Hello all,
I have a bit of trouble working a passwordless SSH from UNIX to Cygwin running windows 2k3. Here are some details. I AM able to SSH from the Windows box to the UNIX box using the keys. Also, I'm able to SSH from UNIX to Windows w/o the keys. However, when I try to do it with the keys... (9 Replies)
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Hi everybody,
I need some help on writing a script that is able to remote copy file to one server. I already created this types of scripts, and works ok as long as this server I want to copy from is access through telnet. Here is how I do it:
ftp -n xxx.xxx.xxx.xxx << _EOF_
user user_name... (6 Replies)
hello,
iam able to ssh to a linux server from a linux server called "machine1" using the private/public key method, so I dont need to enter any password when I run my script but iam not able to ssh from machine1 to a UNIX server, access is denied.
note that I am using an application id which is... (6 Replies)
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Hi,
please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
Hi,
What tool is used to generate public and private keys for SCP?
Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP?
Thanks, (9 Replies)
Hi All,
I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" )
and its solving my purpose. This is in... (1 Reply)
Hi,
we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have?
encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv
decrypt -a arcfour -k privatekey.asc... (2 Replies)
I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies
LEARN ABOUT DEBIAN
dropbear
dropbear(8) System Manager's Manual dropbear(8)NAME
dropbear - lightweight SSH2 server
SYNOPSIS
dropbear [-FEmwsgjki] [-b banner] [-d dsskey] [-r rsakey] [-p [address:]port]
DESCRIPTION
dropbear is a SSH 2 server designed to be small enough to be used in small memory environments, while still being functional and secure
enough for general use.
OPTIONS -b banner
bannerfile. Display the contents of the file banner before user login (default: none).
-d dsskey
dsskeyfile. Use the contents of the file dsskey for the DSS host key (default: /etc/dropbear/dropbear_dss_host_key). Note that
some SSH implementations use the term "DSA" rather than "DSS", they mean the same thing. This file is generated with dropbear-
key(8).
-r rsakey
rsakeyfile. Use the contents of the file rsakey for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key). This file is
generated with dropbearkey(8).
-F Don't fork into background.
-E Log to standard error rather than syslog.
-m Don't display the message of the day on login.
-w Disallow root logins.
-s Disable password logins.
-g Disable password logins for root.
-j Disable local port forwarding.
-k Disable remote port forwarding.
-p [address:]port
Listen on specified address and TCP port. If just a port is given listen on all addresses. up to 10 can be specified (default 22
if none specified).
-i Service program mode. Use this option to run dropbear under TCP/IP servers like inetd, tcpsvd, or tcpserver. In program mode the
-F option is implied, and -p options are ignored.
-P pidfile
Specify a pidfile to create when running as a daemon. If not specified, the default is /var/run/dropbear.pid
-a Allow remote hosts to connect to forwarded ports.
-W windowsize
Specify the per-channel receive window buffer size. Increasing this may improve network performance at the expense of memory use.
Use -h to see the default buffer size.
-K timeout_seconds
Ensure that traffic is transmitted at a certain interval in seconds. This is useful for working around firewalls or routers that
drop connections after a certain period of inactivity. The trade-off is that a session may be closed if there is a temporary lapse
of network connectivity. A setting if 0 disables keepalives.
-I idle_timeout
Disconnect the session if no traffic is transmitted or received for idle_timeout seconds.
FILES
Authorized Keys
~/.ssh/authorized_keys can be set up to allow remote login with a RSA or DSS key. Each line is of the form
[restrictions] ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIgAsp... [comment]
and can be extracted from a Dropbear private host key with "dropbearkey -y". This is the same format as used by OpenSSH, though the
restrictions are a subset (keys with unknown restrictions are ignored). Restrictions are comma separated, with double quotes around
spaces in arguments. Available restrictions are:
no-port-forwarding
Don't allow port forwarding for this connection
no-agent-forwarding
Don't allow agent forwarding for this connection
no-X11-forwarding
Don't allow X11 forwarding for this connection
no-pty Disable PTY allocation. Note that a user can still obtain most of the same functionality with other means even if no-pty is set.
command="forced_command"
Disregard the command provided by the user and always run forced_command.
The authorized_keys file and its containing ~/.ssh directory must only be writable by the user, otherwise Dropbear will not allow a
login using public key authentication.
Host Key Files
Host key files are read at startup from a standard location, by default /etc/dropbear/dropbear_dss_host_key and /etc/dropbear/drop-
bear_rsa_host_key or specified on the commandline with -d or -r. These are of the form generated by dropbearkey.
Message Of The Day
By default the file /etc/motd will be printed for any login shell (unless disabled at compile-time). This can also be disabled per-
user by creating a file ~/.hushlogin .
ENVIRONMENT VARIABLES
Dropbear sets the standard variables USER, LOGNAME, HOME, SHELL, PATH, and TERM.
The variables below are set for sessions as appropriate.
SSH_TTY
This is set to the allocated TTY if a PTY was used.
SSH_CONNECTION
Contains "<remote_ip> <remote_port> <local_ip> <local_port>".
DISPLAY
Set X11 forwarding is used.
SSH_ORIGINAL_COMMAND
If a 'command=' authorized_keys option was used, the original command is specified in this variable. If a shell was requested this
is set to an empty value.
SSH_AUTH_SOCK
Set to a forwarded ssh-agent connection.
AUTHOR
Matt Johnston (matt@ucc.asn.au).
Gerrit Pape (pape@smarden.org) wrote this manual page.
SEE ALSO dropbearkey(8), dbclient(1)
http://matt.ucc.asn.au/dropbear/dropbear.html
dropbear(8)