ssh


Prevent SSH host key checking and known_hosts entries

Just add these options to your SSH command: -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no  Example: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@192.168.16.17 You can also add these lines to your /etc/ssh/ssh_config to make it global: UserKnownHostsFile=/dev/null StrictHostKeyChecking=no


Setting up a transparent proxy for VPN via SSH using sshuttle

I found this tool and it's quite useful if you need to run VPN via SSH on Linux or Mac OS. You can download the tool from here via git or as a zip file. git clone https://github.com/apenwarr/sshuttle.git Then go to your sshuttle folder and start your proxy like this: ./sshuttle –dns -vvr <user>@<host> 0/0 <user> and […]


Passing your password to ssh using sshpass

A quick note before starting: passing passwords in plaintext is highly discouraged for security reasons!! If you need to, be sure to secure your script! Installation on Debian: apt-get install sshpass Login to a ssh server example.net with user tester and password 12345: sshpass -p '12345' ssh tester@example.net This also works with rync (but consider SSH […]


Creating a GIT repository and clone it via SSH

On your git server (in this example named test01), just create a folder /git which will contain the git repositories in this example and follow these steps: root@test01:/git# mkdir myrepo root@test01:/git# cd myrepo/ root@test01:/git/myrepo# git init-db Initialized empty Git repository in /home/git/myrepo/.git/ root@test01:/git/myrepo# cd .. root@test01:/git# git clone –bare myrepo myrepo.git Cloning into bare repository myrepo.git… done. […]


Converting PPK files for use with OpenSSH on Linux

To convert the PPK files, you need the package putty-tools. On a Debian or Ubuntu you can install this package simply with: apt-get install putty-tools   The actual conversion is done using the command puttygen.   Creation of the public key: puttygen key.ppk -o id_rsa.pub -O public-openssh Creation of the private key: puttygen key.ppk -o […]


Creating incremental backups with rsnapshot

Some important information at the beginning about rsnapshot: rsnapshot is not creating a full backup every time, it's creating incremental backups to save space. Therefore rsnapshot is using hard links and creating a folder structure containing daily.0, daily.1, weekly.0, weekly.1, etc. You can install the needed packages on Debian by executing as root: apt-get install rsync rsnapshot On […]


Secure SSH access via hosts.deny

You can use the two files /etc/hosts.allow and /etc/hosts.deny to control the ssh access to your linux box in a very simple way – without restarting services, etc. You just start your line using ALL: (really block all requests) or ALL EXCEPT (block all requests except these). Here we're blocking everything from IP 123.123.123.123 from the network range 124.124.124.0/24 and […]


SFTP Server with chroot on Debian

On Debian Etch, if you want to have a chroot'ed environment, a simple way to implement this is using mySecureShell. First we need to install some dependancies: apt-get install libssl0.9.7 ssh openssh-server   Then we install mySecureShell itself: wget https://www.devops.zone/wp-content/uploads/attachments/mysecureshell_0.95_i386.deb dpkg -i mysecureshell_0.95_i386.deb Now, to activate the new shell for a user, to have to modify the […]