Ssh: Difference between revisions
From DWIKI
m (→chrooted sftp) |
m (→FAQ) |
||
| Line 70: | Line 70: | ||
ssh -L 1234:192.168.100.2:80 remotehost | ssh -L 1234:192.168.100.2:80 remotehost | ||
And then connect to localhost:1234 | And then connect to localhost:1234 | ||
==Unable to negotiate with 192.168.100.4 port 22: no matching cipher found.== | |||
passing old cipher, like -o arcfour?? | |||
==rsync only as root== | ==rsync only as root== | ||
Revision as of 09:40, 6 September 2018
FAQ
remember key passphrase
ssh-agent bash ssh-add ~/.ssh/id_rsa
root access from single host
Match Address 192.168.1.100
PermitRootLogin yes
multihop tunnel
ssh -A -t -l user jump-host \ -L 8080:localhost:8080 \ ssh -A -t -l user webserver.dmz \ -L 8080:localhost:8080
SSH tunnel with putty
ttps://www.skyverge.com/blog/how-to-set-up-an-ssh-tunnel-with-putty/
Failed publickey
- acccess rights?
14: No supported authentication methods available [preauth]
Putty not configured to look at correct private key?
chrooted sftp
Homedir as defined in /etc/passwd /home/someuser
chmod 755 /home/someuser
And then create writable dir for user:
mkdir /home/someuser/downloads chown someuser.someuser /home/someuser/downloads
Subsystem sftp internal-sftp
Per group:
/etc/ssh/sshd_config
Match Group sftponly ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no PermitTunnel no X11Forwarding no
#Remember this one to close Match block! Match all
Per user:
Match User username ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no PermitTunnel no X11Forwarding no #Remember this one to close Match block! Match all
The ChrootDirectory must be owned by root.root with permissons 755. If you want group based access rights, you can do that in subdirectories.
ssh tunnel
ssh -L 1234:192.168.100.2:80 remotehost
And then connect to localhost:1234
Unable to negotiate with 192.168.100.4 port 22: no matching cipher found.
passing old cipher, like -o arcfour??
