Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

SSHFS Tutorial: How to use the SSH filesystem

Up
vote
Down

This short and sweet article has the steps you need to set up and use sshfs.
SSHFS is a really nice piece of software, because it just makes your life just a bit easier. It can 'mount' a directory of a remote SSH server and you can use it as a normal directory.
read more...
permapage | score:8077 | -Ray, August 23, 2006 (Updated: March 24, 2007)

Opening SSH and HTTP ports with iptables

Up
vote
Down

How to use the command line to open ports on your iptables firewall under Linux.
I have to look this up from time to time, usually just after installing a new Linux system intended for use as a test server. There are GUI tools for configuring the firewall, but I usually leave the entire windowing system uninstalled.

By default, many Linux distributions will start up sshd and httpd, but you won’t be able to connect to them over the network, since the ports will be blocked by iptables. The examples below are for Red Hat or CentOS (which is basically Red Hat), and may vary slightly betweenl distributions.
read more...
mail this link | permapage | score:8039 | -Ray, January 9, 2006

Tutorial: SMTP over an SSH tunnel

Up
vote
Down

Make your email a little bit more private with the Secure Shell.
It is widely known that POP3 is a very insecure protocol, since it is a plain text protocol that transmits passwords and usernames with no protection. Anyone on a private network can quickly sniff packets and determine all the passwords used on the network. Although advances in POP3 authentication have surfaced (APOP, SSL, etc.) many servers still use the old plain text format.

SSH tunneling is the process of establishing a secure, encrypted tunnel between you and the mail host. This tunnel can be used for anything, but by using the Precommand feature of KMail, I will show you how to use a tunnel for POP3 and SMTP.
read more...
mail this link | permapage | score:8033 | -Ray, May 20, 2001 (Updated: June 8, 2003)

WiFi Hotspot Privacy with SSH Tunnelling

Up
vote
Down

Wish you had some privacy while working from a wireless hotspot?
The problem is that for it to be a good hotspot anyone needs to be able to use it. Now you are really “socializing” with the others around you since they can read your email, instant messaging and see what you are web browsing. To use SSH to protect your traffic you use the concept of port-forwarding. Use an encrypted SSH tunnel to a destination you reasonably trust and direct your activities through it. This encrypts your easy to read traffic over the exposed link of the wireless until it comes out of the SSH server and looks like normal traffic originating from there. Now our friends in the coffee shop cannot read our email, instant messaging or web pages
read more...
mail this link | permapage | score:8029 | -Ray, December 13, 2005

Restrict users to SCP and SFTP with Chrooted rssh on RHEL

Up
vote
Down

FTP is insecure protocol, but file-transfer is required all time. You can use OpenSSH Server to transfer file using SCP and SFTP (secure ftp) without setting up an FTP server. However, this feature also grants ssh shell access to a user.

In this article series we will help you provide secure restricted file-transfer services to your users without resorting to FTP. It also covers chroot jail setup instructions to lock down users to their own home directories (allow users to transfer files but not browse the entire Linux / UNIX file system of the server) as well as per user configurations. read more...
mail this link | permapage | score:8005 | -nixcraft, January 2, 2008

Tutorial: Mount remote directories with SSHFS on Ubuntu 11.10

Up
vote
Down

This tutorial explains how you can mount a directory from a remote server on the local server securely using SSHFS. SSHFS (Secure SHell FileSystem) is a filesystem that serves files/directories securely over SSH, and local users can use them just as if the were local files/directories. On the local computer, the remote share is mounted via FUSE (Filesystem in Userspace). I will use Ubuntu 11.10 for both the local and the remote server. read more...
permapage | score:7994 | -falko, December 6, 2011

FreeBSD remote install over Linux via SSH

Up
vote
Down

From the not-intended-for-mass-usage dept., the depenguinator will let you turn your Linux box into a FreeBSD box remotely. Imagine the possibilities for insecure Linux systems turning into FreeBSD systems overnight, much to the surprise of the (original) owners...
Many computer systems around the world have been possessed by penguins; some have even been possessed by dead rats. In light of this, it is desireable to exorcize these evil spirits, and replace them with a nice, friendly daemon.

I've put together some code for building a FreeBSD disk image which will boot into memory, configure the network, set a root password, and enable SSH. This can be used to "depenguinate" a Linux box, without requiring any access beyond a network connection.
read more...
mail this link | permapage | score:7990 | -Ray, January 2, 2004

Compiling OpenSSH on Ubuntu Server

Up
vote
Down

Find out how to compile OpenSSH on the latest version of Ubuntu, Ubuntu 7.04 Feisty Fawn Server, to get safely connected to your remote servers.
Installing the OpenSSH client and server on Ubuntu is as easy as typing "sudo apt-get install openssh" at a terminal prompt. However, this will install Portable OpenSSH version 4.3p2[-8ubuntu1]. Unfortunately for users, this version of Portable OpenSSH does not include the "Match" functionality added to the SSH server in version 4.4p1, that "allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met."
read more...
mail this link | permapage | score:7979 | -estride, May 31, 2007

sshguard: Security for OpenSSH

Up
vote
Down

Stop dictionary attacks against OpenSSH with sshguard...
OpenSSH provides a secure alternative to clear-text logins used by first-generation network protocols like Telnet and FTP. But it's not enough simply to use SSH instead of Telnet -- you have to use it wisely. If you use weak passwords with SSH, a brute force dictionary attack will reveal your secrets as easily as if your password were sent in clear text.
read more...
permapage | score:7932 | -Ray, March 9, 2007

sshpass: Automate ssh password authentication

Up
vote
Down

SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard.

Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in. read more...
permapage | score:7922 | -gg234, May 5, 2008

Tutorial: Chroot SSH/SFTP on Debian

Up
vote
Down

This tutorial describes two ways how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. The users will also be able to use SFTP in their chroot jails. read more...
permapage | score:7911 | -falko, September 9, 2007

SSH as a SOCKS proxy

Up
vote
Down

Yet another sweet ability of OpenSSH...
The -D arg tells OpenSSH to be a SOCKS proxy. So you simply log in to the endpoint via SSH with the -D arg like:

ssh -D 1234 user@host.example.com

And then tell your web browser to use a SOCKS v5 proxy on localhost at the specified port and bingo, you have a secure connection to your endpoint.
read more...
permapage | score:7838 | -Ray, January 23, 2009

Secure your VNC connection with SSH

Up
vote
Down

VNC stands for Virtual Network Computing. It is remote control software which allows you to view and fully interact with one computer desktop using a VNC viewer on another computer desktop anywhere on the LAN or Internet. The two computers don't even have to be the same type, so for example you can use VNC to view a Windows XP desktop at the office on a Linux or Mac computer at home.

Once you are connected, traffic between the viewer and the server is unencrypted, and could be sniffed by someone with access to the intervening network. Is security imported to you, we recommend tunneling the VNC protocol through some more secure channel such as SSH. This workshop describes how to connect from a Windows XP client to a Linux (OpenSuse 10.3) server via VNC and to tunnel this connection using SSH. read more...
mail this link | permapage | score:7767 | -fn-eagle, December 12, 2007

Tutorial: SSH Port forwarding

Up
vote
Down

This guide will get you up and tunneling your sessions over encrypted network connections.
SSH stands for Secure SHell, and it works very similar to the other login programs (it's based on Rsh, actually) with one important difference - it encrypts the entire communication session. When you enter your login and password they are encrypted before being sent. Likewise, everything you type and everything that comes back to you is encrypted as long as you're within that SSH session. The concept is very similar to how the military scrambles their radio communications to keep them from being intercepted by the enemy.
[If you still have problems in forwarding sessions over encrypted tunnels after reading the guide in the [read more] link below, try alternate SSH tunneling tutorial. -Ed] read more...
mail this link | permapage | score:7765 | -BluNereid, March 18, 2001 (Updated: April 1, 2005)

Tutorial: Ultimate OpenSSH / Keychain Howto

Up
vote
Down

The fundamentals, starting with installation.
All right, so maybe this isn't quite the ultimate. But this howto will show you the fundamental ways to use OpenSSH; how to generate public/private key pairs and strong passphrases, and how to use the wonderful Keychain utility to automate your SSH logins. This is exceptionally handy when you log in and out frequently, and don't want to keep entering your passphrase.
read more...
permapage | score:7759 | -Ray, March 4, 2005

Secure SSH with WiKID two factor authentication

Up
vote
Down

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit. For example:

  • There is no way to control which users have public key authorization
  • There is no way to enforce passphrase complexity (or even be sure that one is being used)
  • There is no way to expire a public key
In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution.

read more...
mail this link | permapage | score:7753 | -nowen, April 30, 2007

Tutorial: Disable SSH, use scponly for file transfer (Debian 6)

Up
vote
Down

scponly is an alternate shell that restricts users to SCP and SFTP logins, but disallows SSH logins. It is a wrapper to the OpenSSH suite of applications. With the help of scponly, you can allow your users to use clients such as WinSCP or FileZilla to upload/download files, but you refuse SSH logins (e.g. with PuTTY) so that your users cannot execute files/programs. This tutorial shows how to install and use scponly on Debian Squeeze. read more...
permapage | score:7741 | -falko, August 24, 2011

Restricting SSH commands

Up
vote
Down

Automate rsync backups without opening everything else...
SSH is a powerful tool. When combined with ssh keys, it becomes easy to automate remote procedures like backups. However leaving key access wide open can be a bad idea. It is possible to use restrict ssh keys to specific commands, even comming from specific hosts. There is this nice little perl script called Authprogs that makes this somewhat easier. Ill show you how to use authprogs for an automated rsync over ssh.
read more...
mail this link | permapage | score:7741 | -Ray, February 14, 2008

Tutorial: Mount remote directories with SSHFS (Debian 6)

Up
vote
Down

This tutorial explains how you can mount a directory from a remote server on the local server securely using SSHFS. SSHFS (Secure SHell FileSystem) is a filesystem that serves files/directories securely over SSH, and local users can use them just as if the were local files/directories. On the local computer, the remote share is mounted via FUSE (Filesystem in Userspace). I will use Debian Squeeze for both the local and the remote server. read more...
permapage | score:7715 | -falko, September 22, 2011

SSHFS: Securely Mount Remote Filesystem in RHEL

Up
vote
Down

It is possible to mount your remote filesystem as a local filesystem on your Red hat/CentOS Linux system using sshfs.

FUSE is a Linux kernel module also available for FreeBSD, OpenSolaris and Mac OS X that allows non-privileged users to create their own file systems without the need to write any kernel code. SSHFS command utilizes FUSE to mount a file system using ssh.

This tutorial will describe installing FUSE, and using sshfs to mount your remote filesystem as a local mount point on your Linux system. read more...
mail this link | permapage | score:7700 | -nixcraft, May 10, 2007
More articles...
Abstract Art on Acrylic Panels

Selected articles

Missing the point of the Mac Mini

No, RMS, Linux is not GNU/Linux

The short life and hard times of a Linux virus

The Network Computer: An opportunity for Linux

Linux dominates Windows

Mono-culture and the .NETwork effect

Space Tyrant: A threaded game server project in C

Tutorial: Introduction to Linux files

Closed Source Linux Distribution Launched

Graffiti Server Download Page

Librenix T-Shirts and Coffee Mugs!

Why software sucks

Space Tyrant: A threaded C game project: First Code

Beneficial Computer Viruses

Why Programmers are not Software Engineers

The life cycle of a programmer

Apple to Intel move no threat to Linux

VPS: Xen vs. OpenVZ

Microsoft to push unlicensed users to Linux

The Supreme Court is wrong on Copyright Case

Programming Language Tradeoffs: 3GL vs 4GL

How to install Ubuntu Linux on the decTOP SFF computer

Apple DIY Repair

Shadow.sh: A simple directory shadowing script for Linux

Linux vs. Windows: Why Linux will win

Space Tyrant: A multiplayer network game for Linux

The Real Microsoft Monopoly

MiniLesson: An introduction to Linux in ten commands

Space Tyrant: Multithreading lessons learned on SMP hardware

Scripting: A parallel Linux backup script

Download: Linux 3D Client for Starship Traders

Testing the Digital Ocean $5 Cloud Servers with an MMORPG

Hacker Haiku

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin