|
Warning: this is an htmlized version!
The original is here, and the conversion rules are here. |
#######
#
# E-scripts on ssh, scp and friends.
#
# Note 1: use the eev command (defined in eev.el) and the
# ee alias (in my .zshrc) to execute parts of this file.
# Executing this file as a whole makes no sense.
# An introduction to eev can be found here:
#
# (find-eev-quick-intro)
# http://angg.twu.net/eev-intros/find-eev-quick-intro.html
#
# Note 2: be VERY careful and make sure you understand what
# you're doing.
#
# Note 3: If you use a shell other than zsh things like |&
# and the for loops may not work.
#
# Note 4: I always run as root.
#
# Note 5: some parts are too old and don't work anymore. Some
# never worked.
#
# Note 6: the definitions for the find-xxxfile commands are on my
# .emacs.
#
# Note 7: if you see a strange command check my .zshrc -- it may
# be defined there as a function or an alias.
#
# Note 8: the sections without dates are always older than the
# sections with dates.
#
# This file is at <http://angg.twu.net/e/ssh.e>
# or at <http://angg.twu.net/e/ssh.e.html>.
# See also <http://angg.twu.net/emacs.html>,
# <http://angg.twu.net/.emacs[.html]>,
# <http://angg.twu.net/.zshrc[.html]>,
# <http://angg.twu.net/escripts.html>,
# and <http://angg.twu.net/>.
#
#######
# «.sshd-2012» (to "sshd-2012")
# «.without-password» (to "without-password")
# «.without_password» (to "without_password")
# «.mat.puc-rio» (to "mat.puc-rio")
# «.ssh-agent_init.d» (to "ssh-agent_init.d")
# «.snailbook» (to "snailbook")
# «.sshaskpass» (to "sshaskpass")
# «.openssh-deb-src» (to "openssh-deb-src")
# «.ssh-copy-id» (to "ssh-copy-id")
# «.ssh-vulnkey» (to "ssh-vulnkey")
# «.known_hosts» (to "known_hosts")
# «.x11-forwarding» (to "x11-forwarding")
# «.removing-keys» (to "removing-keys")
# «.expect-ssh-xterm» (to "expect-ssh-xterm")
# «.sshpass» (to "sshpass")
# «.ssh-keygen» (to "ssh-keygen")
# «.cyber-plumbers» (to "cyber-plumbers")
# «.ssh-escape» (to "ssh-escape")
# «.timeout» (to "timeout")
# «.tinysshd» (to "tinysshd")
# «.no-detach» (to "no-detach")
# «.StrictHostKeyChecking» (to "StrictHostKeyChecking")
# «.ssh-agent» (to "ssh-agent")
#####
#
# sshd - 2012
# 2012nov01
#
#####
# «sshd-2012» (to ".sshd-2012")
# (find-zsh "availabledebs | sort | grep ssh")
# (find-zsh "installeddebs | sort | grep ssh")
# (find-status "openssh-server")
# (find-vldifile "openssh-server.list")
# (find-udfile "openssh-server/")
# (find-vldifile "openssh-server.preinst")
# (find-vldifile "openssh-server.postinst")
# (find-vldifile "openssh-server.prerm")
# (find-vldifile "openssh-server.postrm")
# (find-vldifile "openssh-server.conffiles")
# (find-vldifile "openssh-server.config")
# (find-vldifile "openssh-server.templates")
# (find-vldifile "openssh-server.md5sums")
# (find-fline "/etc/default/ssh")
# (find-fline "/etc/default/ssh" "SSHD_OPTS=")
# (find-man "8 sshd")
# (find-pen-links)
* (eepitch-shell)
mkdir /tmp/pen/
sudo mount -o uid=$UID /dev/sdb1 /tmp/pen/
# (find-fline "/tmp/pen/")
sudo umount /tmp/pen
sync
cd $S/http/ftp.de.debian.org/debian/pool/main/o/openssh/
cp -v openssh-client-udeb_5.5p1-6+squeeze2_i386.udeb /tmp/pen/
# http://ftp.de.debian.org/debian/pool/main/o/openssh/
http://ftp.de.debian.org/debian/pool/main/o/openssh/openssh-client-udeb_5.5p1-6+squeeze2_i386.udeb
http://ftp.de.debian.org/debian/pool/main/o/openssh/openssh-client-udeb_5.5p1-6+squeeze2_ia64.udeb
<edrx> sudo /etc/init.d/ssh restart
<edrx> ssh edrx@localhost
# (find-status "ssh")
# (find-vldifile "ssh.list")
# (find-udfile "ssh/")
# (find-status "openssh-client")
# (find-vldifile "openssh-client.list")
# (find-udfile "openssh-client/")
# (find-man "1 scp")
# (find-man "1 ssh-agent")
# (find-man "1 ssh-keygen")
# (find-man "1 ssh-copy-id")
# (find-man "1 slogin")
# (find-man "1 ssh")
# (find-man "1 ssh-add")
# (find-man "1 ssh-add" "-d")
# (find-man "1 ssh-add" "-d" "removes identities from the agent")
# (find-man "1 make-ssh-known-hosts")
# (find-man "8 sshd")
# (find-man "1 ssh-add")
# (find-fline "~/.ssh/identity")
ssh-add -l
# (find-man "1 make-ssh-known-hosts")
# (find-fline "~/.ssh/known_hosts")
#*
echo hello > /tmp/hello
scp -v -B /tmp/hello edrx@angg.twu.net:/home2/edrx/tmp/hello
#*
# (find-fline "~edrx/.rhosts")
cat > ~edrx/.rhosts <<'---'
angg
angg root
angg.popolvuh
angg.popolvuh root
---
chown edrx.edrx ~edrx/.rhosts
chmod 600 ~edrx/.rhosts
# ssh -l edrxp angg
scp -v -B /tmp/hello edrxp@angg:hello
scp -v /tmp/hello edrxp@angg:hello
#*
# (find-fline
# (find-fline "/etc/ssh/")
# (find-fline "/etc/ssh/ssh_config")
# scp -v -B /tmp/hello edrx@angg.twu.net:/home2/edrx/tmp/hello
# Executing: host angg.twu.net, user edrx, command scp -v -t /home2/edrx/tmp/hello
# SSH Version OpenSSH-1.2.3, protocol version 1.5.
# Compiled with SSL.
# debug: Reading configuration data /etc/ssh/ssh_config
# debug: Applying options for *
# debug: ssh_connect: getuid 0 geteuid 0 anon 0
# debug: Connecting to angg.twu.net [63.97.42.127] port 22.
# debug: Allocated local port 721.
# debug: Connection established.
# debug: Remote protocol version 1.99, remote software version OpenSSH_2.1.1
# debug: Waiting for server public key.
# debug: Received server public key (768 bits) and host key (1024 bits).
# debug: Host 'angg.twu.net' is known and matches the host key.
# debug: Encryption type: 3des
# debug: Sent encrypted session key.
# debug: Installing crc compensation attack detector.
# debug: Received encrypted confirmation.
# debug: Trying RSA authentication with key 'root@angg'
# debug: Server refused our key.
# Permission denied.
# debug: Calling cleanup 0x8056840(0x0)
# lost connection
# (code-c-d "ssh" "/usr/src/openssh-1.2.2/")
# (find-sshfile "sshconnect.c" "Trying RSA authentication with key")
# (find-sshfile "readpass.c")
pdsc $SNUDEBIAN/dists/potato/non-US/main/source/openssh_1.2.2-1.4.dsc
cd /usr/src/openssh-1.2.2/
agrep -i 'pass(word|phrase)' $(find *)
groff -Tascii -t -ms RFC.nroff | l -S
#####
#
# ssh
# 99dec04
#
#####
# «ssh»
psnedebfrom $FNUDEBIAN <<'---'
31708 dists/slink/non-US/source/ssh_1.2.26-1.2.diff.gz
578 dists/slink/non-US/source/ssh_1.2.26-1.2.dsc
1005284 dists/slink/non-US/source/ssh_1.2.26.orig.tar.gz
---
pdsc $SNUDEBIAN/dists/slink/non-US/source/ssh_1.2.26-1.2.dsc
cd /usr/src/ssh-1.2.26/
debian/rules binary |& tee odrb
mv -v /usr/src/ssh*.deb /usr/src/.debs/
apt-update
apti ssh ssh-askpass
# (find-vldifile "ssh.list")
# (find-fline "/usr/doc/ssh/")
# (find-status "ssh-askpass")
# (find-vldifile "ssh-askpass.list")
# (find-udfile "ssh-askpass/")
# (find-man "1x x11-ssh-askpass")
# (find-sshfile "")
# (find-sshfile "odbp")
# (find-sshfile "debian/")
# (find-sshfile "README")
# (find-zshnode "Parameters Set By The Shell" "?" "exit status")
/usr/lib/ssh/x11-ssh-askpass
echo $?
