feb 24, 2017 at 3:31 PM, c  wrote:
>
> > I am trying to find work in Portland from out of town. I have some
> friends
> > in town, but no-one that has gotten their jobs through an agency or
> > recruiter.
> >
> > Can anyone recommend anyone that they have worked with as being
> reasonably
> > decent?
> >
> > Thanks,
> > Purcell
> >
> > p.s. Yes I am doing the standard searching for jobs on linkedin and
> > craigslist too.
> > ___
> > PLUG mailing list
> > PLUG@lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 

Chuck Hast  -- KP4DJT --
Glass, five thousand years of history and getting better.
The only container material that the USDA gives blanket approval on.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Looking for Recruiter Recommendations

[Jonas Augusto]

Write it all, please. I am curious

On 24 Feb 2017 15:46, "Chuck Hast"  wrote:

> Ha! I lost my job back at the end of Sept. I have been doing all of the
> usual
> stuff too. No joy! I think that most of them want entry level people and
> when
> they see my resume they know that I will probably not stay around long be
> cause they are not paying enough, so they do not even worry, or I get the
> usual "we have looked at your resume you are very good but we have decided
> to go with another party".
>
> Another one I am running into is the "We are sorry to inform you that we
> lost
> the funding for the position" so we will not be hiring anyone... Why did
> you offer
> in the first place?
>
> I am a field service guy used to heavy travel, have a passport and global
> access, I have been shot at, (Nicaragua, Bahamas) Bombed (airport in
> Managua
> Nicaragua) and walked away from 3 airplane crashes, and other disasters,
> but
> still love field service. Maybe I should try to write a book and retire...
> Naw people
> who retire die...
>
>
> On Fri, Feb 24, 2017 at 3:31 PM, c  wrote:
>
> > I am trying to find work in Portland from out of town. I have some
> friends
> > in town, but no-one that has gotten their jobs through an agency or
> > recruiter.
> >
> > Can anyone recommend anyone that they have worked with as being
> reasonably
> > decent?
> >
> > Thanks,
> > Purcell
> >
> > p.s. Yes I am doing the standard searching for jobs on linkedin and
> > craigslist too.
> > ___
> > PLUG mailing list
> > PLUG@lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
>
>
>
> --
>
> Chuck Hast  -- KP4DJT --
> Glass, five thousand years of history and getting better.
> The only container material that the USDA gives blanket approval on.
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Looking for Recruiter Recommendations

[Chuck Hast]

Ha! I lost my job back at the end of Sept. I have been doing all of the
usual
stuff too. No joy! I think that most of them want entry level people and
when
they see my resume they know that I will probably not stay around long be
cause they are not paying enough, so they do not even worry, or I get the
usual "we have looked at your resume you are very good but we have decided
to go with another party".

Another one I am running into is the "We are sorry to inform you that we
lost
the funding for the position" so we will not be hiring anyone... Why did
you offer
in the first place?

I am a field service guy used to heavy travel, have a passport and global
access, I have been shot at, (Nicaragua, Bahamas) Bombed (airport in Managua
Nicaragua) and walked away from 3 airplane crashes, and other disasters, but
still love field service. Maybe I should try to write a book and retire...
Naw people
who retire die...


On Fri, Feb 24, 2017 at 3:31 PM, c  wrote:

> I am trying to find work in Portland from out of town. I have some friends
> in town, but no-one that has gotten their jobs through an agency or
> recruiter.
>
> Can anyone recommend anyone that they have worked with as being reasonably
> decent?
>
> Thanks,
> Purcell
>
> p.s. Yes I am doing the standard searching for jobs on linkedin and
> craigslist too.
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 

Chuck Hast  -- KP4DJT --
Glass, five thousand years of history and getting better.
The only container material that the USDA gives blanket approval on.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Looking for Recruiter Recommendations

[chris (fool) mccraw]

I've had stellar success as a job hunter with Edgelink :
http://www.edgelink.com.  They are more about "let us figure out what
you're good at and filter jobs for you" than "throw you at everything
available and see what sticks".  They'll interview you before suggesting
anything.  They found me two kickass jobs in a period of a couple of years
and that's it - never sent another opportunity my way other than the 2 that
I took.  Batting 1.000 for a recruiting agency feels amazing to me (since
just about every other recruiter experience I had before them was crappy),
so I recommend them over and over again.

Even before I look on craigslist and linkedin (and indeed, I'm assuming?) I
check out this job board: https://jobs.siliconflorist.com/



On Fri, Feb 24, 2017 at 3:31 PM, c  wrote:

> I am trying to find work in Portland from out of town. I have some friends
> in town, but no-one that has gotten their jobs through an agency or
> recruiter.
>
> Can anyone recommend anyone that they have worked with as being reasonably
> decent?
>
> Thanks,
> Purcell
>
> p.s. Yes I am doing the standard searching for jobs on linkedin and
> craigslist too.
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

[PLUG] Looking for Recruiter Recommendations

[c]

I am trying to find work in Portland from out of town. I have some friends
in town, but no-one that has gotten their jobs through an agency or
recruiter.

Can anyone recommend anyone that they have worked with as being reasonably
decent?

Thanks,
Purcell

p.s. Yes I am doing the standard searching for jobs on linkedin and
craigslist too.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[King Beowulf]

On 02/24/2017 02:16 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
>> for ssh or scp (cp over ssh), you only need one pub key for the
>> connection to work.  NOT the ones in /etc/ssh.  One of the ones in ~/.ssh
> 
> Ed,
> 
>Here's what I've done; there's still something left for me to do.
> 
>On laptop:
> 
>1) ssh-keygen (using same passphrase as on other hosts).
>2) ssh-add
>3) tried ssh-copy-id to desktop but was denied.
>4) copied ~/.ssh/id_ed25519.pub to thumb drive.
>5) added desktop's ~/.ssh/id_25519.pub to laptop's ~/.ssh/known_hosts.
>
 No, not in "known_hosts", forget "known_hosts". That file is NOT used
to authenticate user login.

