openssh | Development repository for the openssh cookbook | SSH Utils library
kandi X-RAY | openssh Summary
kandi X-RAY | openssh Summary
Installs and configures OpenSSH client and daemon.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Gets the options from the server .
- Returns the OpenSSL server name .
- Returns true if the key is a supported key
- Checks if the host_host exists
openssh Key Features
openssh Examples and Code Snippets
Community Discussions
Trending Discussions on openssh
QUESTION
I have an application that gets deployed from a docker image to a Kubernetes pod. Inside of my docker image I run the following command
...ANSWER
Answered 2022-Apr-04 at 06:16When the application gets deployed, out of my control, the user gets set to a non root user.
Inside the container, the user running java -jar /opt/app/app.jar
is root, because of USER root
.
Outside the container, on the host, a deployed application is usually (almost exclusively) never executed/accessed as root
.
But it should still make ssh request from within the container to a server:
- the openssh service is started
- the container /root/.ssh has the right public/private key
- the
~user/.ssh
folder, on the target server where the Docker application is running, has the authorized_keys with the public one in it.
But if the user does not exist inside the container, you need to create it on docker run
, as in here:
QUESTION
I have the task to close the idle ssh connection if they are idle for more than 5 minutes. I have tried setting these value on sshd_config
ANSWER
Answered 2022-Feb-27 at 08:17close the idle ssh connection if they are idle for more than 5 minutes
This task is surprisingly difficult. OpenSSH itself has no functionality to set a idle-timeout on shell commands, probably for a good reason: killing "idle" shells itself is non-trivial:
- There's multiple ways to define "idleness", e.g., no stdin, no stdout, no I/O activity whatsoever, no CPU consumption etc
- Even when a process is deemed "idle", it's difficult to kill the process and all its child processes that have possibly been created.
Given that, it's not surprising that there's only few solutions for killing idle shell sessions in general. Those that I could find with (little) research rely on background daemons that check the idle status of all processes running on a system (e.g., doinkd/idled, idleout).
One possible solution is to check if any of those solutions can be adapted to enforce an idle timeout on a specific shell session.
Another option is to adapt the OpenSSH source code to support your specific requirement. In principle, OpenSSH should be able to easily access console I/O activity and session duration, so assessing the "idle" property is probably relative easy. As for "killing" the shell and all involved children, running (and killing) the remote shell in a PID namespace is an effective option on Linux systems.
Both options a relatively complex -- so before pursuing them further, I'd further check if there's existing solutions to enforce an idle timeout on a shell session. Using them under OpenSSH will be straightforward.
QUESTION
I have Nginx cache server built on Ubuntu 18 and with docker image nginx:1.19.10-alpine.
Ubuntu 18 disk usage details given below for reference
...ANSWER
Answered 2022-Jan-27 at 02:15You can try to configure the temporary cache directory
QUESTION
I'm following the FIDO U2F instructions on https://developers.yubico.com/SSH/ on macOS Monterey with openSSH 8.6 and run into the following issue:
...ANSWER
Answered 2022-Feb-06 at 01:52Use Homebrew's OpenSSH
QUESTION
I have a Python 3 application running on CentOS Linux 7.7 executing SSH commands against remote hosts. It works properly but today I encountered an odd error executing a command against a "new" remote server (server based on RHEL 6.10):
encountered RSA key, expected OPENSSH key
Executing the same command from the system shell (using the same private key of course) works perfectly fine.
On the remote server I discovered in /var/log/secure
that when SSH connection and commands are issued from the source server with Python (using Paramiko) sshd complains about unsupported public key algorithm:
userauth_pubkey: unsupported public key algorithm: rsa-sha2-512
Note that target servers with higher RHEL/CentOS like 7.x don't encounter the issue.
It seems like Paramiko picks/offers the wrong algorithm when negotiating with the remote server when on the contrary SSH shell performs the negotiation properly in the context of this "old" target server. How to get the Python program to work as expected?
Python code
...ANSWER
Answered 2022-Jan-13 at 14:49Imo, it's a bug in Paramiko. It does not handle correctly absence of server-sig-algs
extension on the server side.
Try disabling rsa-sha2-*
on Paramiko side altogether:
QUESTION
After some initial problems I was finally able to set up a self-hosted GitLab Runner on my personal laptop.
I'm now looking into how this runner works and how I can tweak it's environment to my needs. I modified the YML file to run a simple command echoing the PATH
environment variable:
ANSWER
Answered 2021-Dec-30 at 16:53There's a few reasons why environment variables may be different. Chiefly:
- The user account being used by the runner
- The powershell profile you're using locally (which will not be used by the runner)
- Any changes to environment variables made in the runner's config.toml
- environment variables changed/added through CI/CD variables.
The effective PATH
is a combination of both the system environment variables as well as user environment variables. For your runner to reflect the same environment variables that you see locally when running powershell, you must use the same user account, otherwise user environment variables you're seeing may be missing/different based on the user account.
One way to fix differences that may be caused by the user would be to change the user used by the gitlab service
To change the user used by the GitLab runner, go to services -> gitlab-runner -> (right-click) properties -> Log On tab and choose the account the runner should use.
Alternatively, specify this when installing the runner:
QUESTION
I have two apps in go language. user_management app, which I run (docker-compose up --build) first, then I run(docker-compose up --build) sport_app. sport_app is dependent from user_management app.
sport_app Dockerfile file as below.
...ANSWER
Answered 2021-Dec-22 at 10:09For communicating between multiple docker-compose
clients, you need to make sure that the containers you want to talk to each other are on the same network.
For example, (edited for brevity) here you have one of the docker-compose.yml
QUESTION
Is there any way to set different SSH keys to ruby-git gem configuration on the fly, so I can work with different private repos?
What I've done is working well, but it works with one SSH key only.
I have created /ruby_git.sh
in the root folder of my Rails app:
ANSWER
Answered 2021-Dec-12 at 18:13You can say, however ruby sets up to say, git -c core.sshcommand='/usr/bin/ssh -F my.temp.config'
and set up your one-shot connection-setup params in that temp config.
QUESTION
I'm trying to generate ECDSA Key Pair for SSH with Go, but I find that the private key format is different from ssh-keygen
and can't be accepted by GitHub.
Here's the 256-bit key pair generated via ssh-keygen -t ecdsa -b 256
:
ANSWER
Answered 2021-Dec-15 at 18:14OpenSSH uses different formats for private EC keys, the SEC1 (as generated by your Go code), the PKCS#8 or the newer OpenSSH format (as generated with the ssh-keygen command). This is described here, which also contains a more detailed explanation of the OpenSSH format. The SEC1 format is explained e.g. in this post.
The current Go code generates a SEC1 key with wrong header and footer. This turned out to be the cause of the problem! To fix the bug, ECDSA
must be replaced by EC
in header and footer:
QUESTION
I have built my app with JavaFX 11 and now I need to distribute it. I have chosen to distribute it in two ways: cross-platform fat-jar (I know, I know, it is discouraged, but that is not the point) and platform specific image created with jlink.
I am building on Linux Mint 20.1. I am using Maven and creating runtime image with javafx-maven-plugin
. I have JDKs for both platforms on my Linux machine and pointed to the corresponding jmods
folder in pom.xml
.
The built fat-jar works on both Linux and Windows where both have installed the latest Java SDK (11.0.12).
The image for Linux also works without problems.
However, the image for Windows does not run and the output of -Dprism.verbose=true
is this:
ANSWER
Answered 2021-Oct-17 at 17:16java.lang.UnsatisfiedLinkError: no prism_sw in java.library.path
Means you're definitely missing some dlls from your library path, although this could only be a part of the problem.
When you download javafx sdk for windows from this link, you get a zip with the following structure:
The bin folder contains all the natives you need to run JavaFx (on windows, or the platform you downloaded the sdk for)
Note that you don't always need all the natives, jfxwebkit.dll for example is only needed when you work with javafx-web.
You need to extract them somewhere and add the folder you extracted them in to the library path when you run the java program
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install openssh
On a UNIX-like operating system, using your system’s package manager is easiest. However, the packaged Ruby version may not be the newest one. There is also an installer for Windows. Managers help you to switch between multiple Ruby versions on your system. Installers can be used to install a specific or multiple Ruby versions. Please refer ruby-lang.org for more information.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page