When connecting to an Ubuntu 24.04 server from CentOS 6 server, i got error “no hostkey alg” To fix this error, edit /etc/ssh/sshd_config on Ubuntu server and add followng to end of the file Restart ssh service on Ubuntu Now you should be able to connect to Ubuntu server from CentOS 6 using SSH. If … Read more
By default SSH service runs on port 22. Running SSH service on port 22 is not secure as it can become an easy target for attackers who are scanning the network for open ports. By changing the default port, you can make it more difficult for attackers to find and exploit the SSH service. To … Read more
I got the following error when logging in to a server using SSH key authentication. Server refused our key I checked the log file tail /var/log/secure found following error May 11 17:45:31 server58 sshd[18483]: Authentication refused: bad ownership or modes for file /home/video/.ssh/authorized_keys The problem is fixed by setting proper permission for the .ssh folder … Read more
I want all my SSH connection go through a VPS so my IP address stay same even if my ISP changes IP. This help me to only access SSH access from my VPS IP address, this increase security as no one else able to SSH to the server. To force all my SSH connection to … Read more
Endlessh is an open source SSH trapit. It send slow random banner string to attacker, wasting their time. Before you install endlessh, you need to change your SSH port to a higher non default port. To do this edit vi /etc/ssh/sshd_config Find Port 22 Replace with Port YOUR_NEW_PORT_HERE If the line is commented with #, … Read more
When i ssh into a server, i get following error root@lab:~# ssh www-data@14.18.58.78 -p 3333 Received disconnect from 14.18.58.78: 2: Too many authentication failures root@lab:~# I checked server log (/var/log/auth.log) and found following Nov 13 19:06:42 lab sshd[32030]: error: maximum authentication attempts exceeded for root from 188.40.131.92 port 52956 ssh2 [preauth] Nov 13 19:06:42 lab … Read more
If you have a server with SSH access, you can use it as sock 5 proxy or for port forwarding with just ssh access. Socks5 Proxy SSH tunnel can be used for browsing security. It act like a socks5 proxy. OR SERVER_IP is IP of the remote server, that you will be using as sock … Read more
On my local computer, i have installed openssh-server, but i don’t want it always enabled. To disable openssh-server from auto start on boot, run systemctl disable ssh Example root@lab:~# systemctl disable ssh Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable ssh Removed /etc/systemd/system/sshd.service. Removed /etc/systemd/system/multi-user.target.wants/ssh.service. root@lab:~# If you want to … Read more
On web servers, you may need to get email alert when someone logs in to your server using SSH. To do this edit file Add In above, replace you@your-domain.com with your actual email address. You need a mail server installed on your server for this to work. If you want to log to a file, … Read more
On a remote server, we have an application running on 127.0.0.1:8010. Since the application is listening on internal IP address 127.0.0.1, we can’t access it remotely. To access this application, we can use SSH port forwarding. ssh -L 8010:127.0.0.1:8010 root@lab.serverok.in -p 3333 In above example, application running on server lab.serverok.in is available on my local … Read more
When i connect to remote server using SSH using private key, it ask for passphrase every time. root@admin:~# ssh root@s12.serverok.in Enter passphrase for key ‘/root/.ssh/id_rsa’: root@admin:~# I want it only ask once, then remember it. To do this, you need to run eval `ssh-agent -s` ssh-add When you run “ssh-add” command, it ask for your … Read more
SSH Connection Errors SSH ProxyJump (Jump Host/bastion host) SSH Errors SSH Protect SSH Configuration Options Only allow a specific user to login. Deny SSH access to a Group. You can add multiple groups separated by space. Disconnect if the client is inactive for 120 seconds. Verify sshd configurations are correct