Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
ssh [2009/07/30 09:05] greebo |
ssh [2015/10/30 14:52] zagi [other] |
||
---|---|---|---|
Line 38: | Line 38: | ||
done | done | ||
</ | </ | ||
+ | |||
+ | ===== How to Fix Offering key in ~/ | ||
+ | # ssh -o ' | ||
+ | |||
+ | ==== Remove the offending ssh key ==== | ||
+ | < | ||
+ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | ||
+ | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! | ||
+ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | ||
+ | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | ||
+ | Someone could be eavesdropping on you right now (man-in-the-middle attack)! | ||
+ | It is also possible that the RSA host key has just been changed. | ||
+ | The fingerprint for the RSA key sent by the remote host is | ||
+ | a7: | ||
+ | Please contact your system administrator. | ||
+ | Add correct host key in / | ||
+ | Offending key in / | ||
+ | Permission denied (publickey, | ||
+ | </ | ||
+ | |||
+ | # sed -i ' | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | **Perl solution**: | ||
+ | # perl -pi -e ' | ||
+ | |||
====== How to harden your sshd ====== | ====== How to harden your sshd ====== | ||
Line 138: | Line 165: | ||
action = %(action_mw)s\\ | action = %(action_mw)s\\ | ||
+ | |||
+ | ===== other SSH stuff ====== | ||
+ | |||
+ | use EF DSCP in ssh: | ||
+ | |||
+ | ~/ | ||
+ | IPQoS ef | ||
+ | | ||
+ | use jump host | ||
+ | |||
+ | ~/ | ||
+ | Host finalhost | ||
+ | HostName finalhost | ||
+ | User userfinal | ||
+ | ProxyCommand ssh proxyuser@proxyhost nc %h %p | ||
+ | |||
+ | then one can simply type | ||
+ | |||
+ | ssh finalhost | ||
+ | to ssh via proxyhost to final destination host | ||
+ | |