Necromancing, but adding the following to your sshd_config should do the trick: Match User <username> PasswordAuthentication yes Match all Note that match is effective “until either another Match line or the end of the file.” (The indentation isn’t significant.)
Unfortunately not directly. rsync requires a clean link with a shell that will allow it to start the remote copy of rsync, when run this way. If you have some way of running long-lived listening processes on the host you could try starting rsync manually listening for connections on a non-privileged port, but most techniques … Read more
I was having a similar issue with Ansible ping on Vagrant, it just suddenly stuck for no reason and has previously worked absolutely fine. Unlike any other issue like ssh or connective issue, it just forever die with no timeout. One thing I did to resolve this issue is to clean ~/.ansible directory and it … Read more
I don’t see that anyone has spelled out the specific risk with SSH port forwarding in detail. If you are inside a firewall and have outbound SSH access to a machine on the public internet, you can SSH to that public system and in the process create a tunnel so that people on the public … Read more
From the man page: ChrootDirectory Specifies the pathname of a directory to chroot(2) to after authentication. All components of the pathname must be root-owned directories that are not writable by any other user or group. After the chroot, sshd(8) changes the working directory to the user’s home directory. My guess is one or more of … Read more
The primary difference is the concept of interactivity. It’s similar to running commands locally inside of a script, vs. typing them out yourself. It’s different in that a remote command must choose a default, and non-interactive is safest. (and usually most honest) STDIN If a PTY is allocated, applications can detect this and know that … Read more
This is probably an issue with D-Bus and systemd. If the dbus service is restarted for some reason, you will also need to restart systemd-logind. You can check if this is the issue by opening the ssh daemon log (on Ubuntu it should be /var/log/auth.log) and check if it has these lines: sshd[2721]: pam_systemd(sshd:session): Failed … Read more
Just add a space after the key and put in the comment, e.g.: ssh-dss AAAAB3NzaC1kc3MAAACBAN+NX/rmUkRW7Xn7faglC/pxqbVIohbcVOt41VThMYORtMQr QSqMZugxew2s9iX4qRowHWLBRci6404nSydLiDe1q6/NmpK+oQ8zD1yXekl+fruBAYeno7f6dM7c 2swwwXY6knp4umXkLItxIUki6SXM0WfabJ8BwuNDyA8IrbFAAAAFQCynEN3MYXbs4AA7E/1I03jb B1rewAAAIAztzZUygrUI8XX6eE4zEHdTbv89AHYsAsf7fSAWnPxWc63dV0P5lCPNk58nze6+N+MD X7ZQADT6710fvbOmEFLciTwBGHHLxIV+1iTApJSsQp9T+pdkbFzBZ+mqQamZpSN1hC8fXe/Uty0D SbhnQ1qanwrOdKP1JV7DUgzehSfAAAAIEAwAyNYxUsGil46gZQea6sfhUnrBwyM6JnEbA6ogfGdS T2TDn1U5rfTV9UuNHzfoZ4CplVHclXyUPPhbKqcedpuRPJhHN/lp5MH7Q2tI/UxHvmePNHrXKk86 XYt7RzKHjWbHRxf84GIyTlKa8yfNfFlf9oNXdtBXcsJjHIvNsBk= ThisIsAComment The man page for sshd has a section on the authorized_keys format, where it states that the comment extends to the end of the line. While I haven’t tried it, you should … Read more
A trick I use sometimes is to use base64 to encode the commands, and pipe it to bash on the other site: MYCOMMAND=$(base64 -w0 script.sh) ssh user@remotehost “echo $MYCOMMAND | base64 -d | sudo bash” This will encode the script, with any commas, backslashes, quotes and variables inside a safe string, and send it to … Read more
You can use ssh-keygen for this. Despite its name it can do many more things than generating keys: dennis@lightning:~$ ssh-keygen -l -f .ssh/id_rsa.pub 2048 68:df:b2:22:d8:43:5d:36:75:c1:d8:59:c0:8c:22:e8 Dennis Kaarsemaker (RSA) dennis@lightning:~$ ssh-keygen -l -f foo.txt foo.txt is not a public key file.