#####
#
# Logging without password
# 2013feb10
#
#####
# «without-password» (to ".without-password")
# http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/
# http://www.debian.org/devel/passwordlessssh
# (find-efunction 'find-newhost-links)
# (find-efunction 'find-newhost-links "ssh-keygen -R")
# (find-zsh "dmissing ssh-add")
# (find-man "1 ssh-add")
# (find-books "__comp/__comp.el" "ssh")
;; (find-snailbookpage (+ 16 32) "2.5. The SSH Agent")
;; (find-snailbooktext (+ 16 32) "2.5. The SSH Agent")
# (find-man "1 ssh-agent")
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
# (find-sh "ps ax")
ps ax | grep agent
sudo killall -v -9 ssh-agent
ssh-agent | tee /tmp/sa.sh
cd /tmp/
scp edrx@127.0.0.1:/tmp/not-here .
. /tmp/sa.sh
scp edrx@127.0.0.1:/tmp/not-here .
ps ax | grep ssh-agent
# (find-sh "ps ax")
# (find-sh "pstree")
# (find-man "1 ssh-add")
# (find-man "1 ssh-add" " -t life")
# (find-man "1 ssh-add" "-X" "Unlock the agent.")
ssh-add
ssh-add -l
ssh-add -L
#####
#
# ssh-agent: logging without password
# 2001may23
#
#####
# «without_password» (to ".without_password")
# (find-man "ssh" "third authentication method")
# (find-man "ssh-agent")
# (find-man "ssh-add")
# (find-man "make-ssh-known-hosts")
#*
# Remove my keys and alephs's (I'm root and this is an offline box).
# (find-fline "~/.ssh/")
# (find-fline "~aleph/.ssh/")
laf ~/.ssh/
rm -v ~/.ssh/*
laf ~aleph/.ssh/
rm -v ~aleph/.ssh/*
# Weird, it seems that sshd remember some authorizations by itself...
# Restart it before running the demo below to get the pristine
# behaviour.
/etc/init.d/ssh restart
#*
# Initially logging as aleph requires aleph's password:
cat > $EEG <<'---'
aleph
exit
---
eeg ssh -l aleph angg
# But if I generate a private/public key pair for root,
# (find-man "1 ssh-keygen")
#
cat > $EEG <<'---'
FooBarFoo
FooBarFoo
---
eeg ssh-keygen
# (find-man "ssh" "can log in without giving the password.")
# And I copy my public key to aleph's .ssh/authorized_keys,
#
mkdir ~aleph/.ssh/
cat ~/.ssh/identity.pub >> ~aleph/.ssh/authorized_keys
chown -R aleph:aleph ~aleph/.ssh/
chmod 600 ~aleph/.ssh/authorized_keys
# Then trying to log as aleph will requires root's RSA passphrase.
# Let's start without a ssh-agent to understand how things work.
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
#
cat > $EEG <<'---'
FooBarFoo
exit
---
eeg ssh -l aleph angg
# And nothing is saved if we just try to log again:
cat > $EEG <<'---'
FooBarFoo
exit
---
eeg ssh -l aleph angg
# If we start a ssh agent:
eval $(ssh-agent)
set | grep -a SSH
# and try to log again as aleph we will still need the passphrase:
cat > $EEG <<'---'
FooBarFoo
exit
---
eeg ssh -l aleph angg
# But maybe this is because the agent knows no keys... If we add
# root's key to it,
ssh-add -l
cat > $EEG <<'---'
FooBarFoo
---
eeg ssh-add
ssh-add -l
# and try again then we see that ssh and the local agent are able to
# convince aleph's sshd that we know the passphrase without we having
# to type it again:
cat > $EEG <<'---'
exit
---
eeg ssh -l aleph angg
# If the agent dies we'll have to type the key again, of course.
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
#
cat > $EEG <<'---'
FooBarFoo
exit
---
eeg ssh -l aleph angg
# If root loses its ~/.ssh/identity* files then we get back to using
# passwords.
rm -v ~/.ssh/identity*
cat > $EEG <<'---'
aleph
exit
---
eeg ssh -l aleph angg
# And if we generate another pair of keys for root and update the
# agent to use this new key,
# (find-man "1 ssh-keygen")
#
cat > $EEG <<'---'
FooBarFoo
FooBarFoo
---
eeg ssh-keygen
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
eval $(ssh-agent)
set | grep -a SSH
echo $(pidof ssh-agent)
ssh-add -l
cat > $EEG <<'---'
FooBarFoo
---
eeg ssh-add
ssh-add -l
# Then our keys won't match the ones for root@angg at aleph's place,
# and ssh will give up RSA authentication and fall back to the
# traditional password scheme.
cat > $EEG <<'---'
aleph
exit
---
eeg ssh -l aleph angg
# But of course we can update our public key in aleph's home; as aleph
# is in the local machine we will do that using root's powers, instead
# of logging there with aleph's password...
mkdir ~aleph/.ssh/
cat ~/.ssh/identity.pub >> ~aleph/.ssh/authorized_keys
chown -R aleph:aleph ~aleph/.ssh/
chmod 600 ~aleph/.ssh/authorized_keys
# Note that we have ADDED a second "root@angg" key to aleph's list of
# authorized keys, instead of just replacing the obsolete one... but
# ssh is smart and will check all the keys in the list and use the
# right one: we will be able to log without password or passphrase.
cat > $EEG <<'---'
exit
---
eeg ssh -l aleph angg
# (find-fline "~/.ssh/")
# (find-fline "~aleph/.ssh/")
#*
#####
#
# Allow logging from one mat.puc-rio machine into another without password
# 2001may29
#
#####
# «mat.puc-rio» (to ".mat.puc-rio")
# This trick works because my home dir is shared (NFS).
#*
cd ~/.ssh/
rm -v identity identity.pub
ssh-keygen -N '' -f ~/.ssh/identity
#*
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
eval $(ssh-agent)
set | grep -a SSH
ssh-add
ssh-add -l
cd ~/.ssh/
(grep -v mat.puc-rio.br authorized_keys
cat identity.pub
) > authorized_keys.new
laf authorized_keys*
mv -v authorized_keys.new authorized_keys
laf
#*
cd ~/.ssh/
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
rm -v identity*
#*
#####
#
# ssh-agent in init.d
# 2001jun28
#
#####
# «ssh-agent_init.d» (to ".ssh-agent_init.d")
# (find-sh "locate ssh-agent")
# (find-fline "/etc/X11/Xsession.d/90x11-common_ssh-agent")
# (find-books "__comp/__comp.el" "ssh")
# (find-snailbookpage (+ 16 32) "2.5. The SSH Agent")
# (find-snailbooktext (+ 16 32) "2.5. The SSH Agent")
#*
cat > /etc/init.d/ssh-agent <<'---'
#!/bin/sh
# (find-es "ssh" "ssh-agent_init.d")
case "$1" in
start|restart)
echo "$1ing ssh-agent:"
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
ssh-agent > /tmp/.ssh-agent.out
;;
stop)
echo "$1ing ssh-agent:"
echo $(pidof ssh-agent)
kill $(pidof ssh-agent)
echo $(pidof ssh-agent)
;;
*)
printf "Usage: $0 {start|stop|restart}\n" >&2
exit 1
;;
esac
exit 0
---
chmod 755 /etc/init.d/ssh-agent
# (find-fline "/etc/inittab" "default runlevel")
ln -sf ../init.d/ssh-agent S90ssh-agent
/etc/init.d/ssh-agent restart
# (find-fline "~/.ssh/.ssh-agent.out")
#*
#####
#
# ssh-agent (2013)
# 2013jul20
#
#####
# «ssh-agent» (to ".ssh-agent")
# http://www.debian.org/devel/passwordlessssh
#####
#
# Snail Book
# 2006sep23
#
#####
# «snailbook» (to ".snailbook")
# (find-books "__comp/__comp.el" "ssh")
# http://www.flazx.com/
# http://gigapedia.com/items/4269/ssh--the-secure-shell---the-definitive-guide--2nd-edition--2005-01
# (find-status "chmlib-bin")
# (find-vldifile "chmlib-bin.list")
# (find-udfile "chmlib-bin/")
#*
cd /tmp/
extract_chmLib \
~/tmp/OReilly.SSH.The.Secure.Shell.The.Definitive.Guide.2nd.Edition.May.2005.eBook-DDU.chm \
/tmp/snail/
#*
# (find-fline "/tmp/")
# (find-fline "/tmp/snail/0596008953/")
# (code-c-d "snailbook" "/tmp/snail/0596008953/")
# (find-snailbookfile "")
# (find-snailbookw3m "index_P.html" "port forwarding")
#####
#
# sskaskpass
# 2007dec28
#
#####
# «sshaskpass» (to ".sshaskpass")
# http://www.dicas-l.com.br/dicas-l/20050804.php
# (find-fline "~/.ssh/")
# (find-caramelofile "")
# (find-caramelofile ".ssh/")
# (find-fline "~/.ssh/")
# (find-es "ssh")
* (eepitch-eshell)
* (eepitch-kill)
* (eepitch-eshell)
# ssh-keygen
cd (ee-caramelofile "")
mkdir .ssh/
cd .ssh/
cp ~/id_rsa.pub .
cp ~/id_rsa.pub authorized_keys
* (eepitch-eshell)
* (eepitch-kill)
* (eepitch-eshell)
# ssh-keygen
# (find-zumbifile "")
cd (ee-zumbifile "")
mkdir .ssh/
cd .ssh/
cp ~/.ssh/id_rsa.pub .
cp ~/.ssh/id_rsa.pub authorized_keys
#####
#
# openssh (from the debian sources)
# 2008jan30
#
#####
# «openssh-deb-src» (to ".openssh-deb-src")
# «ssh-copy-id» (to ".ssh-copy-id")
# http://ftp.debian.org/debian/pool/main/o/openssh/
# http://ftp.debian.org/debian/pool/main/o/openssh/openssh_4.7p1-2.dsc
# http://ftp.debian.org/debian/pool/main/o/openssh/openssh_4.7p1-2.diff.gz
# http://ftp.debian.org/debian/pool/main/o/openssh/openssh_4.7p1.orig.tar.gz
#*
rm -Rv ~/usrc/openssh/
mkdir ~/usrc/openssh/
cd $S/http/ftp.debian.org/debian/pool/main/o/openssh/
cp -v openssh_4.7p1* ~/usrc/openssh/
cd ~/usrc/openssh/
dpkg-source -sn -x openssh_4.7p1-2.dsc
cd ~/usrc/openssh/openssh-4.7p1/
# dpkg-buildpackage -us -uc -b -rfakeroot |& tee odb
#*
# (find-fline "~/usrc/openssh/")
* (eepitch-shell)
cd ~/usrc/openssh/
sudo dpkg -i *.deb
#*
# (code-c-d "openssh" "~/usrc/openssh/openssh-4.7p1/")
# (find-opensshfile "")
# (find-opensshgrep "grep -nH -e authorized_keys $(find *)")
# (find-man "1 ssh-copy-id")
# (find-man "ssh-add")
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
cd ~/.ssh/
cd ~/.ssh/id_rsa.pub
ssh-copy-id edrx@dekooning
ssh-copy-id -i ~/.ssh/id_rsa.pub edrx@dekooning
cd ~/.ssh/
cd ~/.ssh/id_rsa.pub
# (find-fline "~/.ssh/id_rsa.pub")
* (eexterm-dekooning)
* (find-sh0 "xhost +dekooning")
* (find-sh0 "xhost +10.1.0.101")
R
export DISPLAY=10.1.0.101:0
xterm &
ae /etc/hosts
* (eepitch-dekooning)
* (eepitch-kill)
* (eepitch-dekooning)
* (eepitch-dekooning)
* (eepitch-kill)
* (eepitch-dekooning)
cd ~/.ssh/
cd ~/.ssh/id_rsa.pub
ssh-copy-id edrx@dekooning
ssh-copy-id -i ~/.ssh/id_rsa.pub edrx@dekooning
#####
#
# ssh-vulnkey
# 2009apr26
#
#####
# «ssh-vulnkey» (to ".ssh-vulnkey")
#####
#
# "The authenticity of host 'blah' can't be established"
# 2009oct21
#
#####
# «known_hosts» (to ".known_hosts")
# (find-man "5 ssh_config")
# (find-man "5 ssh_config" "UserKnownHostsFile")
# (find-man "5 ssh_config" "CheckHostIP")
# (find-man "5 ssh_config" "BatchMode")
# (find-man "5 ssh_config" "RSAAuthentication")
# (find-fline "/etc/ssh/ssh_config")
# (find-fline "/etc/ssh/ssh_config" "IdentityFile")
# (find-fline "~/.ssh/known_hosts")
# (find-man "1 ssh")
# (find-man "1 ssh" " -o option")
# (find-man "1 ssh" "known_hosts")
# (find-man "1 ssh" " -i identity_file")
# (find-man "1 ssh" "RSAAuthentication")
# (find-man "1 ssh" "HashKnownHosts")
# (find-angg "EXPECT/autopasswd")
# The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
# RSA key fingerprint is fe:91:96:a9:eb:9b:d5:5f:50:36:7d:9e:68:3a:26:cd.
# Are you sure you want to continue connecting (yes/no)? yes
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
rm -v ~/.ssh/known_hosts
ssh -o 'CheckHostIP=no' edrx@127.0.0.1
ssh -o 'BatchMode=yes' edrx@127.0.0.1
ssh -o 'CheckHostIP=no' -o 'VisualHostKey=yes' edrx@127.0.0.1
ssh -o 'User=aleph' 127.0.0.1
# (find-adduser-links "aleph" "aleph")
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
ssh aleph@127.0.0.1
# Does not work:
ssh aleph@127.0.0.1 sudo -u edrx zsh
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
# @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
# The RSA host key for angg.twu.net has changed,
# and the key for the corresponding IP address 66.135.44.32
# is unknown. This could either mean that
# DNS SPOOFING is happening or the IP address for the host
# and its host key have changed at the same time.
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
# @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
# IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
# Someone could be eavesdropping on you right now (man-in-the-middle attack)!
# It is also possible that a host key has just been changed.
# The fingerprint for the RSA key sent by the remote host is
# 68:80:43:76:23:49:0a:69:5a:e9:a7:9e:eb:d6:1b:e5.
# Please contact your system administrator.
# Add correct host key in /home/edrx/.ssh/known_hosts to get rid of this message.
# Offending RSA key in /home/edrx/.ssh/known_hosts:1
# RSA host key for angg.twu.net has changed and you have requested strict checking.
# Host key verification failed.
#####
#
# X11 forwarding
# 2010jul01
#
#####
# «x11-forwarding» (to ".x11-forwarding")
# (find-man "1 ssh" "-X" "Enables X11 forwarding")
# (find-efunction 'find-adduser-links)
# (find-adduser-links "aleph" "aleph")
* (eexterm "A")
ssh -X aleph@localhost
aleph
xterm &
exit
* (eexterm "A")
ssh -X aleph@localhost xterm
aleph
xterm &
exit
* (eexterm "A" "ssh -X aleph@localhost")
aleph
ssh -X aleph@localhost xterm
ssh -X aleph@localhost
#####
#
# Remove a key from ~/.ssh/known_hosts
# 2012apr03
#
#####
# «removing-keys» (to ".removing-keys")
# (find-man "1 ssh-keygen")
# (find-man "1 ssh-keygen" "-R hostname")
# (find-man "1 ssh-keygen" " -R hostname")
# (find-man "1 ssh-keygen" " -R hostname | [hostname]:port")
# http://askubuntu.com/questions/20865/is-it-possible-to-remove-a-particular-host-key-from-sshs-known-hosts-file
# http://superuser.com/questions/30087/remove-key-from-known-hosts
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
ssh-keygen -F angg.twu.net
ssh-keygen -v -v -v -R angg.twu.net
# (find-fline "~/.ssh/" "known_hosts")
# (find-fline "~/.ssh/" "known_hosts.old")
#####
#
# Expect tricks (unfinished)
# 2010jul01
#
#####
# «expect-ssh-xterm» (to ".expect-ssh-xterm")
# (find-efunction 'find-adduser-links)
# (find-adduser-links)
# (find-adduser-links "aleph" "aleph")
# (find-es "ssh" "x11-forwarding")
# (find-angg ".zshrc" "autopasswd")
#*
# (eev-bounded)
rm -Rv ~/.ssh/
expect -c '
eval spawn ssh -X aleph@localhost xterm
proc answer {str} { sleep 0.5; send $str\n }
interact {
-o "password: " { send_user "p4ssword: "; answer aleph }
"(yes/no)? " { send_user "(yes/n0)? "; answer yes }
}
'
#*
# (find-es "expect" "passwords")
# (find-expcommand "interact")
* (eexterm-dekooning)
* (find-sh0 "xhost +dekooning")
* (find-sh0 "xhost +10.1.0.101")
R
export DISPLAY=10.1.0.101:0
xterm &
ae /etc/hosts
#####
#
# sshpass
# 2013feb13
#
#####
# «sshpass» (to ".sshpass")
# (find-status "sshpass")
# (find-vldifile "sshpass.list")
# (find-udfile "sshpass/")
# http://sourceforge.net/projects/sshpass
# (find-man "1 sshpass")
# (find-udfile "sshpass/changelog.gz")
sshpass -p edrx ssh edrx@127.0.0.1
#####
#
# Generating a key
# 2013jul20 / 2021oct31
#
#####
# «ssh-keygen» (to ".ssh-keygen")
# (find-es "x" "xclip")
# (find-man "1 ssh-keygen")
# (find-man "1 ssh-keygen" "-t type")
# (find-man "1 ssh-keygen" "-t type" "-C comment")
# (find-man "1 ssh-keygen" "~/.ssh/id_rsa")
# (find-fline "~/.ssh/" "id_rsa")
# https://help.github.com/articles/generating-ssh-keys
# https://help.github.com/articles/working-with-ssh-key-passphrases
# https://man.sr.ht/tutorials/set-up-account-and-git.md
* (eepitch-shell)
* (eepitch-kill)
* (eepitch-shell)
ssh-keygen
# (find-fline "~/.ssh/" "id_rsa")
# (find-fline "~/.ssh/id_rsa")
# (find-fline "~/.ssh/id_rsa.pub")
#####
#
# The Cyber Plumbers' Handbook
# 2021oct10
#
#####
# «cyber-plumbers» (to ".cyber-plumbers")
# https://news.ycombinator.com/item?id=28802493 SSH Tunneling Explained (goteleport.com)
# https://news.ycombinator.com/item?id=19946941 Show HN: The Cyber Plumber's Handbook – SSH Tunnel Like a Boss
# https://github.com/opsdisk/the_cyber_plumbers_handbook
# https://github.com/opsdisk/the_cyber_plumbers_handbook/raw/master/cph_version_1.4_20210829.pdf
# (code-pdf-page "cyberplumbers" "$S/https/github.com/opsdisk/the_cyber_plumbers_handbook/raw/master/cph_version_1.4_20210829.pdf")
# (code-pdf-text "cyberplumbers" "$S/https/github.com/opsdisk/the_cyber_plumbers_handbook/raw/master/cph_version_1.4_20210829.pdf")
# (find-cyberplumberspage)
# (find-cyberplumberstext)
#####
#
# The escape char and
# 2021oct10
#
#####
# «ssh-escape» (to ".ssh-escape")
# https://news.ycombinator.com/item?id=28802493 SSH Tunneling Explained (goteleport.com)
# (find-man "1 ssh")
# (find-man "1 ssh" "-e escape_char")
* (eepitch-vterm)
* (eepitch-kill)
* (eepitch-vterm)
ssh edrx@twu.net
~?
~C
help
#####
#
# timeout
# 2023jan26
#
#####
# «timeout» (to ".timeout")
#####
#
# tinysshd
# 2024may23
#
#####
# «tinysshd» (to ".tinysshd")
# (find-zsh "installeddebs | sort | grep sshd")
# (find-zsh "availabledebs | sort | grep sshd")
# (find-status "tinysshd")
# (find-vldifile "tinysshd.list")
# (find-udfile "tinysshd/")
# (find-man "8 tinysshd")
#####
#
# no-detach
# 2024may28
#
#####
# «no-detach» (to ".no-detach")
# (to "ssh-keygen")
# (find-man "8 sshd" "-D" "sshd will not detach")
# (find-man "8 sshd" "-d" "Debug mode")
# (find-asrootfile "/run/" "sshd")
* (find-3EE '(eepitch-shell) '(eepitch-shell2))
* (find-3ee '(eepitch-shell) '(eepitch-shell2))
* (eepitch-shell)
* (eepitch-shell2)
ps ax | grep ssh
sudo mkdir -p /run/sshd
sudo /usr/sbin/sshd -p 5555 -d
* (eepitch-shell)
ssh -p 5555 edrx@localhost
exit
#####
#
# StrictHostKeyChecking
# 2024jun06
#
#####
# «StrictHostKeyChecking» (to ".StrictHostKeyChecking")
# (find-man "1 ssh-keygen" "R hostname | [hostname]:port")
# (find-man "1 ssh" " -o option")
# (find-man "5 ssh_config" " StrictHostKeyChecking")
# (find-man "5 ssh_config" " StrictHostKeyChecking" "accept-new")
# (find-debootstrap2-links "subdebian" "edrx" 2)
# (find-debootstrap2-links "subdebian" "edrx" 2 "StrictHostKeyChecking=accept-new")
#####
#
# rsync between the machines at birdland
#
#####
# (find-zsh "dmissing sshd")
apti openssh-server
http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html
https://appuals.com/fix-ssh_exchange_identification-connection-closed-by-remote-host/
https://news.ycombinator.com/item?id=30970720 Bore: A simple CLI tool for making tunnels to localhost (github.com/ekzhang)
https://news.ycombinator.com/item?id=32024735 SSH Cheat Sheet (marcobehler.com)
https://news.ycombinator.com/item?id=34349929 A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding (iximiuz.com)
https://iximiuz.com/en/posts/ssh-tunnels/
https://grahamhelton.com/blog/ssh-cheatsheet/
https://www.ssh.com/academy/ssh/port#the-story-of-getting-ssh-port-22
https://news.ycombinator.com/item?id=39313170 How SSH port became 22 (ssh.com)
https://i.blackhat.com/BH-US-24/Presentations/REVISED02-US24_Moore_Secure_Shells_in_Shambles_Wednesday.pdf
https://news.ycombinator.com/item?id=41213064 Black Hat 2024: Secure Shells in Shambles [pdf] (blackhat.com)
https://docs.github.com/en/authentication/troubleshooting-ssh/error-permission-denied-publickey ssh -vT
https://superuser.com/questions/1127871/ssh-connection-under-udp
# Local Variables:
# coding: utf-8-unix
# End: