Viranga's Blog: SSH

Showing posts with label SSH. Show all posts

Tuesday, June 14, 2016

rsync

rsync - how to suppress "skipping non-regular file" messages:-

Three basic behaviors are possible when  rsync  encounters  a  symbolic
       link in the source directory.

       By  default,  symbolic  links  are  not  transferred at all.  A message
       "skipping non-regular" file is emitted for any symlinks that exist.

       If --links is specified, then symlinks are recreated with the same tar-
       get on the destination.  Note that --archive implies --links.

       If  --copy-links is specified, then symlinks are "collapsed" by copying
       their referent, rather than the symlink.

       Rsync can also distinguish "safe"  and  "unsafe"  symbolic  links.   An
       example  where  this  might be used is a web site mirror that wishes to
       ensure that the rsync module that is copied does not  include  symbolic
       links  to  /etc/passwd  in  the  public  section  of  the  site.  Using
       --copy-unsafe-links will cause any links to be copied as the file  they
       point  to  on  the  destination.   Using --safe-links will cause unsafe
       links to be omitted altogether.  (Note that you  must  specify  --links
       for --safe-links to have any effect.)

       Symbolic  links  are  considered  unsafe  if they are absolute symlinks
       (start with /), empty, or if they contain  enough  ".."  components  to
       ascend from the directory being copied.

       Here's  a summary of how the symlink options are interpreted.  The list
       is in order of precedence, so if your combination of options isn't men-
       tioned, use the first line that is a complete subset of your options:

       --copy-links
              Turn all symlinks into normal files (leaving no symlinks for any
              other options to affect).

       --links --copy-unsafe-links
              Turn all unsafe symlinks into files and duplicate all safe  sym-
              links.

       --copy-unsafe-links
              Turn  all unsafe symlinks into files, noisily skip all safe sym-
              links.

       --links --safe-links
              Duplicate safe symlinks and skip unsafe ones.

       --links
              Duplicate all symlinks.

Saturday, June 11, 2016

Copying Files Over SSH

Secure copy is a really useful command, and it’s really easy to use. The basic format of the command is as follows:

scp [options] original_file destination_file

The biggest kicker is how to format the remote part. When you address a remote file, you need to do it in the following manner:

user@server:path/to/file

The server can be a URL or an IP address. This is followed by a colon, then the path to the file or folder in question. Let’s look at an example.

scp –P 40050 Desktop/url.txt yatri@192.168.1.50:~/Desktop/url.txt

This command features the [-P] flag (note that it’s a capital P). This allows me to specify a port number instead of the default 22. This is necessary for me because of the way I’ve configured my system.

Friday, June 10, 2016

How to create an SSH shortcut

If you are constantly needing to SSH into multiple servers, it can real daunting to remember all the different usernames, hostnames, IP addresses, and even sometimes custom private keys to connect to them. It’s actually extremely easy to create command line shortcuts to solve this problem. There’s two major ways to do it, and we’ll discuss the pros and cons of each.

Method 1: Using SSH Config

SSH on *NIX machines, such as Linux or Mac, have default shortcut functionality right out of the box. It’s very straight forward to setup, too. For those two reasons, this is my preferred way of setting up SSH shortcuts. The first step is to navigate to your .ssh folder:


cd ~/.ssh

Following this, you’ll need to create a file calledconfig. Here’s how to do it with Vim:


vim config

From here, you can now create shortcuts. You can specify the hostname, username, port, and the private key. For a full list of options, please visit the official docs. Here’s an example of how to structure the file:


Host scotch
    HostName scotch.io
    User nick
<br>
Host example2
    HostName example.com
    User root
<br>
Host example3
    HostName 64.233.160.0
    User userxyz123
    Port 56000
<br>
Host amazon1
    HostName ec2.amazon.com
    User ec2-user
    IdentityFile /path/to/special/privatekey/amazon.pem

Now, you can simply SSH into any of these servers with these simple commands:


ssh scotch
ssh example2
ssh example3
ssh amazon1

If this isn't working for you, trying changing the permissions of the config file like this:


chmod 600 ~/.ssh/config

#Method 2: Create aliases for your shell

This method involves creating an alias for your shell (or terminal). You can use this for creating any type of shortcut you want, but a lot of people use them for SSH shortcuts. To set this up, you'll need to navigate to your.bash_aliases file (or some people do this in .bashrcor .bash_profile). The following command will create the .bash_aliases file if it doesn't exist or just edit it if it already does using Vim.


vim ~/.bash_aliases

Here you can add as many shortcuts as you want. Here's how to add the same SSH shortcuts from above:


alias scotch='ssh nick@scotch.io'
alias example2='ssh root@example.com'
alias example3='ssh userxyz123@64.233.160.0 -p 56000'
alias amazon1='ssh ec2-user@ec2.amazon.com -i /path/to/special/privatekey/amazon.pem'

After you add those and save the file, you'll need to "reboot" the aliases file with:


source ~/.bash_aliases

Once that is completed, you can now SSH into all of those same boxes by just typing the following:


scotch
example2
example3
amazon1

This method provides additional flexibility that the first method might not be able to provide, but it really comes down to a matter of preference for most use cases.

How to create an SSH shortcut

Method 1: Using SSH Config


cd ~/.ssh

Following this, you’ll need to create a file calledconfig. Here’s how to do it with Vim:


vim config


Host scotch
    HostName scotch.io
    User nick
<br>
Host example2
    HostName example.com
    User root
<br>
Host example3
    HostName 64.233.160.0
    User userxyz123
    Port 56000
<br>
Host amazon1
    HostName ec2.amazon.com
    User ec2-user
    IdentityFile /path/to/special/privatekey/amazon.pem

Now, you can simply SSH into any of these servers with these simple commands:


ssh scotch
ssh example2
ssh example3
ssh amazon1

If this isn't working for you, trying changing the permissions of the config file like this:


chmod 600 ~/.ssh/config

#Method 2: Create aliases for your shell


vim ~/.bash_aliases

Here you can add as many shortcuts as you want. Here's how to add the same SSH shortcuts from above:


alias scotch='ssh nick@scotch.io'
alias example2='ssh root@example.com'
alias example3='ssh userxyz123@64.233.160.0 -p 56000'
alias amazon1='ssh ec2-user@ec2.amazon.com -i /path/to/special/privatekey/amazon.pem'

After you add those and save the file, you'll need to "reboot" the aliases file with:


source ~/.bash_aliases

Once that is completed, you can now SSH into all of those same boxes by just typing the following:


scotch
example2
example3
amazon1

This method provides additional flexibility that the first method might not be able to provide, but it really comes down to a matter of preference for most use cases.

Tuesday, January 27, 2015

How to use open ssh key?

The OP already has a key, it is a .ppk which is a format used by Putty. The OP has converted it to an open ssh key already.

To use the key,

First, by default, the key should stored in ~/.ssh with permissions of 600 as outlined above.

Second, you have two options to use the key.

Option 1 - Use putty - You can install and use putty in Linux. Putty can use the key in either format.

Option 2 - Use ssh on the command line

ssh -i ~/.ssh/your_key user@server

If you have any errors , post them here.

How to establish ssh key pair when “Host key verification failed”

I have set up ssh key pairs between my desktop and two servers, and from the servers to my desktop, but after reinstalling the OS on my desktop, I can't re-establish the keypair going into my desktop by this:

mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t 
ssh-copy-id username@server

I get the following error:

(names in italics changed to protect the innocent My desktop is Ubuntu, and I can't find the answerhere)

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is ab:cd:ef:gh Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:1 RSA host key for user.server has changed and you have requested strict checking. Host key verification failed.

Solution

ssh-keygen -R hostname

This deletes the offending key from the known_hosts

The man page entry reads:

-R hostname Removes all keys belonging to hostname from a known_hosts file. This option is useful to delete hashed hosts (see the -H option above).

How to convert .ppk key to OpenSSH key under Linux (ubuntu)

Do it with Putty.

Linux: with your package manager, install PuTTY (or the more minimal PuTTY-tools):

Ubuntu sudo apt-get install putty-tools

Place your keys in some directory, e.g. your home folder. Now convert the PPK keys to SSH keypairs:cache search

To generate the private key:

cd ~
puttygen id_dsa.ppk -O private-openssh -o id_dsa

and to generate the public key:

puttygen id_dsa.ppk -O public-openssh -o id_dsa.pub

Move these keys to ~/.ssh and make sure the permissions are set to private for your private key:

mkdir -p ~/.ssh
mv -i ~/id_dsa* ~/.ssh
chmod 600 ~/.ssh/id_dsa
chmod 666 ~/.ssh/id_dsa.pub

If you have already tried to perform a 'git clone' operation you might need to do this also

chmod 666 ~/.ssh/known_hosts