>On desktop:
> 
>1) added laptop's ~/.ssh/id_ed25519.pub to ~/.ssh/known_hosts.
> 
No. See above.  Doing this can prevent you from accessing the computers
remotely


>> cat laptop_key.pub > ~/.ssh/authorized_keys
> 
>Now I'm confused about what should be in each host's
> ~/.ssh/authorized_keys and ~/.ssh/known_hosts.

1. take the LAPTOP id_ed25519.pub key and put it in DESKTOP
~/.ssh/authorized_keys

2. take the DESKTOP *.pub key and put it in LAPTOP ~/.ssh/authorized_keys

Note that even if you use the same passphrase, the private keys for each
computer are unique.  also, you need to generate the keys as a USER not
ROOT!

now just from laptop

ssh -i id_ed25519 rshepard@desktop


> 
>Do the id_ed25519.pub files from one host belong in the authorized_keys
> files on other hoste? If so, what goes in the known_hosts file in each host?
known_hosts is just used to say you TRUST the remote computer.
authorized_keys tells the host what remote user is allowed to login.

> 
> Getting there,
> 
> Rich
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
> 

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Rich Shepard]

On Fri, 24 Feb 2017, Tom wrote:

> a) Yes it will wipe all existing entries from known_hosts file, but
> they will be all recreated when you login to those hosts again in the
> future.

Tom,

   I thought this is the case when I moved the public key files to
authorized_keys and found instant connection from the laptop to the desktop
with ssh. Whew! I thought I had this all configured when I replaced the hard
drive on the laptop with a 500G SSD and installed Slackware-14.2/x86_64 on
it. Obviously, I did not set up ssh keys at that time.

Much appreciated,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [RESOLVED]

[Rich Shepard]

On Fri, 24 Feb 2017, Rich Shepard wrote:

>   Now I'm confused about what should be in each host's
> ~/.ssh/authorized_keys and ~/.ssh/known_hosts.

>   Do the id_ed25519.pub files from one host belong in the authorized_keys
> files on other hosts?

   Yes, they do. I suspect that known_hosts is populated when a connection to
a remote host is made.

   Moving the id_ed25519.pub files to authorized_keys did the job.

   My thanks to all of you (especially Ed) for your patient help.

Carpe weekend,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Tom]

You have two choices here Rich:
a) Yes it will wipe all existing entries from known_hosts file, but
they will be all recreated when you login to those hosts again in the
future.
b) delete only the line in known_hosts file corresponding to the host
you have difficulties to login to. When you do this, do nothing else
ssh to your remote machine and answer yes to the question about adding
the host to known_hosts file. After that, things should be as you are
used to.
Hope it helps, Tomas
On Fri, 2017-02-24 at 13:55 -0800, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
> > Just delete ~/.ssh/known_hosts and it will regenerate from what's
> > in
> > /etc/ssh
> 
> Ed,
> 
>This would wipe out the existing portable in known_host.
> 
>I think the problem is more basic. While the laptop has ed25519
> and ecdsa
> private/public keys in /etc/ssh/, it does not have the private and
> public
> id_ed25519 in ~/.ssh/.
> 
>I believe that I need to run ssh-keygen on the laptop (with the
> same
> passphrase as used on the server and other laptop), then run ssh-copy
> -id to
> copy the public key on the server.
> 
>Stand by for results ...
> 
> Thanks,
> 
> Rich
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> for ssh or scp (cp over ssh), you only need one pub key for the
> connection to work.  NOT the ones in /etc/ssh.  One of the ones in ~/.ssh

Ed,

   Here's what I've done; there's still something left for me to do.

   On laptop:

   1) ssh-keygen (using same passphrase as on other hosts).
   2) ssh-add
   3) tried ssh-copy-id to desktop but was denied.
   4) copied ~/.ssh/id_ed25519.pub to thumb drive.
   5) added desktop's ~/.ssh/id_25519.pub to laptop's ~/.ssh/known_hosts.

   On desktop:

   1) added laptop's ~/.ssh/id_ed25519.pub to ~/.ssh/known_hosts.

> cat laptop_key.pub > ~/.ssh/authorized_keys

   Now I'm confused about what should be in each host's
~/.ssh/authorized_keys and ~/.ssh/known_hosts.

   Do the id_ed25519.pub files from one host belong in the authorized_keys
files on other hoste? If so, what goes in the known_hosts file in each host?

Getting there,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[King Beowulf]

On 02/24/2017 01:06 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
>> 3. The public key in autheorized-keys (DESTINATION) does not match the
>> PRIVATE KEY (SOURCE)
> 
> Ed,
> 
>I just found this to be the case and posted that in the updated message.
> Since the private and public keys on each host are in /etc/ssh/ I need to
> re-learn how to copy the SOURCE's public key to DESTINATION so the user
> appended to that string is me, not root.
> 
> Thanks for providing the pointer to the problem,
> 

Remember that the keys in /etc/ssh/  are NOT the ones you use to log in.
 you need user level keys stored in ~/.ssh.

2 computers do not log in to each other: a USER on "computer A" logs
into a user account on "computer B".

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> Just delete ~/.ssh/known_hosts and it will regenerate from what's in
> /etc/ssh

Ed,

   This would wipe out the existing portable in known_host.

   I think the problem is more basic. While the laptop has ed25519 and ecdsa
private/public keys in /etc/ssh/, it does not have the private and public
id_ed25519 in ~/.ssh/.

   I believe that I need to run ssh-keygen on the laptop (with the same
passphrase as used on the server and other laptop), then run ssh-copy-id to
copy the public key on the server.

   Stand by for results ...

Thanks,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[King Beowulf]

On 02/24/2017 01:01 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
>> On DESTINATION computer: delete ~/.ssh/authorized_keys
> 
> Ed,
> 
>That's the problem: there's no public key for this laptop in
> ~/.ssh/authorized keys!
> 
>If I copy the laptop's /etc/ssh/ssh_host_ed25519_key.pub to a thumb drive
> and from there to the desktop's ~/.ssh/authorized_keys it is associated with
> root@. The existing public key in authorized_keys is
> associated with rshepard@.
> 
>How do I transfer the laptop's ed25519_key.pub to the desktop with
> assignment to me as the authorized user?
> 
> Rich
> ___

for ssh or scp (cp over ssh), you only need one pub key for the
connection to work.  NOT the ones in /etc/ssh.  One of the ones in ~/.ssh

take the laptop's *.pub to the desktop, and do the same for the desktop.
 pick whatever algorithm you want - I use the 4069-bit rsa.

cat laptop_key.pub > ~/.ssh/authorized_keys

That should do it as long as you know the passphrase.  You can cache the
passphrase with ssh-add if you have ssh-agent running.

My server has 2 keys in ~/.ssh/authorized_keys: one that allows local
ssh on my network, another for remote ssh from "outside" and since its
"headless" none of its pub keys exist anywhere else.


___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[King Beowulf]

On 02/24/2017 01:15 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, Rich Shepard wrote:
> 
>>   That's the problem: there's no public key for this laptop in
>> ~/.ssh/authorized keys!
> 
>And, there's no public key for this laptop in the desktop's
> ~/.ssh/known_hosts.
> 

Just delete ~/.ssh/known_hosts and it will regenerate from what's in
/etc/ssh

-Ed

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Rich Shepard]

On Fri, 24 Feb 2017, Rich Shepard wrote:

>   That's the problem: there's no public key for this laptop in
> ~/.ssh/authorized keys!

   And, there's no public key for this laptop in the desktop's
~/.ssh/known_hosts.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, a...@clueserver.org wrote:


> What are the permissions on your local .ssh directory and files?

   700

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> 3. The public key in autheorized-keys (DESTINATION) does not match the
> PRIVATE KEY (SOURCE)

Ed,

   I just found this to be the case and posted that in the updated message.
Since the private and public keys on each host are in /etc/ssh/ I need to
re-learn how to copy the SOURCE's public key to DESTINATION so the user
appended to that string is me, not root.

Thanks for providing the pointer to the problem,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification [UPDATED]

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> On DESTINATION computer: delete ~/.ssh/authorized_keys

Ed,

   That's the problem: there's no public key for this laptop in
~/.ssh/authorized keys!

   If I copy the laptop's /etc/ssh/ssh_host_ed25519_key.pub to a thumb drive
and from there to the desktop's ~/.ssh/authorized_keys it is associated with
root@. The existing public key in authorized_keys is
associated with rshepard@.

   How do I transfer the laptop's ed25519_key.pub to the desktop with
assignment to me as the authorized user?

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[alan]

> On Fri, 24 Feb 2017, Rich Shepard wrote:
>
>> debug1: Connecting to salmo [192.168.55.1] port <>.
>> debug1: Connection established.
>
>The two hosts can communicate.
>
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_rsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_dsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
>> debug1: key_load_public: No such file or directory
>
>Not finding the public key.
>
>> debug1: Host '[salmo]:21498' is known and matches the ED25519 host key.
>> debug1: Found key in /home/rshepard/.ssh/known_hosts:1
>
>Found the public key.
>
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/rshepard/.ssh/id_rsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_dsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_ecdsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_ed25519
>> debug1: No more authentication methods to try.
>> Permission denied (publickey).
>
>Not finding the public key.
>
>I'm confused.

What are the permissions on your local .ssh directory and files?

perl -pe 's/^\s+//g' *.py

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[King Beowulf]

On 02/24/2017 12:29 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
> 
>To repeat, I do not remotely login via ssh with a username and password, I
> use the passphrase (which is not the same as a password since it contains
> multiple words and punctuation.)
> 
> Rich

1. ~/.ssh/* permissions problem on one or both computers
2. the passphrase for PRIVATE KEY is wrong (SOURCE)
3. The public key in autheorized-keys (DESTINATION) does not match the
PRIVATE KEY (SOURCE)
4. you upgraded openssh on DESTINATION and over wrote your
/etc/ssh/sshd.config

-Ed






___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, Ken Stephens wrote:

> Permissions on my .ssh directory are:
> [kens@neptune ~]$ ls -ahl .ssh
> total 24K
> drwx--.  2 kens kens 4.0K Nov 22 20:24 .
> drwx--. 80 kens kens 4.0K Feb 24 08:41 ..
> -rw---.  1 kens kens 2.4K Dec 24 15:15 authorized_keys
> -rw---.  1 kens kens 1.7K Sep 23 12:51 id_rsa
> -rw-r--r--.  1 kens kens  394 Sep 23 12:51 id_rsa.pub
> -rw-r--r--.  1 kens kens 1.1K Jan 18 12:44 known_hosts
>
> It might be a permissions problem.

Ken,

   On my desktop I again changed authorized_keys from 644 to 600 and
restarted sshd. The laptop still is denied access.

Thanks,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> (remember: the default Slackware install of sshd does not use keys at all.
> You login via normal username/password. See explanation on the other list
> thread.)

   From the desktop's sshd_config:

# Authentication:
#StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

AuthorizedKeysFile  .ssh/authorized_keys

PasswordAuthentication no

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[King Beowulf]

On 02/24/2017 12:06 PM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
>> In that case, the only entries that you care about are in "known_hosts"
>> unless sshd is stopped. As root:
>> /etc/rc.d/rc.sshd restart
> 
> Ed,
> 
>Did this.
> 
>> $ ssh susan@glaurung
> 
>It generates the new known_hosts file then denies the connection.
> 
>> Since you have an authorized keys file did you try
>> $ ssh -i private-key-file username@host
> 
>ssh on the laptop tells me that id_ed25519.pub on the desktop is not
> accessible so the connection's denied. The perms on
> salmo/.ssh/id_ed25519.pub are 644 so it _should_ be readable by others.
> 

The username, password, public key and/or passphrase is wrong.  To login
in you MUST have a user set up to log into the DESTINATION computer.

On DESTINATION computer: delete ~/.ssh/authorized_keys
On DESTINATION computer:
  1. to use username/password (no keys or passphrase),
 check /etc/ssh/sshd_config lines:

  PermitRootLogin no
  PubkeyAuthentication no

  These are the defaults.  I also have "AllowUsers" as
  a further restriction.

  2. /etc/rc.d/rc.sshd restart

  now pick ANY existing user on the DESTINATION and

  some_user@SOURCE$ ssh a_user@DESTINATION
  a_user@DESTINATION's password:
  ...
  a_user@DESTINATION$ _

  3. Once this works, on SOURCE computer:

 ssh-copy-id -i ~/.ssh/id_rsa.pub a_user@DESTINATION

 (to use the default key). If you created id_rsa (etc)
 with passphrase, you will need that AND a_user's password.
 This will create a new ~/.ssh/authorized_keys on DESTINATION.

  4. you should now be able to login in:
 $ ssh a_user@DESTINATION
 or
 $ ssh -i id_rsa.pub a_user@DESTINATION

 (id_rsa is the default, use -i for if you create different key)

  5. "PubkeyAuthentication yes" to disable user/password and
  use ONLY keys.

Clear as mud?  I hope!

-Ed





___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> (remember: the default Slackware install of sshd does not use keys at all.
> You login via normal username/password. See explanation on the other list
> thread.)

   Having setup ssh/sshd on Slackware in 2003, and having it work with this
laptop up through 14.1 and with 14.2 a month or so ago, I need to understand
why it's now broken.

   To repeat, I do not remotely login via ssh with a username and password, I
use the passphrase (which is not the same as a password since it contains
multiple words and punctuation.)

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Ken Stephens]

King Beowulf wrote:
> On 02/24/2017 10:50 AM, Rich Shepard wrote:
>> On Fri, 24 Feb 2017, Rich Shepard wrote:
>>
>>> debug1: Connecting to salmo [192.168.55.1] port <>.
>>> debug1: Connection established.
>> The two hosts can communicate.
>>
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_rsa type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_dsa type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
>>> debug1: key_load_public: No such file or directory
>>> debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
>>> debug1: key_load_public: No such file or directory
>> Not finding the public key.
>>
>>> debug1: Host '[salmo]:21498' is known and matches the ED25519 host key.
>>> debug1: Found key in /home/rshepard/.ssh/known_hosts:1
>> Found the public key.
>>
> That's the HOST (/etc/ssh) key to allow the 2 computers to connect.  ssh
> only allows connections to TRUSTED hosts which it checks in file
> "known_hosts" This is NOT the key that allows login user authentication.
>
>
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>> debug1: Authentications that can continue: publickey
>>> debug1: Next authentication method: publickey
>>> debug1: Trying private key: /home/rshepard/.ssh/id_rsa
>>> debug1: Trying private key: /home/rshepard/.ssh/id_dsa
>>> debug1: Trying private key: /home/rshepard/.ssh/id_ecdsa
>>> debug1: Trying private key: /home/rshepard/.ssh/id_ed25519
>>> debug1: No more authentication methods to try.
>>> Permission denied (publickey).
>> Not finding the public key.
> that's the USER login authentication key.  The public key listed in
> DESTINATION authorized_keys does not match the PUBLIC key on the SOURCE
> computer.  Either that, or you have /etc/ssh/sshd_config setup
> incorrectly for pub/private key authentication.
>
> (remember: the default Slackware install of sshd does not use keys at
> all.  You login via normal username/password.  See explanation on the
> other list thread.)
>
> http://docs.slackware.com/howtos:security:sshkeys
> http://docs.slackware.com/howtos:security:ssh
>
> -Ed
>
Rich,

Permissions on my .ssh directory are:
[kens@neptune ~]$ ls -ahl .ssh
total 24K
drwx--.  2 kens kens 4.0K Nov 22 20:24 .
drwx--. 80 kens kens 4.0K Feb 24 08:41 ..
-rw---.  1 kens kens 2.4K Dec 24 15:15 authorized_keys
-rw---.  1 kens kens 1.7K Sep 23 12:51 id_rsa
-rw-r--r--.  1 kens kens  394 Sep 23 12:51 id_rsa.pub
-rw-r--r--.  1 kens kens 1.1K Jan 18 12:44 known_hosts

It might be a permissions problem.

Ken




___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[King Beowulf]

On 02/24/2017 10:50 AM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, Rich Shepard wrote:
> 
>> debug1: Connecting to salmo [192.168.55.1] port <>.
>> debug1: Connection established.
> 
>The two hosts can communicate.
> 
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_rsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_dsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
>> debug1: key_load_public: No such file or directory
> 
>Not finding the public key.
> 
>> debug1: Host '[salmo]:21498' is known and matches the ED25519 host key.
>> debug1: Found key in /home/rshepard/.ssh/known_hosts:1
> 
>Found the public key.
> 
That's the HOST (/etc/ssh) key to allow the 2 computers to connect.  ssh
only allows connections to TRUSTED hosts which it checks in file
"known_hosts" This is NOT the key that allows login user authentication.


>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/rshepard/.ssh/id_rsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_dsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_ecdsa
>> debug1: Trying private key: /home/rshepard/.ssh/id_ed25519
>> debug1: No more authentication methods to try.
>> Permission denied (publickey).
> 
>Not finding the public key.

that's the USER login authentication key.  The public key listed in
DESTINATION authorized_keys does not match the PUBLIC key on the SOURCE
computer.  Either that, or you have /etc/ssh/sshd_config setup
incorrectly for pub/private key authentication.

(remember: the default Slackware install of sshd does not use keys at
all.  You login via normal username/password.  See explanation on the
other list thread.)

http://docs.slackware.com/howtos:security:sshkeys
http://docs.slackware.com/howtos:security:ssh

-Ed

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> In that case, the only entries that you care about are in "known_hosts"
> unless sshd is stopped. As root:
> /etc/rc.d/rc.sshd restart

Ed,

   Did this.

> $ ssh susan@glaurung

   It generates the new known_hosts file then denies the connection.

> Since you have an authorized keys file did you try
> $ ssh -i private-key-file username@host

   ssh on the laptop tells me that id_ed25519.pub on the desktop is not
accessible so the connection's denied. The perms on
salmo/.ssh/id_ed25519.pub are 644 so it _should_ be readable by others.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[King Beowulf]

On 02/24/2017 10:25 AM, Rich Shepard wrote:
> On Fri, 24 Feb 2017, King Beowulf wrote:
> 
>> Are you logging in via username/password or ssh key?
> 
> Ed,
> 
>I log into the laptop using username and password. To ssh from one to the
> other (today's experience is from a laptop to the desktop) I should be asked
> for my passphrase, not denied the connection.
> 

In that case, the only entries that you care about are in "known_hosts"
unless sshd is stopped. As root:

/etc/rc.d/rc.sshd restart

It can happen, esp. when you reinstall a linux OS, that new host keys
are generated (see also /etc/ssh).  In that case simply deleting
known_hosts file and then:
=
$ ssh susan@glaurung
The authenticity of host 'glaurung (192.168.1.27)' can't be established.
ECDSA key fingerprint is SHA256:6/ezoaMfN/zBE5XZoHVl1y7rBZ4vqUDbGaHci8YyQRk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'glaurung,192.168.1.27' (ECDSA) to the list
of known hosts.
susan@glaurung's password:
Last login: Fri Feb 24 11:43:30 2017 from 192.168.1.3
Linux 4.4.38.

susan@glaurung:~$
===

NOTE: password != passphrase.  using username/password means you have to
an account on the host or know the hosts user/password to use.  in the
above example, if I try:
==
$ ssh glaurung
beowulf@glaurung's password:
Permission denied, please try again.
beowulf@glaurung's password:
===
Failure since user "beowulf" does not exist on "glaurung"


Since you have an authorized keys file did you try

$ ssh -i private-key-file username@host

without the "i" the default is ~/.ssh/id_rsa.pub

-Ed
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Denis Heidtmann]

On Fri, Feb 24, 2017 at 10:56 AM, Bruce Kilpatrick  wrote:

>
> > On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
> >> The last time this happened Tomas told me what to do, but I did not
> write
> >> it down and my mind is a sieve.  What is the solution?  There are 9
> >> archived images.  How do I safely throw out the older ones?
> >
> If you are running Ubuntu (or something similar) sudo apt-get autoremove
> will uninstall anything the system no longer relies on and update Grub
> for you.
>
> Bruce


I chose this solution ("autoremove" sounded good).  Seems to have done the
trick.  Thanks for all the replies.

-Denis
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[David Barr]

> On Feb 24, 2017, at 10:19 AM, Tony Schlemmer  wrote:
> 
> On Fri, 2017-02-24 at 09:36 -0800, David wrote:
>> On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
>>> 
>>> The last time this happened Tomas told me what to do, but I did not
>>> write
>>> it down and my mind is a sieve.  What is the solution?  There are 9
>>> archived images.  How do I safely throw out the older ones?
>>> 
>>> Thanks,
>>> -Denis
>> Howdy.
>> 
>> You don't provide quite enough information, but I can get you close
>> enough that you should be able to figure it out from there.
>> 
>> If you have a RH based system, you will want to use yum to remove the
>> oldest one or two kernel RPMs. I'd suggest starting with find out
>> your current kernel release, and then listing which kernel images are
>> installed:
>> 
>> $ uname -r # so you know what you can't remove
>> $ rpm -qa | grep kernel-[2-4]
>> $ sudo yum remove ${package name from above}
>> 
>> If you are using a Debian based system, it's similar:
>> 
>> $ uname -r # so you know what you can't remove
>> $ dpkg -l linux-image* | grep ^i
>> $ sudo apt-get remove ${package name from above}
>> 
>> You just want to be sure to leave your current running kernel and the
>> next youngest version (IMO), and the rest can be removed to free up
>> space in /boot.
>> 
>> dafr
> 
> I made the mistake one time of removing the active kernel under Ubuntu
> so I had to create a DVD recovery disk. With Ubuntu I use the Synaptic
> Package manager to uninstall old kernel images since I had a limited
> about of space in my boot partition. I have a new laptop that I bought
> in October so I have not had to delete any Kernels right now.


I've had the exact same problem, in the past. So, I wrote a fix...

https://github.com/dafydd2277/systemAdmin/blob/master/scripting/52_removeOldKernels.sh


Cheers!
dafydd

--

David - Offbeat http://pgp.mit.edu/
dafydd - Online 0xda3f18449337d6b5

51525354555657--

Dr. Viktor Frankenstein entered into a body building competition
only to find he has seriously misunderstood the objective.





signature.asc
Description: Message signed with OpenPGP using GPGMail
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Bruce Kilpatrick]

On 02/24/2017 08:36 AM, Dick Steffens wrote:
> On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
>> The last time this happened Tomas told me what to do, but I did not write
>> it down and my mind is a sieve.  What is the solution?  There are 9
>> archived images.  How do I safely throw out the older ones?
>
> While I don't have an answer to your question, I do recall that there is
> a way to search for it in the archives. This involves using Google
> Advanced Search to search a "site or domain". I put pdxlinux.org in the
> "site or domain" line, but my search foo probably isn't what you need. I
> tried "linux remove old images from boot" (without quotes), but the
> first page didn't seem like what you are looking for. Maybe your foo
> would work better for you.
>
If you are running Ubuntu (or something similar) sudo apt-get autoremove 
will uninstall anything the system no longer relies on and update Grub 
for you.

Bruce
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, Rich Shepard wrote:

> debug1: Connecting to salmo [192.168.55.1] port <>.
> debug1: Connection established.

   The two hosts can communicate.

> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_rsa type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_dsa type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
> debug1: key_load_public: No such file or directory

   Not finding the public key.

> debug1: Host '[salmo]:21498' is known and matches the ED25519 host key.
> debug1: Found key in /home/rshepard/.ssh/known_hosts:1

   Found the public key.

> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/rshepard/.ssh/id_rsa
> debug1: Trying private key: /home/rshepard/.ssh/id_dsa
> debug1: Trying private key: /home/rshepard/.ssh/id_ecdsa
> debug1: Trying private key: /home/rshepard/.ssh/id_ed25519
> debug1: No more authentication methods to try.
> Permission denied (publickey).

   Not finding the public key.

   I'm confused.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, bro...@netgate.net wrote:

> Now you just need the correct public key. Use the -v flag to scp for more
> output.

$ scp -v salmo:projects . 
Executing: program /usr/bin/ssh host salmo, user (unspecified), command scp -v 
-f projects
OpenSSH_7.4p1, OpenSSL 1.0.2k  26 Jan 2017
debug1: Reading configuration data /home/rshepard/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to salmo [127.0.0.1] port <>.
debug1: connect to address 127.0.0.1 port <>: Connection refused
debug1: Connecting to salmo [192.168.55.1] port <>.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x0400
debug1: Authenticating to salmo:21498 as 'rshepard'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1...@openssh.com MAC: 
 compression: none
debug1: kex: client->server cipher: chacha20-poly1...@openssh.com MAC: 
 compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-ed25519 
SHA256:9T1sRfIPmzJvODsTIOexYiBawQAJp6fN9GS1S9zGewg
debug1: Host '[salmo]:21498' is known and matches the ED25519 host key.
debug1: Found key in /home/rshepard/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: 
server-sig-algs=
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/rshepard/.ssh/id_rsa
debug1: Trying private key: /home/rshepard/.ssh/id_dsa
debug1: Trying private key: /home/rshepard/.ssh/id_ecdsa
debug1: Trying private key: /home/rshepard/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
$ scp -v salmo:projects . 
Executing: program /usr/bin/ssh host salmo, user (unspecified), command scp -v 
-f projects
OpenSSH_7.4p1, OpenSSL 1.0.2k  26 Jan 2017
debug1: Reading configuration data /home/rshepard/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to salmo [127.0.0.1] port 21498.
debug1: connect to address 127.0.0.1 port 21498: Connection refused
debug1: Connecting to salmo [192.168.55.1] port 21498.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/rshepard/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x0400
debug1: Authenticating to salmo:21498 as 'rshepard'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: 

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, Roderick Anderson wrote:

> Check permissions on .SSH and the files in it.

Rod,

   On the desktop:
$ ll .ssh
total 20
-rw-r--r-- 1 rshepard users 100 Nov  9 08:43 authorized_keys
-rw-r--r-- 1 rshepard users  11 Feb  7  2015 config
-rw--- 1 rshepard users 464 Oct 30 12:42 id_ed25519
-rw-r--r-- 1 rshepard users  96 Oct 30 12:42 id_ed25519.pub
-rw-r--r-- 1 rshepard users 116 Nov  7 12:54 known_hosts

   On the laptop the only two files in ~/.ssh are config and known_hosts, and
both have the same 544 permissions as on the desktop.

   Shouldn't the laptop also have authorized_keys and the two public keys for
itself?

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> Are you logging in via username/password or ssh key?

Ed,

   I log into the laptop using username and password. To ssh from one to the
other (today's experience is from a laptop to the desktop) I should be asked
for my passphrase, not denied the connection.

> If it exists are you using ~/.ssh/id_rsa_pub or a key from ~/.gnupg? Did
> you set a passphrase for these keys and then forget?

$ ls .ssh/
authorized_keys  config  id_ed25519  id_ed25519.pub  known_hosts

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Tony Schlemmer]

On Fri, 2017-02-24 at 09:36 -0800, David wrote:
> On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
> > 
> > The last time this happened Tomas told me what to do, but I did not
> > write
> > it down and my mind is a sieve.  What is the solution?  There are 9
> > archived images.  How do I safely throw out the older ones?
> > 
> > Thanks,
> > -Denis
> Howdy.
> 
> You don't provide quite enough information, but I can get you close 
> enough that you should be able to figure it out from there.
> 
> If you have a RH based system, you will want to use yum to remove the
> oldest one or two kernel RPMs. I'd suggest starting with find out
> your current kernel release, and then listing which kernel images are
> installed:
> 
> $ uname -r # so you know what you can't remove
> $ rpm -qa | grep kernel-[2-4]
> $ sudo yum remove ${package name from above}
> 
> If you are using a Debian based system, it's similar:
> 
> $ uname -r # so you know what you can't remove
> $ dpkg -l linux-image* | grep ^i
> $ sudo apt-get remove ${package name from above}
> 
> You just want to be sure to leave your current running kernel and the
> next youngest version (IMO), and the rest can be removed to free up 
> space in /boot.
> 
> dafr
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug

I made the mistake one time of removing the active kernel under Ubuntu
so I had to create a DVD recovery disk. With Ubuntu I use the Synaptic
Package manager to uninstall old kernel images since I had a limited
about of space in my boot partition. I have a new laptop that I bought
in October so I have not had to delete any Kernels right now.

Tony

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Chuck Hast]

This works for me:
http://ubuntuhandbook.org/index.php/2016/05/remove-old-kernels-ubuntu-16-04/

On Fri, Feb 24, 2017 at 9:36 AM, David  wrote:

> On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
> > The last time this happened Tomas told me what to do, but I did not write
> > it down and my mind is a sieve.  What is the solution?  There are 9
> > archived images.  How do I safely throw out the older ones?
> >
> > Thanks,
> > -Denis
>
> Howdy.
>
> You don't provide quite enough information, but I can get you close
> enough that you should be able to figure it out from there.
>
> If you have a RH based system, you will want to use yum to remove the
> oldest one or two kernel RPMs. I'd suggest starting with find out your
> current kernel release, and then listing which kernel images are installed:
>
> $ uname -r # so you know what you can't remove
> $ rpm -qa | grep kernel-[2-4]
> $ sudo yum remove ${package name from above}
>
> If you are using a Debian based system, it's similar:
>
> $ uname -r # so you know what you can't remove
> $ dpkg -l linux-image* | grep ^i
> $ sudo apt-get remove ${package name from above}
>
> You just want to be sure to leave your current running kernel and the
> next youngest version (IMO), and the rest can be removed to free up
> space in /boot.
>
> dafr
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 

Chuck Hast  -- KP4DJT --
Glass, five thousand years of history and getting better.
The only container material that the USDA gives blanket approval on.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[David]

On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
> The last time this happened Tomas told me what to do, but I did not write
> it down and my mind is a sieve.  What is the solution?  There are 9
> archived images.  How do I safely throw out the older ones?
>
> Thanks,
> -Denis

Howdy.

You don't provide quite enough information, but I can get you close 
enough that you should be able to figure it out from there.

If you have a RH based system, you will want to use yum to remove the 
oldest one or two kernel RPMs. I'd suggest starting with find out your 
current kernel release, and then listing which kernel images are installed:

$ uname -r # so you know what you can't remove
$ rpm -qa | grep kernel-[2-4]
$ sudo yum remove ${package name from above}

If you are using a Debian based system, it's similar:

$ uname -r # so you know what you can't remove
$ dpkg -l linux-image* | grep ^i
$ sudo apt-get remove ${package name from above}

You just want to be sure to leave your current running kernel and the 
next youngest version (IMO), and the rest can be removed to free up 
space in /boot.

dafr
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[King Beowulf]

On 02/24/2017 07:33 AM, Rich Shepard wrote:
>An attempt to scp directories to a laptop from the workstation failed
> because ssh saw a changed public key in known_hosts. How this happened I've
> no idea, but it needs fixing, perhaps by copying the correct ecdsa public
> key from the workstation to the laptop.
> 
>On stackexchange I read that ecdsa is for key exchange and ed25519 for
> data transfers, so I assume that I need to copy both public keys from the
> workstation to the laptop. Is this correct?
> 
>Reading man ssh-keyscan suggests that running this (specifying the
> workstation host name) will do the job. However, While this adds several
> lines to the laptop's ~/.ssh/known_hosts it does not allow me to scp from
> the workstation.
> 
>Advice on finding the reason ssh became FUBAR and fixing the problem is
> needed.
> 
> Rich

Are you logging in via username/password or ssh key?  If so, then just
clearing both ~./ssh/known_hosts and then using ssh to log into each box
from each box will reset the entries.

If you are using ssh key based authentication you will need to check if
~./ssh/authorized_keys still exists on the box you are going to ssh or
scp into.  If it exists are you using ~/.ssh/id_rsa_pub or a key from
~/.gnupg?  Did you set a passphrase for these keys and then forget?

I am by no means an expert on this, but if you have the standard rsa
keys pairs automatically generated when you installed slackware, via
"ssh-keygen -t rsa" you do not need ecdsa vs ed2559 worries.  ssh and
scp works by default with username/password as long as you keep
~./ssh/known_hosts clean of stale entries.

-Ed


___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[c]

If you use ubuntu, you could use something like ubuntu-tweak or synaptic to
let you select the kernels in a gui and delete them.

If you are not on ubuntu, or prefer command line you can

get the name of your current kernel
uname -r

list all kernels except what you are currently using
dpkg -l | tail -n +6 | grep -E 'linux-image-[0-9]+' | grep -Fv $(uname -r)

remove listed packages
sudo dpkg --purge #NAME GOES HERE#


http://askubuntu.com/questions/2793/how-do-i-remove-old-kernel-versions-to-clean-up-the-boot-menu
https://help.ubuntu.com/community/RemoveOldKernels

Purcell




On Fri, Feb 24, 2017 at 9:57 AM, Denis Heidtmann 
wrote:

> The last time this happened Tomas told me what to do, but I did not write
> it down and my mind is a sieve.  What is the solution?  There are 9
> archived images.  How do I safely throw out the older ones?
>
> Thanks,
> -Denis
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>



-- 
Darkness spoons with you.
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Roderick Anderson]

Check permissions on .SSH and the files in it.

Not at a system I can check to say what they should be. Some one else may 
be able to.

Rod
-- 


On February 24, 2017 08:39:42 Rich Shepard  wrote:

> On Fri, 24 Feb 2017, bro...@netgate.net wrote:
>
>> Just delete the entry from the known_hosts file. Should do the trick.
>
>Deleted ~/.ssh/known_hosts and tried to scp:
>
> $ scp salmo:projects .
> The authenticity of host '[salmo]: ([192.168.55.1]:21498)' can't be 
> established.
> ED25519 key fingerprint is SHA256:9T1sRfIPmzJvODsTIOexYiBawQAJp6fN9GS1S9zGewg.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '[salmo]:,[192.168.55.1]:21498' (ED25519) 
> to the list of known hosts.
> Permission denied (publickey).
>
>This is the result regardless of what I try. Needs a much more experienced
> sysadmin than I to understand.
>
> Thanks,
>
> Rich
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug


___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[brooks]

Now you just need the correct public key. Use the -v flag to scp for more 
output.

On Fri, 24 Feb 2017, Rich Shepard wrote:

> On Fri, 24 Feb 2017, bro...@netgate.net wrote:
>
>> Just delete the entry from the known_hosts file. Should do the trick.
>
>   Deleted ~/.ssh/known_hosts and tried to scp:
>
> $ scp salmo:projects .
> The authenticity of host '[salmo]: ([192.168.55.1]:21498)' can't be 
> established.
> ED25519 key fingerprint is SHA256:9T1sRfIPmzJvODsTIOexYiBawQAJp6fN9GS1S9zGewg.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '[salmo]:,[192.168.55.1]:21498' (ED25519) to 
> the list of known hosts.
> Permission denied (publickey).
>
>   This is the result regardless of what I try. Needs a much more experienced
> sysadmin than I to understand.
>
> Thanks,
>
> Rich
> ___
> PLUG mailing list
> PLUG@lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] scp issue

[Rich Shepard]

On Fri, 24 Feb 2017, bro...@netgate.net wrote:

> Just delete the entry from the known_hosts file. Should do the trick.

