I run SSHd on my Android phone. This means I can copy files via wireless SFTP, and back it up with BackupPC. It beats using USB or Dropbox. With Android 4.1 and up (Jelly Bean), the default umask for files has changed from “000″ (users/programs can write to nearly any file) to “077″ (users/programs can only write to files they own). This is better, but meanwhile many Android programs expect the old behaviour. QuickSSHd (a 99p Android dropbear SSH server) is one of them.
You are currently browsing articles tagged ssh.
Philip continues to play devil’s advocate / script kiddie for my telnet URL handler. My input checker allowed host/port definitions to begin with a hyphen character. That’s an invalid domain name, so I ignored the possibility that someone might try it. Philip used it to pass a switch to the telnet/ssh command.
Firefox’s telnet protocol handler in Linux stopped working some time after version 3.0. I manage a network of switches, routers, and other devices with command-line interfaces. Wouldn’t it be nice to be able to click on
ssh:// URLs again?
I’ve been searching for a good remote desktop client for a long time. My requirements are simple. It must:
- save passwords
- manage connections via the GUI
- support VNC and RDP
- work with our IP KVM
This last requirement is the kicker. When I change hosts on our Adderview IP KVM, it draws one frame at 0×0 resolution, and then changes to the resolution of the new host. This has crashed every VNC client I’ve tried except xvnc4viewer. Which of course, doesn’t save passwords or have a GUI (the raw X menu when you press F8 does not count).
I have tried KRDC, Vinagre, xtightvncviewer, and a number of simpler command-line VNC clients. They all seem to be designed to support the “my Mom needs tech support” problem, not the “I manage remote servers” problem. KRDC won’t even login to my KVM; it just hangs after authentication. I suppose that’s better than crashing, but it is still a show stopping bug for me.
Last week I upgraded from Kubuntu 9.10 “Karmic Koala” to 10.04 “Lucid Lynx”. The word “upgrade” here is misleading, since I chose to reformat to take advantage of filesystem changes. However, I imported much of my customisations from backup. Here are my notes on Lucid, from the perspective of a long-time Kubuntu user.
You really shouldn’t allow SSH logins via password. This is doubly true for root. On most of my hosts we allow SSH for normal users with a password, but restrict root to SSH keys only. And we always protect against brute force attacks with fail2ban.
If you aren’t already using SSH keys and SSH agent, you should. SSH agent forwarding allows for secure sideways authentication. For example:
I love SSHFS. I manage a lot of machines, and I very often want to do something like this:
diff root@server1:/etc/randomrcfile root@server2:/etc/randomrcfile
There are ways to do this with Kompare (a KDE diff app) and the fish:// Kioslave, but not on the command line. SSHFS makes it easy:
mkdir /tmp/server1 /tmp/server2
sshfs root@server1:/ /tmp/server1/
sshfs root@server2:/ /tmp/server2/
diff /tmp/server1/etc/randomrcfile /tmp/server2/etc/randomrcfile
I do this so often that I’ve written my own script to handle this for me, smount. Copy it somewhere in your path, remove the extension (or don’t, as you prefer), and optionally make a copy or symlink called “sumount”. Now you can rapidly mount and unmount multiple hosts.