ssh


Prevent SSH host key checking and known_hosts entries

Just add these options to your SSH command: -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no Example: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@192.168.16.17 You can also add these lines to your /etc/ssh/ssh_config to make it global: UserKnownHostsFile=/dev/null StrictHostKeyChecking=no


Setting up a transparent proxy for VPN via SSH using sshuttle

I found this tool and it's quite useful if you need to run VPN via SSH on Linux or Mac OS. You can download the tool from here via git or as a zip file. git clone https://github.com/apenwarr/sshuttle.git Then go to your sshuttle folder and start your proxy like this: ./sshuttle –dns -vvr <user>@<host> 0/0 <user> […]


Passing your password to ssh using sshpass

A quick note before starting: passing passwords in plaintext is highly discouraged for security reasons!! If you need to, be sure to secure your script! Installation on Debian: apt-get install sshpass Login to a ssh server example.net with user tester and password 12345: sshpass -p '12345' ssh tester@example.net This also works with rync (but consider SSH […]


Creating a GIT repository and clone it via SSH

On your git server (in this example named test01), just create a folder /git which will contain the git repositories in this example and follow these steps: root@test01:/git# mkdir myrepo root@test01:/git# cd myrepo/ root@test01>:/git/myrepo# git init-db Initialized empty Git repository in /home/git/myrepo/.git/ root@test01>:/git/myrepo# cd .. root@test01>:/git# git clone –bare myrepo myrepo.git Cloning into bare repository myrepo.git… done. […]


Converting PPK files for use with OpenSSH on Linux   Recently updated !

To convert the PPK files, you need this package apt-get install putty-tools The actual conversion is done using the command puttygen. Creation of the public key: puttygen key.ppk -o id_rsa.pub -O public-openssh Creation of the private key: puttygen key.ppk -o id_rsa -O private-openssh Now you copy both files id_rsa and id_rsa.pub in the corresponding user […]


Creating incremental backups with rsnapshot   Recently updated !

Some important information at the beginning about rsnapshot: rsnapshot is not creating a full backup every time, it's creating incremental backups to save space. Therefore rsnapshot is using hard links and creating a folder structure containing daily.0, daily.1, weekly.0, weekly.1, etc.


Secure SSH access via hosts.deny   Recently updated !

You can use the two files /etc/hosts.allow and /etc/hosts.deny to control the ssh access to your linux box in a very simple way – without restarting services, etc. You just start your line with ALL: (really block all requests) or ALL EXCEPT (block all requests except these). Here we're blocking everything from IP 123.123.123.123 from the network […]


Connecting to SSH via public keys   Recently updated !

A secure way to connect to distant servers without using a password all the time is connecting via public keys. On the source system we first need to create the key pairs using: ssh-keygen -t rsa Then we copy this key to the destination server that we would like to connect to (change username to […]