   Deleted ~/.ssh/known_hosts and tried to scp:

$ scp salmo:projects . 
The authenticity of host '[salmo]: ([192.168.55.1]:21498)' can't be 
established.
ED25519 key fingerprint is SHA256:9T1sRfIPmzJvODsTIOexYiBawQAJp6fN9GS1S9zGewg.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[salmo]:,[192.168.55.1]:21498' (ED25519) to 
the list of known hosts.
Permission denied (publickey).

   This is the result regardless of what I try. Needs a much more experienced
sysadmin than I to understand.

Thanks,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] boot filled

[Dick Steffens]

On 02/24/2017 07:57 AM, Denis Heidtmann wrote:
> The last time this happened Tomas told me what to do, but I did not write
> it down and my mind is a sieve.  What is the solution?  There are 9
> archived images.  How do I safely throw out the older ones?

While I don't have an answer to your question, I do recall that there is 
a way to search for it in the archives. This involves using Google 
Advanced Search to search a "site or domain". I put pdxlinux.org in the 
"site or domain" line, but my search foo probably isn't what you need. I 
tried "linux remove old images from boot" (without quotes), but the 
first page didn't seem like what you are looking for. Maybe your foo 
would work better for you.

-- 
Regards,

Dick Steffens

___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

[PLUG] boot filled

[Denis Heidtmann]

The last time this happened Tomas told me what to do, but I did not write
it down and my mind is a sieve.  What is the solution?  There are 9
archived images.  How do I safely throw out the older ones?

Thanks,
-Denis
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Remote host lost ssh key verification

[Rich Shepard]

On Fri, 24 Feb 2017, Rich Shepard wrote:

> Advice on finding the reason ssh became FUBAR and fixing the problem is
> needed.

   The situation is more confusing.

   I copied the two public keys from the workstation to the laptop.
Initially, scp asked if I wanted to trust the connection and I responded,
'yes.' Then scp denied the connection.

   When I look at the contents of the workstation's ~/.ssh/config I see one
line with the port number. When I look at the laptop's ~/.ssh/config I see
what appears to be several public keys and a list of the same port number,
one for each time I run 'less config.' However, when I open config in an
editor I see only the one line with the port number.

   Looks like today will be spent fixing this problem. Do I need to start
from scratch configuring ssh on the laptop?

Sigh,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

[PLUG] Remote host lost ssh key verification

[Rich Shepard]

   An attempt to scp directories to a laptop from the workstation failed
because ssh saw a changed public key in known_hosts. How this happened I've
no idea, but it needs fixing, perhaps by copying the correct ecdsa public
key from the workstation to the laptop.

   On stackexchange I read that ecdsa is for key exchange and ed25519 for
data transfers, so I assume that I need to copy both public keys from the
workstation to the laptop. Is this correct?

   Reading man ssh-keyscan suggests that running this (specifying the
workstation host name) will do the job. However, While this adds several
lines to the laptop's ~/.ssh/known_hosts it does not allow me to scp from
the workstation.

   Advice on finding the reason ssh became FUBAR and fixing the problem is
needed.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Running a Python application in the background

[Rich Shepard]

On Fri, 24 Feb 2017, King Beowulf wrote:

> Screen stable tag v4.5.0 2016-12-07
> http://git.savannah.gnu.org/cgit/screen.git
>
> Tmux v2.3 Sep 29, 2016
> https://github.com/tmux/tmux/releases
>
> Tmux and Screen have very similar functionality and most differences are a
> matter of subjective taste. See each FAQ. Kind of like the hoopla over
> what the best editor is!

Ed,

   Ooo! Fuel for a new flame war? Haven't seen one of those in years. :-)

Thanks,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Running a Python application in the background

[Rich Shepard]

On Thu, 23 Feb 2017, Thomas Groman wrote:

> If your going to learn a new terminal multiplexer; make it TMUX. TMUX is
> like screen but is a little more featured, less conflicting key sequences,
> multi-user support, and more actively developed.

   Thanks, Tom. I now see I need to look carefully at nohup, screen, and
TMUX.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Running a Python application in the background

[Rich Shepard]

On Thu, 23 Feb 2017, Tom wrote:

> I'd second the use of screen as that will allow you to reconnect with the
> shell where you started the command should you need it. Another
> alternative to nohup I often use: at -f commandToRun now The dependency is
> to start atd.service

> The advantages to nohup that is that you will get the command's output by
> email, so that you can check the success/failure and what happened.
> Another good thing is that you can start your command with delay or at
> certain time/date if needed.

Tomas,

   Thanks.

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Running a Python application in the background

[Rich Shepard]

On Thu, 23 Feb 2017, Galen Seitz wrote:

> Traditionally this was done using nohup, but screen is probably a better
> choice.

Galen,

   I saw a reference to nohup but didn't pursue i. I forgot about screen.

Thanks,

Rich
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

Re: [PLUG] Running a Python application in the background

[King Beowulf]

On 02/23/2017 08:16 PM, Thomas Groman wrote:
> If your going to learn a new terminal multiplexer; make it TMUX. TMUX is
> like screen but is a little more featured, less conflicting key
> sequences, multi-user support, and more actively developed.
> 

This must be one of them there "alternative facts"

Screen stable tag v4.5.0 2016-12-07
http://git.savannah.gnu.org/cgit/screen.git

Tmux v2.3 Sep 29, 2016
https://github.com/tmux/tmux/releases

Tmux and Screen have very similar functionality and most differences are
a matter of subjective taste. See each FAQ. Kind of like the hoopla over
what the best editor is!

-Ed
___
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug