I'm trying to setup password less authentication to remote ssh server. I generated the public key and gave it to the vendor and The key is added in the remote machines authorized_keys file.
When I try to connect to a remote machine through SFTP username@host I am getting the error message
I am very new to Unix. We have a script that will remove files from a directory. The account removing the files has the same permissions as the directory the files are located. We have logged in as the account and deleted the files from that directory but when we run the script with the account... (7 Replies)
When I do a 'cd /appl' and issue 'ls -al' command, I get the following error for .. directory.
./..: Permission denied
But still I get a listing of other directories under /appl.
Also, if I give 'man' for any command under this /appl folder, I get the following error:
... (3 Replies)
Connecting to -> Ubuntu server running apache
Connecting from -> Mac OS X 10.4
As soon as I had created my 'dsa' and 'rsa' keys I sent them to be added to the 'authenticated whatever file' so I could connect.
The first time I tried it...
Asked for pasphrase
Connected to server
no prob
... (2 Replies)
Hello,
when I try to connect to a remote machine through SSH username@host I am getting the error message
Permission denied (publickey,password,keyboard-interactive).
Can any one tell me what is the problem. the key is added in the remote machines authorized_keys file. (5 Replies)
I get the following message when running ssh (with password authentication off) -
Permission denied (publickey,password,keyboard-interactive).
File permissions appear to be fine (700 for .ssh and 600 for files within it) any ideas or clues would be appreciated. (3 Replies)
Hello,
I am using Tiger 10.4.11
I am trying out the GIMP, so I installed the X11 package from "Optional Installs" on the cd.
Whenever I open X11, I get an error:
xterm: could not exec /dev/null: Permission denied
I have chmodded /dev/null to 777, as well as the /tmp directory.
I deleted... (2 Replies)
Hi,
I am changing the login authentication method from password to keyboard interactive for security purposes. I know this option is kind of add-on for ssh client programs; which explains the best info about option is in this link:
User Authentication with Keyboard-Interactive :eek:
One of... (4 Replies)
Hi Admins,
I am not able to login AIX 5.3 server using ssh
recieving below error
# ssh 10,.10.101.10
ksh: ssh: 0403-006 Execute permission denied.
below is sshd_config file
# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server... (4 Replies)
Hello all,
been writing a little inventory script (hpux 11.23, ksh Version 11/16/88) which takes our hostname from our inventory db and tests them with ssh connection.
I need to be able to differentiate a timeout (host not reachable on main net link could try adm prod back links) and a... (2 Replies)
Hello,
I am trying to stream lines written into file. When first source is down, I expect the code to swap to second line and run it.
Script below works as usual and it prints out each line of the input file (s.txt):
#!/bin/bash
while read -r line;
do
echo "$line"
done <"$1"
exit 0Output... (12 Replies)
Discussion started by: baris35
12 Replies
LEARN ABOUT DEBIAN
conch
CONCH(1) BSD General Commands Manual CONCH(1)NAME
conch -- Conch SSH client
SYNOPSIS
conch [-AaCfINnrsTtVvx] [-c cipher_spec] [-e escape_char] [-i identity_file] [-K connection_spec] [-L port:host:hostport] [-l user]
[-m mac_spec] [-o openssh_option] [-p port] [-R port:host:hostport] [user@] hostname [command]
DESCRIPTION
conch is a SSHv2 client for logging into a remote machine and executing commands. It provides encrypted and secure communications across a
possibly insecure network. Arbitrary TCP/IP ports can also be forwarded over the secure connection.
conch connects and logs into hostname (as user or the current username). The user must prove her/his identity through a public-key or a
password. Alternatively, if a connection is already open to a server, a new shell can be opened over the connection without having to reau-
thenticate.
If command is specified, command is executed instead of a shell. If the -s option is given, command is treated as an SSHv2 subsystem name.
Authentication
Conch supports the public-key, keyboard-interactive, and password authentications.
The public-key method allows the RSA or DSA algorithm to be used. The client uses his/her private key, $HOME/.ssh/id_rsa or
$HOME/.ssh/id_dsa to sign the session identifier, known only by the client and server. The server checks that the matching public key is
valid for the user, and that the signature is correct.
If public-key authentication fails, conch can authenticate by sending an encrypted password over the connection.
Connection sharing
conch has the ability to multiplex multiple shells, commands and TCP/IP ports over the same secure connection. To disable multiplexing for a
connection, use the -I flag.
The -K option determines how the client connects to the remote host. It is a comma-separated list of the methods to use, in order of prefer-
ence. The two connection methods are 'unix' (for connecting over a multiplexed connection) and 'direct' (to connect directly). To disable
connecting over a multiplexed connection, do not include 'unix' in the preference list.
As an example of how connection sharing works, to speed up CVS over SSH:
conch --noshell --fork -l cvs_user cvs_host
set CVS_RSH=conch
Now, when CVS connects to cvs_host as cvs_user, instead of making a new connection to the server, conch will add a new channel to the exist-
ing connection. This saves the cost of repeatedly negotiating the cryptography and authentication.
The options are as follows:
-A Enables authentication agent forwarding.
-a Disables authentication agent forwarding (default).
-C Enable compression.
-c cipher_spec
Selects encryption algorithms to be used for this connection, as a comma-separated list of ciphers in order of preference. The list
that conch supports is (in order of default preference): aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc,
cast128-ctr, cast128-cbc, blowfish-ctr, blowfish, idea-ctr, idea-cbc, 3des-ctr, 3des-cbc.
-e ch | ^ch | none
Sets the escape character for sessions with a PTY (default: '~'). The escape character is only recognized at the beginning of a line
(after a newline). The escape character followed by a dot ('.') closes the connection; followed by ^Z suspends the connection; and
followed by the escape character sends the escape character once. Setting the character to ``none'' disables any escapes.
-f Fork to background after authentication.
-I Do not allow connection sharing over this connection.
-i identity_spec
The file from which the identity (private key) for RSA or DSA authentication is read. The defaults are $HOME/.ssh/id_rsa and
$HOME/.ssh/id_dsa. It is possible to use this option more than once to use more than one private key.
-K connection_spec
Selects methods for connection to the server, as a comma-separated list of methods in order of preference. See Connection sharing
for more information.
-L port:host:hostport
Specifies that the given port on the client host is to be forwarded to the given host and port on the remote side. This allocates a
socket to listen to port on the local side, and when connections are made to that socket, they are forwarded over the secure channel
and a connection is made to host port hostport from the remote machine. Only root can forward privieged ports.
-l user
Log in using this username.
-m mac_spec
Selects MAC (message authentication code) algorithms, as a comma-separated list in order of preference. The list that conch supports
is (in order of preference): hmac-sha1, hmac-md5.
-N Do not execute a shell or command.
-n Redirect input from /dev/null.
-o openssh_option
Ignored OpenSSH options.
-p port
The port to connect to on the server.
-R port:host:hostport
Specifies that the given port on the remote host is to be forwarded to the given host and port on the local side. This allocates a
socket to listen to port on the remote side, and when connections are made to that socket, they are forwarded over the secure channel
and a connection is made to host port hostport from the client host. Only root can forward privieged ports.
-s Reconnect to the server if the connection is lost.
-s Invoke command (mandatory) as a SSHv2 subsystem.
-T Do not allocate a TTY.
-t Allocate a TTY even if command is given.
-V Display version number only.
-v Log to stderr.
-x Disable X11 connection forwarding (default).
AUTHOR
Written by Paul Swartz <z3p@twistedmatrix.com>.
REPORTING BUGS
To report a bug, visit http://twistedmatrix.com/bugs/
COPYRIGHT
Copyright (C) 2002-2008 Twisted Matrix Laboratories.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
SEE ALSO ssh(1)BSD May 22, 2004 BSD