openssh-5.1p1 client and server package
openssh-5.1p1 client and server package
Hello,
enclosed are two openssh packages. The client (including ssh-agent _AND_ ssh-add) and the server packages.
The server depends on the installed client.
openssh-server will create RSA1, (for protocol1) RSA and DSA host-keys if needed and starts the sshd directly via the control-script /etc/rc.d/rc.sshd. There is also a symbolic link from /etc/init.d to start sshd after bootup.
compiled on nop-400 with devx_400.sfs. Should work on dingo.
Deinstallation will leave /etc/ssh/ssh_host.* keyfiles, cause the hostkey never changes.
Feedback would be appreciated. Works for me.
regards Sven
enclosed are two openssh packages. The client (including ssh-agent _AND_ ssh-add) and the server packages.
The server depends on the installed client.
openssh-server will create RSA1, (for protocol1) RSA and DSA host-keys if needed and starts the sshd directly via the control-script /etc/rc.d/rc.sshd. There is also a symbolic link from /etc/init.d to start sshd after bootup.
compiled on nop-400 with devx_400.sfs. Should work on dingo.
Deinstallation will leave /etc/ssh/ssh_host.* keyfiles, cause the hostkey never changes.
Feedback would be appreciated. Works for me.
regards Sven
Works on 4.2 as well :-)
I clicked on the download link for the client and installed using petget. Then I clicked on the download link for the server and intalled using petget. Finally, I opened a console window and ran:
/etc/rc.d/rc.sshd start
That's all it took to install and run a SSH deamon on my Puppy 4.2
Now I access my Puppy remotely from my Debian laptop, simply by opening a console window in Debian and typing
ssh puppypc
Thanks for your good work, Sven !
/etc/rc.d/rc.sshd start
That's all it took to install and run a SSH deamon on my Puppy 4.2
Now I access my Puppy remotely from my Debian laptop, simply by opening a console window in Debian and typing
ssh puppypc
Thanks for your good work, Sven !
using ssh via script without password?
Anyone know how to :
using ssh via script without password?
I want to restart my thin client remotely using ssh
Tx
using ssh via script without password?
I want to restart my thin client remotely using ssh
Tx
-
- Posts: 452
- Joined: Thu 20 Mar 2008, 01:48
X11 forwarding doesn't work
Thanks Sven, I've just installed the sshd server and it works dandy in Precise 5.7.1, with one exception. X11 forwarding (using graphical applications over SSH) doesn't work out of the box even though all relevant options are correctly set.
I had installed xauth 1.0.6-1 from the Ubuntu Precise repositories, but sshd still complained about missing xauth. Inspired by this lifesaving post, I looked into sshd:
Apparently sshd expects xauth in /usr/X11R7/bin/. As suggested in the post, I symlinked the existing /usr/bin/xauth to /usr/X11R7/bin/xauth:
Lo and behold, X11 forwarding now works just great.
I had installed xauth 1.0.6-1 from the Ubuntu Precise repositories, but sshd still complained about missing xauth. Inspired by this lifesaving post, I looked into sshd:
Code: Select all
# strings /usr/sbin/sshd|grep xauth
/usr/X11R7/bin/xauth
xauthlocation
maxauthtries
No xauth program; cannot forward with spoofing.
Code: Select all
ln -s /usr/bin/xauth /usr/X11R7/bin/xauth
ssh5.9_p1 from Ubuntu Precise Main works too
In a second attempt and after some tweaking, I seem to have succeeded in getting the sshd server from the Ubuntu repositories up and running.
- Install the ssh_5.9p1 metapackage from the Ubuntu Precise Main repository. openssh-server_5.9p1 which is a part of the above metapackage might be sufficient too.
- Proceed as described here to get rid of the Privilege separation user sshd does not exist error.
- Comment out UsePAM yes in /etc/sshd.config (or else get the PAM configuration right, I didn't bother trying for now).
- If you want the server daemon to run on startup, comment out 3 lines below # The init.d script is only for chroots in /etc/init.d/ssh.
- Enjoy.
SSH key pairs and faster SSH login
Just thought this might be useful:
SSH lets you login to other people computers (remote server) from your own (local client) PC, if you and they are running SSH. You login as one of the users on the remote system, giving the username and remote URL in the ssh command:
SSH will ask you for the password of the user on that system, when you attempt to login.
However, SSH has its own, better way of authenticating your login - called 'SSH key pairs' or 'SSH keys'.
They're better than just giving the user login details of the user on the remote machine. Why? More secure - SSH keys come in two flavours, DSA and RSA - the RSA keys are even more secure.
Why more convenient? Well, when working with git or logging in & out of a server frequently for any reason, you don't want to give a password every time!
After adding your public SSH key to a server, you can run a simple command on your local PC, so that you no longer need to provide your login details, until you logout (or close your terminal emulator window!).
Don't worry..
It's not that complicated - don't be fooled by long winded blogs about it (like I was).
Summary steps (details follow after):
1. Create an SSH key ( this makes 2 files, a private 'id_rsa' and a public 'id_rsa.pub' )
2. Add the public key to the file ~/.ssh/authorized_keys on the server.
3. Add your key to SSH-agent (on your local system).
4. Then, login to remote system using SSH, it will ask for your SSH key.
It's so simple to setup SSH keys, and I can boil down the heaps of stuff I had to read into a few simple commands:
Details of how to make it work:
1.: on CLIENT (your local PC), set up the RSA keys, choose a 'passphrase' for your key:
2.: Then, on the CLIENT, add your key to authorized list (stored on the server):
3.: Then login to SERVER from CLIENT, via ssh, give passphrase created in step 1 when asked:
4.: then logout again, and on CLIENT, start ssh-agent and add your SSH key to the session:
Then, re-login to server, as in step 3, give your key, logout, re-login, and finally, you should be able to login via SSH without giving the users password, or your passphrase.
Done.
To test further, I then created new user on my server, to try it all again, logging into a different *nix user on the server.
I added my SSH key to the new users ~/.ssh/authorized_keys file, but it wouldn't work! I had to enter the users passsword, not my SSH passphrase, each time.
I tried other users on the server... same problem..
It was a permission thing...
For any user on my server not allowing login using SSH keys, I could fix it by logging in as that user on the server using ssh, then run these commands:
..as it was my server, i could do the su root thing.
Lastly, logout and, on the CLIENT, do the following to login using your SSH key:
SSH lets you login to other people computers (remote server) from your own (local client) PC, if you and they are running SSH. You login as one of the users on the remote system, giving the username and remote URL in the ssh command:
Code: Select all
ssh user@domain.com
However, SSH has its own, better way of authenticating your login - called 'SSH key pairs' or 'SSH keys'.
They're better than just giving the user login details of the user on the remote machine. Why? More secure - SSH keys come in two flavours, DSA and RSA - the RSA keys are even more secure.
Why more convenient? Well, when working with git or logging in & out of a server frequently for any reason, you don't want to give a password every time!
After adding your public SSH key to a server, you can run a simple command on your local PC, so that you no longer need to provide your login details, until you logout (or close your terminal emulator window!).
Don't worry..
It's not that complicated - don't be fooled by long winded blogs about it (like I was).
Summary steps (details follow after):
1. Create an SSH key ( this makes 2 files, a private 'id_rsa' and a public 'id_rsa.pub' )
2. Add the public key to the file ~/.ssh/authorized_keys on the server.
3. Add your key to SSH-agent (on your local system).
4. Then, login to remote system using SSH, it will ask for your SSH key.
It's so simple to setup SSH keys, and I can boil down the heaps of stuff I had to read into a few simple commands:
Details of how to make it work:
1.: on CLIENT (your local PC), set up the RSA keys, choose a 'passphrase' for your key:
Code: Select all
ssh-keygen -t rsa
Code: Select all
cat ~/.ssh/id_rsa.pub | ssh -p <port> <username>@<host_ip> 'cat - >> ~/.ssh/authorized_keys'
Code: Select all
ssh -p <port> user@host_ip
Code: Select all
eval `ssh-agent -s`; ssh-add ~/.ssh/id_rsa
Code: Select all
ssh -p <port> user@host_ip
To test further, I then created new user on my server, to try it all again, logging into a different *nix user on the server.
I added my SSH key to the new users ~/.ssh/authorized_keys file, but it wouldn't work! I had to enter the users passsword, not my SSH passphrase, each time.
I tried other users on the server... same problem..
It was a permission thing...
For any user on my server not allowing login using SSH keys, I could fix it by logging in as that user on the server using ssh, then run these commands:
Code: Select all
chmod 700 ~/.ssh
chmod 600 ~/.ssh/*
su root
chown -R user:user .ssh
..as it was my server, i could do the su root thing.
Lastly, logout and, on the CLIENT, do the following to login using your SSH key:
Code: Select all
eval `ssh-agent -s`
ssh-add ~/.ssh/id_rsa
ssh -p <port> example.com
Last edited by sc0ttman on Tue 17 Sep 2013, 21:12, edited 5 times in total.
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]
Shorter SSH commands
Also useful, maybe:
Here is a good post about shortening commands typed into SSH and Git, using the SSH config file: https://coderwall.com/p/vznqwq
You might want to, and sometimes might need to, create shorter or different URLs than the ones you want to SSH into.
For example, maybe the server you want to login to, is something like this:
longuser@this.domain-is-too-long.com:1234
So the ssh command is (at least):
You don't want to type that all the time, or maybe Git is telling you the URL is malformed, cos of the custom SSH port..
So, in your ~/.ssh/config file, you can put:
Then, to login through ssh, you need only type:
Another example, from the post above, with Github.com:
SSH URL:
So, I add an ~/.ssh/config entry like this:
Now the Git command is much shorter than before:
Here is a good post about shortening commands typed into SSH and Git, using the SSH config file: https://coderwall.com/p/vznqwq
You might want to, and sometimes might need to, create shorter or different URLs than the ones you want to SSH into.
For example, maybe the server you want to login to, is something like this:
longuser@this.domain-is-too-long.com:1234
So the ssh command is (at least):
Code: Select all
ssh -p 1234 longuser@this.domain-is-too-long.com
So, in your ~/.ssh/config file, you can put:
Code: Select all
Host newname
HostName this.domain-is-too-long.com
User longuser
Port 1234
Code: Select all
ssh newname
SSH URL:
Code: Select all
git@github.com:tfnico/guava-examples.git
Code: Select all
Host hub
HostName github.com
User git
Code: Select all
git clone hub:tfnico/guava-examples
Last edited by sc0ttman on Tue 17 Sep 2013, 08:22, edited 1 time in total.
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]
Also, see here for stuff about X11 forwarding, and x2x, which lets you take control of the servers keyboard/mouse: http://murga-linux.com/puppy/viewtopic.php?t=88675
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]
Thanks
Great writeup, many thanks sc0ttman! I was going to look into using keys instead of passwords, and you have made it a lot easier for me. One command that hasn't worked for me was the one in Step 2:
I had to replace it with this:
(-p port number is only required if connecting to a different port than the standard 22)
The reason is explained here, the gist being that scp does not read data from stdin.
The shortening stuff and the potential permissions problems are good to know about, too, thanks! I take it from your description that bringing in ssh-agent to avoid entering the pass phrase on every login is probably more trouble than it's worth for occasional use (e.g. for remote control). In scenarios with frequent logins that's obviously different.
Code: Select all
cat ~/.ssh/id_rsa.pub | scp user@host_ip 'cat - >> ~/.ssh/authorized_keys'
Code: Select all
cat ~/.ssh/id_rsa.pub | ssh -p <port number> <username>@<host_ip> 'cat - >> ~/.ssh/authorized_keys'
The reason is explained here, the gist being that scp does not read data from stdin.
The shortening stuff and the potential permissions problems are good to know about, too, thanks! I take it from your description that bringing in ssh-agent to avoid entering the pass phrase on every login is probably more trouble than it's worth for occasional use (e.g. for remote control). In scenarios with frequent logins that's obviously different.
Re: Thanks
You're welcome.. And whoops! Yep, you're right, well spotted.. I will update the post. Thanks.Endre wrote:Great writeup, many thanks sc0ttman! I was going to look into using keys instead of passwords, and you have made it a lot easier for me. One command that hasn't worked for me was the one in Step 2:I had to replace it with this:Code: Select all
cat ~/.ssh/id_rsa.pub | scp user@host_ip 'cat - >> ~/.ssh/authorized_keys'
Code: Select all
cat ~/.ssh/id_rsa.pub | ssh -p <port number> <username>@<host_ip> 'cat - >> ~/.ssh/authorized_keys'
I should note also, once you added your key to the server, it won't ever need to be done again... In order to re-enable the auto login after reboot, you would only need to run step 4 again, then login over ssh..
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]