The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,867 other followers

Archive for the ‘SSH’ Category

Linux – How to Securely Copy Files Using SCP examples

Posted by jpluimers on 2020/03/16

I love short and to the point examples. The list of permutations for scp is at [WayBack] Linux – How to Securely Copy Files Using SCP examples.

–jeroen

Read the rest of this entry »

Posted in *nix, *nix-tools, Development, Internet protocol suite, Power User, SSH, TCP | Leave a Comment »

ssh – Why OpenSSH deprecated DSA keys – Information Security Stack Exchange

Posted by jpluimers on 2020/03/10

In a lot of ssh-keygen related posts, you still see DSA being mentioned, though that has been deprecated and later removed from OpenSSH.

I wondered why, so I did some digging.

TL;DR: it’s complicated:

  • different standards mandating eventually conflicting parameters,
  • extending the parameters would require protocol extension,
  • a logjam vulnerability for certain combinations of parameters and finally
  • better algorithms having become available.

Some of the related topics cannot be archived in the WayBack machine or refuse being archived at Archive.is, so here is a list of partially archived relevant links:

–jeroen

Posted in Communications Development, Development, Internet protocol suite, Power User, Security, SSH, TCP | Leave a Comment »

scp a remote file to a local machine

Posted by jpluimers on 2019/03/15

For me, scp is like tar; somehow I Google this every time…

  1. On the remote machine, find out the full path of the remote file:
    ~ # ssh username@192.168.71.123
    ...
    ~ # ls -alh `find /vmfs/volumes/ | grep -w W81Entx64CI | grep '\.vmdk$'`
    -rw-------    1 root     root      200.0G Aug 26 22:48 /vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/VM/PSO/W81Entx64CI/W81Entx64CI-flat.vmdk
    -rw-------    1 root     root         500 Aug 19 16:36 /vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/VM/PSO/W81Entx64CI/W81Entx64CI.vmdk
    
  2. On the local machine, go to the right directory, then copy the file from the remote machine:
    ~ # cd /vmfs/volumes/Samsung512NVME/PSO/VM/W81Entx64CI/
    ~ # time scp -v username@192.168.71.123:/vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/PSO/W81Entx64CI/W81Entx64CI-flat.vmdk W81Entx64CI-flat.vmdk

 

I don't know what's worse--the fact that after 15 years of using tar I still can't keep the flags straight, or that after 15 years of technological advancement I'm still mucking with tar flags that were 15 years old when I started.

I don’t know what’s worse–the fact that after 15 years of using tar I still can’t keep the flags straight, or that after 15 years of technological advancement I’m still mucking with tar flags that were 15 years old when I started.

The last line will logon over ssh and shows the file transfer in a verbose way.

Requirements:

  • both machines have ssh
  • local machine has firewall entry to allow client ssh
  • remote machine has sshd and firewall entry to allow sshd server connections

Via [WayBackshell – How to scp a folder from remote to local? – Stack Overflow (thanks [WayBack] Gryphius)

Image source: [WayBackxkcd: tar

–jeroen

Posted in Communications Development, Development, Internet protocol suite, SSH, TCP | Leave a Comment »

Passwordless SSH

Posted by jpluimers on 2019/01/22

Note: if the system you SSH from is ever compromised, then assume the passwordless targets are also compromised!

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Linux, openSuSE, Power User, SSH, SuSE Linux, TCP, Tumbleweed | Leave a Comment »

How to Setup Chroot SFTP in Linux (Allow Only SFTP, not SSH)

Posted by jpluimers on 2018/12/24

If you want to setup an account on your system that will be used only to transfer files (and not to ssh to the system), you should setup SFTP Chroot Jail.

This explains how: [WayBack] How to Setup Chroot SFTP in Linux (Allow Only SFTP, not SSH)

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, SFTP, SSH, TCP | Leave a Comment »

 
%d bloggers like this: