Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Logging in to 100 server to test my account
Top Forums Shell Programming and Scripting Logging in to 100 server to test my account Post 302988989 by RudiC on Friday 6th of January 2017 04:13:43 AM
Old 01-06-2017
I have the same logging into a host with dynamically changing IP address:
Code:
The authenticity of host '[nn.nnn.nn.nnn]:22 ([nn.nn.nn.nnn]:22)' can't be established.
ECDSA key fingerprint is SHA256:fQRh1WeU0OYV0qK+nRdYKacsE5..............
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[nn.nnn.nn.nnn]:22' (ECDSA) to the list of known hosts.

The second+ logins to the same IP work without interaction, as the host key is known.

This is a scurity feature! Be very sure what you are doing when circumventing it with the StrictHostKeyChecking=no option!
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

logging to remote server

Hi, I want to log-in to a remote server using shell script. The server requires the following while allowing a connection: username password one - letter authorisation. How can i implement this in my script? thanks, abey (6 Replies)
Discussion started by: abey
6 Replies

2. Solaris

How to implement Centralized logging server

Hi, I have Sun One Application server installed on 2 Solaris servers. Currently I am getting their logs in relative server. I am using log4j for logging. Now I want to change this. I want such that I should get both S1AS's log on third server with log4j. How can I do that ? I got one idea... (0 Replies)
Discussion started by: neel.gurjar
0 Replies

3. UNIX for Advanced & Expert Users

execute a script on test server from dev server

I need to execute a script from dev server which is located on Test server.I can use ftp to connect to dev server and from there how can i execute a command on test server. Thanks (5 Replies)
Discussion started by: ukatru
5 Replies

4. UNIX for Advanced & Expert Users

How to update my account password on 100 unix server ?

Hi We have over 100 unix servers. They include linux,solaris,aix,hp and sgi. I use telnet for some and ssh for rest. Note: none of this server has expect which i can use to update.So i am looking for expert who can help me with their script or guide me write KSH script to automate this. Thank... (6 Replies)
Discussion started by: humaurtum
6 Replies

5. Shell Programming and Scripting

logging into another server through script

Hello everybody, I have one small issue... :( When i'm trying to connect another unix box through below script.. #!/usr/bin/bash ssh $1 <<EOF Commands . . exit EOF But getting some syntax error "-sh: syntax error at line 2: `end of file' unexpected". I used to use... (2 Replies)
Discussion started by: raghu.iv85
2 Replies

6. Shell Programming and Scripting

logging into server and excute commands

hi all, I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server. for eg : I tried with below script ,but cant get the desired o/p. please help with this for i in `cat serverlist` do echo $i ssh $i uname -a ; cat... (4 Replies)
Discussion started by: sudharson
4 Replies

7. Shell Programming and Scripting

Logging in unix account taking password from a parameter file

Hi All, I am writing a script where it updates a file in an unix account. To update that file i need to be logged in as that account user. say account name is ab01 and its password is passab01. What i want to do is, my script should read login id and password from a parameter file and... (4 Replies)
Discussion started by: pkbond
4 Replies

8. UNIX for Dummies Questions & Answers

User account logging

Hi - I want to log commands typed by oraapps user with time into some log file on runtime. HISTTIMEFORMAT="%d/%m/%y %T " works but any one with oraapps user can delete the history. OS : RHEl 5.6 Any help is appreciated. (5 Replies)
Discussion started by: oraclermanpt
5 Replies

9. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

10. UNIX and Linux Applications

Logging to server to get etc/passwd file of all 300 server

i am new to scripting ,i need bash script in jump server to pull the /etc/passwd of all servers and the ssh keys are installed (3 Replies)
Discussion started by: profiles
3 Replies

LEARN ABOUT DEBIAN

labrea.conf

LABREA.CONF(5)							File Formats Manual						    LABREA.CONF(5)

NAME

       labrea.conf - labrea(1) configuration file

SYNOPSIS

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] EXC

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] HAR

       nnn.nnn.nnn.nnn[/nn] IPI

       nnnnn [- nnnnn] POR

       nnnnn [- nnnnn] PMN

DESCRIPTION

   Generalities
       labrea.conf is the configuration file for the labrea(1) program.

       Each line consists of a selector field, followed by an action verb.

       Whitespace is suppressed. Blank lines are ignored, as are lines beginning with "#".

   Selectors
       IPs can be specified as either a single address (e.g. "192.168.0.4") or as a range of addresses (e.g. "192.168.0.1 - 192.168.0.50").

       Ports can be specified as either a single port (e.g. 12345) or as a range of ports (e.g. 1-65535).

   IP Capturing
       When labrea sees an ARP request for an unused IP, it does the following:

       On an IP by IP basis, store a time and an originating IP address:

       1.     For an incoming ARP request, check the current time:

	      a.     If  currently stored time is 0 or the arp comes from a different address than the one stored, then store the current time and
		     the requesting IP and return.

	      b.     If the stored time is less than "-r" seconds ago, ignore it and return.

	      c.     If currently stored time is more than a minute ago, store 0, return. (Max timeout)

	      d.     Otherwise, grab the IP.

       2.     See an ARP reply, set stored time to 0.

       When an ARP request for a particular IP goes unanswered for longer than its "rate" setting (default: 3 seconds), labrea crafts an ARP reply
       that  routes  all  traffic  destined for the IP to a "bogus" MAC address.  labrea listens for TCP/IP traffic routed to that MAC address and
       then responds to any SYN packet (ie incoming connection) with a SYN/ACK packet.

   Explanation of terms
       Excluded IPs: Are those IPs that labrea should never capture. Note that automatic mechanisms are also used to prevent capturing IPs with an
       active machine on it. See labrea(1) for more details.

       Hard captured IPs: The -h --hard-capture option instructs labrea that once it captures an IP address, then it needn't wait for a "-r" time-
       out the next time around.  These IPs are said to be "hard" captured.

       Hard excluded IPS: These are IPs that should never be "hard" captured. In other words, each time there is an ARP request for this IP,  then
       labrea will always wait for the timeout -r secs before responding.

       Tarpitting:  On a captured IP, labrea responds to an incoming SYN connection attempt with a SYN/ACK. This causes the remote machine's stack
       to initiate the Tcp connection and then waste time fruitlessly trying to continue the conversation.

       Persist state capture: labrea can permanently capture connect attempts by closing the TCP window to force  the  connection  into  "persist"
       state. In this state, the connection never times out, and labrea hangs on to the incoming connection until it is closed from the other end.

       To accomplish this, short packets are sent every so often to say "keep waiting, my Tcp window is still closed". So a maximum b/w control is
       implemented to limit the total b/w consumption. (see the -p --max-rate startup option)

       Auto hard capturing: This is a startup option that says that unless an IP is excluded or hard-excluded, then mark it  as  being	hard  cap-
       tured. This is normally a risky thing to do and should be used with caution.

   Normal virtual machine behaviour
       Default port behaviour: Incoming connections on any port will be subject to tarpitting / persist capturing.

       Since  all connections are inbound, there should be no incoming SYN/ACKs. Labrea will respond RST to an incoming SYN/ACK unless the startup
       option -a --no-resp-synack disables this behaviour.

       Excluded ports: Ports that are specifically excluded will not be tarpitted or persist captured.

       Incoming connection attempts on an excluded port will receive a RST.

   Virtual machine behaviour when firewalling:
       Active ports: When firewalling (i.e.  -f --no-resp-excluded-ports) is active, then by default only the most widely used ports are active at
       startup.

       Incoming connections on these active ports will be tarpitted and/or persist captured as usual.

       Excluded  ports:  When  firewalling  is	active,  incoming  connections	on excluded ports will not receive a response. The packets will be
       dropped.

       Among other things, this means that nmap scans take much more time to complete.

       Other ports: Ports that are neither active nor excluded are passively monitored for incoming SYN activity. At startup, they  behave  as	an
       excluded port (i.e. packets are dropped).

       However, if there is enough activity on a given port, it will dynamically become active. The threshold is more than 6 SYNs for a given port
       in an hour. However every 15 minutes, the port's SYN count is reduced by 1 to eliminate noise.

       If the SYN count for a port finally reaches 255, then the port is considered permanently active.

USAGE

       This section describes the configuration statements and their usage:

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] EXC
	      Never capture the specified IP addresses. This applies to local IP addresses (i.e. on the local capture netblock) only.

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] HAR
	      WHen "hard capturing" is in effect ("-h"), then never hard capture the specified IP addresses. (i.e. Always wait for the ARP timeout
	      before responding.) Applies to local IP addresses only.

       nnn.nnn.nnn.nnn[/nn] IPI
	      Ignore  any packets with source IP address in the specified netblock. labrea will not tarpit or persist capture connections from the
	      specified IP addresses.

	      Note that this statement can apply to any IP address.

	      Note also that the netblock is specified in CIDR notation (ie nnn.nnn.nnn.nnn/nn) and not as a range of IP addresses.

       nnnnn [- nnnnn] POR
	      These ports are excluded. labrea will not tarpit / persist capture incoming connections on these	ports.	A  RST	will  be  returned
	      unless firewalling is active. In that case, the incoming packet will be dropped.

       nnnnn [- nnnnn] PMN
	      At  startup,  mark the indicated ports as being active. Incoming connections to these ports are subject to tarpitting / persist cap-
	      turing.

	      This configuration statement is useful only when firewalling is active. The port becomes immediately active, instead of waiting  for
	      enough SYNs to bump the port's SYN count above the activity threshold.

EXAMPLES

       Suppose that the capture subnet is 192.168.10.0/24.

       Exclude 192.168.10.5 through .7 from being captured:

	      192.168.10.5 - 192.168.10.7 EXC

       "Hard exclude" 192.168.10.100:

	      192.168.10.100 HAR

       Do not attempt to tarpit / persist capture packets from the class C subnet 10.2.3.x:

	      10.2.3.0/24 IPI

       Put in some comments:

	      #
	      #    This is a comment
	      #

       Do not tarpit / persist capture on ports 21-25:

	      21-25 POR

       When firewalling, make port 12345 active at startup:

	      12345 PMN

FILES

       /usr/local/etc/labrea.conf
	      Default configuration file on unix systems

       (current directory) LaBrea.cfg
	      Default configuration file on Windows systems

SEE ALSO

       labrea(1)

AUTHOR

       Tom Liston <tliston@hackbusters.net> Bugs: lorgor@users.sourceforge.net or http://labrea.sourceforge.net

																    LABREA.CONF(5)
All times are GMT -4. The time now is 02:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy