Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

OpenSSH Cryptography Tutorial

Up
vote
Down

An introduction to OpenSSH on Unix / Linux...
OpenSSH, an OpenBSD project, is an incredibly secure implementation of the SSH protocol, a way of logging into a remote machine. For users of outdated protocols such as RSH, rlogin, and Telnet, it's an updated, secure replacement. For those who have never used anything like it, SSH can become a very valuable tool.

SSH is usually used to access a remote machine's shell, although there are other uses, such as:
read more...
permapage | score:8151 | -Ray, October 16, 2006

Parallel SSH Sessions

Up
vote
Down

Centrally control multiple SSH sessions to multiple remote hosts simultaneously..
If you want to increase your productivity with SSH, you can try a tool that lets you run commands on more than one remote machine at the same time. Parallel ssh, Cluster SSH, and ClusterIt let you specify commands in a single terminal window and send them to a collection of remote machines where they can be executed.

Why you would need a utility like this when, using openSSH, you can create a file containing your commands and use a bash for loop to run it on a list of remote hosts, one at a time? One advantage of a parallel SSH utility is that commands can be run on several hosts at the same time.
read more...
mail this link | permapage | score:8127 | -Ray, November 11, 2008

Compiling OpenSSH on Ubuntu Server

Up
vote
Down

Find out how to compile OpenSSH on the latest version of Ubuntu, Ubuntu 7.04 Feisty Fawn Server, to get safely connected to your remote servers.
Installing the OpenSSH client and server on Ubuntu is as easy as typing "sudo apt-get install openssh" at a terminal prompt. However, this will install Portable OpenSSH version 4.3p2[-8ubuntu1]. Unfortunately for users, this version of Portable OpenSSH does not include the "Match" functionality added to the SSH server in version 4.4p1, that "allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met."
read more...
mail this link | permapage | score:8120 | -estride, May 31, 2007

SSHFS Tutorial: How to use the SSH filesystem

Up
vote
Down

This short and sweet article has the steps you need to set up and use sshfs.
SSHFS is a really nice piece of software, because it just makes your life just a bit easier. It can 'mount' a directory of a remote SSH server and you can use it as a normal directory.
read more...
permapage | score:8118 | -Ray, August 23, 2006 (Updated: March 24, 2007)

Tutorial: Set up chrooted SSH/SFTP

Up
vote
Down

This tutorial describes how to give users chrooted SSH and/or chrooted SFTP access on Debian Squeeze. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to restrict users to SFTP so that they cannot use SSH (this part is independent from the chroot part of this tutorial). read more...
permapage | score:8118 | -falko, September 6, 2011

sshpass: Automate ssh password authentication

Up
vote
Down

SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard.

Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in. read more...
permapage | score:8107 | -gg234, May 5, 2008

Restrict users to SCP and SFTP with Chrooted rssh on RHEL

Up
vote
Down

FTP is insecure protocol, but file-transfer is required all time. You can use OpenSSH Server to transfer file using SCP and SFTP (secure ftp) without setting up an FTP server. However, this feature also grants ssh shell access to a user.

In this article series we will help you provide secure restricted file-transfer services to your users without resorting to FTP. It also covers chroot jail setup instructions to lock down users to their own home directories (allow users to transfer files but not browse the entire Linux / UNIX file system of the server) as well as per user configurations. read more...
mail this link | permapage | score:8072 | -nixcraft, January 2, 2008

HPN-SSH: Multithreaded SSH

Up
vote
Down

This performance-enhanced SSH/SCP variant also dynamically allocates and sizes the receive buffers for substantial performance inprovement.
This cipher mode introduces multi-threading into the OpenSSH application in order to allow it to make full use of CPU resources available on multi-core systems. As the canonical distribution of OpenSSH is unable to make use of more than one core, high performance transfers can be bottlenecked by the cryptographic overhead.
read more...
permapage | score:8016 | -Ray, February 13, 2008

SSHerminator: Split screen terminal and SSH client

Up
vote
Down

SSHerminator is a terminal emulator based on Terminator, with extra SSH features.The aim of this project is not to provide a standard, general use Terminal emulator, but an emulator that provides as rich an experience as possible while using SSH (that can also be used as a standard terminal).SSHerminator is a semi-fork of Terminator. We sync up with the Terminator code as often as possible, to get the best Terminator features, but include our SSH hacks. read more...
permapage | score:7982 | -gg234, February 20, 2009

Tutorial: Set up RAID1 on a remote Linux system vis SSH

Up
vote
Down

RAID-1 allows to create an exact copy of the original drive. Thus, it results into the increased fault tolerance and easy data recovery option for single server. It is true that the best and easy way to setup a RAID 1 is during installation. But if you forget to setup RAID – 1 during installation or if you have added new hard disk after installation, then this how-to covers setting up a RAID-1 mirroring on a running remote Linux system over ssh session. read more...
permapage | score:7903 | -nixcraft, June 21, 2006

FreeBSD remote install over Linux via SSH

Up
vote
Down

From the not-intended-for-mass-usage dept., the depenguinator will let you turn your Linux box into a FreeBSD box remotely. Imagine the possibilities for insecure Linux systems turning into FreeBSD systems overnight, much to the surprise of the (original) owners...
Many computer systems around the world have been possessed by penguins; some have even been possessed by dead rats. In light of this, it is desireable to exorcize these evil spirits, and replace them with a nice, friendly daemon.

I've put together some code for building a FreeBSD disk image which will boot into memory, configure the network, set a root password, and enable SSH. This can be used to "depenguinate" a Linux box, without requiring any access beyond a network connection.
read more...
mail this link | permapage | score:7863 | -Ray, January 2, 2004

sshguard: Security for OpenSSH

Up
vote
Down

Stop dictionary attacks against OpenSSH with sshguard...
OpenSSH provides a secure alternative to clear-text logins used by first-generation network protocols like Telnet and FTP. But it's not enough simply to use SSH instead of Telnet -- you have to use it wisely. If you use weak passwords with SSH, a brute force dictionary attack will reveal your secrets as easily as if your password were sent in clear text.
read more...
permapage | score:7853 | -Ray, March 9, 2007

X11 and SSH

Up
vote
Down

Using ssh for encrypted file transfer, shell sessions, and random graphical applications...
Now because there is no difference between a remote program and a local program opening their windows on your screen other than the response time of your network connection, they don't look any different. They don't function any differently either, copy and paste work just fine, you just have to keep in mind that any file operations will be performed on the system where the process is running!

So when you launch that remote session of K3B, you are not only working with the files on that remote system, you're also using that remote system's CD/DVD drive.
read more...
mail this link | permapage | score:7835 | -Ray, March 4, 2011

Tutorial: SSH Port forwarding

Up
vote
Down

This guide will get you up and tunneling your sessions over encrypted network connections.
SSH stands for Secure SHell, and it works very similar to the other login programs (it's based on Rsh, actually) with one important difference - it encrypts the entire communication session. When you enter your login and password they are encrypted before being sent. Likewise, everything you type and everything that comes back to you is encrypted as long as you're within that SSH session. The concept is very similar to how the military scrambles their radio communications to keep them from being intercepted by the enemy.
[If you still have problems in forwarding sessions over encrypted tunnels after reading the guide in the [read more] link below, try alternate SSH tunneling tutorial. -Ed] read more...
mail this link | permapage | score:7770 | -BluNereid, March 18, 2001 (Updated: April 1, 2005)

Tutorial: SFTP chroot user jail with OpenSSH 5.x

Up
vote
Down

The OpenSSH 4.9-5.x updates now include built in jailing. It is still a little confusing, so I have written an update to my former 4.x tutorial.

This tutorial shows how to set up a safe chroot for your users. It offers chroot only and will deny all SSH access. It should only take about thirty minutes from start to finish including package download times if you don't already have them.

This method is safer because it doesn't allow the users access to any commands such as a compiler or the perl interpreter.
You will not need to install any extensive libraries or copy hundreds of files for functional use.

The user will be 'jailed' to any directory you choose which will mean that they will see "/home/username/" as just "/" disabling them from seeing your entire server or others users files while still using SECURE FTP. read more...
mail this link | permapage | score:7750 | -GO ILLINI, May 6, 2008

WiFi Hotspot Privacy with SSH Tunnelling

Up
vote
Down

Wish you had some privacy while working from a wireless hotspot?
The problem is that for it to be a good hotspot anyone needs to be able to use it. Now you are really “socializing” with the others around you since they can read your email, instant messaging and see what you are web browsing. To use SSH to protect your traffic you use the concept of port-forwarding. Use an encrypted SSH tunnel to a destination you reasonably trust and direct your activities through it. This encrypts your easy to read traffic over the exposed link of the wireless until it comes out of the SSH server and looks like normal traffic originating from there. Now our friends in the coffee shop cannot read our email, instant messaging or web pages
read more...
mail this link | permapage | score:7739 | -Ray, December 13, 2005

Tutorial: Chrooted SSH / SFTP

Up
vote
Down

Since version 4.8, OpenSSH supports chrooting, so no patches are needed anymore. This tutorial describes how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to use chrooted SFTP. read more...
permapage | score:7717 | -falko, March 21, 2009

Tutorial: SMTP over an SSH tunnel

Up
vote
Down

Make your email a little bit more private with the Secure Shell.
It is widely known that POP3 is a very insecure protocol, since it is a plain text protocol that transmits passwords and usernames with no protection. Anyone on a private network can quickly sniff packets and determine all the passwords used on the network. Although advances in POP3 authentication have surfaced (APOP, SSL, etc.) many servers still use the old plain text format.

SSH tunneling is the process of establishing a secure, encrypted tunnel between you and the mail host. This tunnel can be used for anything, but by using the Precommand feature of KMail, I will show you how to use a tunnel for POP3 and SMTP.
read more...
mail this link | permapage | score:7696 | -Ray, May 20, 2001 (Updated: June 8, 2003)

Tutorial: No password SSH login

Up
vote
Down

Open SSH is the most widely used SSH server on Linux. Using SSH, one can connect to a remote host and gain a shell access on it in a secure manner as all traffic is encrypted.

A neat feature of open SSH is to authenticate a user using a public/private key pair to log into the remote host. By doing so, you won't be prompted for the remote user's password.

This tutorial will describe how to create a SSH public/private key pair, how to enable key based authentication and finally how to disable password authentication. read more...
mail this link | permapage | score:7690 | -chantra, February 1, 2007

Use SSH via HTTP Proxy with Corkscrew

Up
vote
Down

If you want to ssh your vps server or your home computer from your work place (assuming you are using http proxy). You need to use Corkscrew. Corkscrew is a simple tool to tunnel TCP connections through an HTTP proxy supporting the CONNECT method. It reads stdin and writes to stdout during the connection, just like netcat. read more...
permapage | score:7690 | -gg234, December 29, 2008
More articles...
Abstract Art Online Gallery

Recent headlines

Linux Iptables Examples

Tutorial: Automatically add a disclaimer to emails with alterMIME (Postfix on Debian 6)

Tutorial: Install Debian 7 (testing) with debootstrap from a Grml live Linux

OpenBSD Tutorial: Configure Ralink USB Wireless Adapter

TuxOnIce: Hibernate Linux

Set up Oneiric PVHVM at Xen 4.1.2 Ubuntu 11.10 Dom0

Build a Mail Server on CentOS 6 with Postfix, Dovecot, PostgreSQL

LinSSID – Graphical wireless scanning for Linux

Tutorial: Running CS-Cart on Nginx on Debian 7/Ubuntu 13.04

Tutorial: Fedora 19 Samba server with tdbsam

Plasma Media Center 1.1 and digiKam 3.3

How to install Orange in Ubuntu 13.04

How to install Ajenti on Ubuntu 13.04 server

Installing Nginx, PHP5, PHP-FPM, MySQL on Debian 7

Tahoe Least-Authority File System for secure, distributed data storage

Hand of Thief trojan and your favorite Linux distribution

Reviewing Kali Linux - the distro for security geeks

Ubuntu is not a community distribution

Linpus Lite 1.9 review

Elementary OS 0.2 Luna review

Active Directory Integration with Centrify DirectControl Express on Ubuntu 11.10 (Oneiric)

OpenShift Online: a non-developer guide

Google Chromecast and the new Nexus 7

Nuvola Player: Enjoy all your Cloud music services from one interface

Giada – Audio tool for DJs, live performers and electronic musicians

PC-BSD 9.1 preview

Apache2, mod_rewrite tutorial: Redirect requests by device

Pre-release Ubuntu 12.10 has partial support for manual LVM and disk encryption

Stella: RH/CentOS 6.3 based Desktop OS

Add Video Streaming to C/C++ apps with Nex Gen Media Server API

Lynis: Security and system auditing tool

Tutorial: Ubuntu Jeos 12.04 LTS Spam Filter Gateway Server

The Coming HTML 5 Revolution in Linux

LEMP Tutorial: Install Nginx, PHP5, MySQL on Ubuntu 12.04 LTS

StartOS 6 GNOME 3 and KDE preview

Fedora 16 KDE review

Linux Mint Debian 201204 MATE/Cinnamon review

Tutorial: Replace Windows with Ubuntu 13.04

Debian 6, Squid, Kerberos/LDAP authentication, Active Directory integration, Cyfin Reporter

Upgrade Fedora 18 to 19 using fedora-upgrade or FedUp

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin