API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 29th, 2015
238
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.27 KB | None | 0 0
raw download clone embed print report
  1. Last login: Mon Jun 29 15:35:08 2015 from 187.237.25.15
  2.  
  3. __| __|_ )
  4. _| ( / Amazon Linux AMI
  5. ___|\___|___|
  6.  
  7. https://aws.amazon.com/amazon-linux-ami/2015.03-release-notes/
  8. No packages needed for security; 4 packages available
  9. Run "sudo yum update" to apply all updates.
  10. [fulanitOpanga@opsys ~]$ sudo su -
  11. [sudo] password for fulanitOpanga:
  12. Sorry, try again.
  13. [sudo] password for fulanitOpanga:
  14. Last login: Mon Jun 29 15:35:18 UTC 2015 on pts/0
  15. [root@opsys ~]# ssh -v -i .ssh/opanga_sharedu.pem opanga@52.26.158.77
  16. OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
  17. debug1: Reading configuration data /etc/ssh/ssh_config
  18. debug1: /etc/ssh/ssh_config line 50: Applying options for *
  19. debug1: Connecting to 52.26.158.77 [52.26.158.77] port 22.
  20. debug1: Connection established.
  21. debug1: permanently_set_uid: 0/0
  22. debug1: identity file .ssh/opanga_sharedu.pem type -1
  23. debug1: identity file .ssh/opanga_sharedu.pem-cert type -1
  24. debug1: Enabling compatibility mode for protocol 2.0
  25. debug1: Local version string SSH-2.0-OpenSSH_6.2
  26. debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
  27. debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
  28. debug1: SSH2_MSG_KEXINIT sent
  29. debug1: SSH2_MSG_KEXINIT received
  30. debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
  31. debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
  32. debug1: sending SSH2_MSG_KEX_ECDH_INIT
  33. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  34. debug1: Server host key: ECDSA 42:4d:73:ab:c7:c0:57:bf:1f:d1:46:ad:15:77:0e:f6
  35. debug1: Host '52.26.158.77' is known and matches the ECDSA host key.
  36. debug1: Found key in /root/.ssh/known_hosts:1
  37. debug1: ssh_ecdsa_verify: signature correct
  38. debug1: SSH2_MSG_NEWKEYS sent
  39. debug1: expecting SSH2_MSG_NEWKEYS
  40. debug1: SSH2_MSG_NEWKEYS received
  41. debug1: Roaming not allowed by server
  42. debug1: SSH2_MSG_SERVICE_REQUEST sent
  43. debug1: SSH2_MSG_SERVICE_ACCEPT received
  44. debug1: Authentications that can continue: publickey
  45. debug1: Next authentication method: publickey
  46. debug1: Trying private key: .ssh/opanga_sharedu.pem
  47. debug1: read PEM private key done: type RSA
  48. debug1: Authentications that can continue: publickey
  49. debug1: No more authentication methods to try.
  50. Permission denied (publickey).
  51. [root@opsys ~]# ssh -v -i opanga@52.26.158.77
  52. OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
  53. Warning: Identity file opanga@52.26.158.77 not accessible: No such file or directory.
  54. usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
  55. [-D [bind_address:]port] [-e escape_char] [-F configfile]
  56. [-I pkcs11] [-i identity_file]
  57. [-L [bind_address:]port:host:hostport]
  58. [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
  59. [-R [bind_address:]port:host:hostport] [-S ctl_path]
  60. [-W host:port] [-w local_tun[:remote_tun]]
  61. [user@]hostname [command]
  62. [root@opsys ~]# ssh -v opanga@52.26.158.77
  63. OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
  64. debug1: Reading configuration data /etc/ssh/ssh_config
  65. debug1: /etc/ssh/ssh_config line 50: Applying options for *
  66. debug1: Connecting to 52.26.158.77 [52.26.158.77] port 22.
  67. debug1: Connection established.
  68. debug1: permanently_set_uid: 0/0
  69. debug1: identity file /root/.ssh/id_rsa type -1
  70. debug1: identity file /root/.ssh/id_rsa-cert type -1
  71. debug1: identity file /root/.ssh/id_dsa type -1
  72. debug1: identity file /root/.ssh/id_dsa-cert type -1
  73. debug1: identity file /root/.ssh/id_ecdsa type -1
  74. debug1: identity file /root/.ssh/id_ecdsa-cert type -1
  75. debug1: Enabling compatibility mode for protocol 2.0
  76. debug1: Local version string SSH-2.0-OpenSSH_6.2
  77. debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
  78. debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
  79. debug1: SSH2_MSG_KEXINIT sent
  80. debug1: SSH2_MSG_KEXINIT received
  81. debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
  82. debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
  83. debug1: sending SSH2_MSG_KEX_ECDH_INIT
  84. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  85. debug1: Server host key: ECDSA 42:4d:73:ab:c7:c0:57:bf:1f:d1:46:ad:15:77:0e:f6
  86. debug1: Host '52.26.158.77' is known and matches the ECDSA host key.
  87. debug1: Found key in /root/.ssh/known_hosts:1
  88. debug1: ssh_ecdsa_verify: signature correct
  89. debug1: SSH2_MSG_NEWKEYS sent
  90. debug1: expecting SSH2_MSG_NEWKEYS
  91. debug1: SSH2_MSG_NEWKEYS received
  92. debug1: Roaming not allowed by server
  93. debug1: SSH2_MSG_SERVICE_REQUEST sent
  94. debug1: SSH2_MSG_SERVICE_ACCEPT received
  95. debug1: Authentications that can continue: publickey
  96. debug1: Next authentication method: publickey
  97. debug1: Trying private key: /root/.ssh/id_rsa
  98. debug1: Trying private key: /root/.ssh/id_dsa
  99. debug1: Trying private key: /root/.ssh/id_ecdsa
  100. debug1: No more authentication methods to try.
  101. Permission denied (publickey).
  102. [root@opsys ~]# ssh -v opanga@ncss.opanga.com
  103. OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
  104. debug1: Reading configuration data /etc/ssh/ssh_config
  105. debug1: /etc/ssh/ssh_config line 50: Applying options for *
  106. debug1: Connecting to ncss.opanga.com [52.26.158.77] port 22.
  107. debug1: Connection established.
  108. debug1: permanently_set_uid: 0/0
  109. debug1: identity file /root/.ssh/id_rsa type -1
  110. debug1: identity file /root/.ssh/id_rsa-cert type -1
  111. debug1: identity file /root/.ssh/id_dsa type -1
  112. debug1: identity file /root/.ssh/id_dsa-cert type -1
  113. debug1: identity file /root/.ssh/id_ecdsa type -1
  114. debug1: identity file /root/.ssh/id_ecdsa-cert type -1
  115. debug1: Enabling compatibility mode for protocol 2.0
  116. debug1: Local version string SSH-2.0-OpenSSH_6.2
  117. debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
  118. debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
  119. debug1: SSH2_MSG_KEXINIT sent
  120. debug1: SSH2_MSG_KEXINIT received
  121. debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
  122. debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
  123. debug1: sending SSH2_MSG_KEX_ECDH_INIT
  124. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  125. debug1: Server host key: ECDSA 42:4d:73:ab:c7:c0:57:bf:1f:d1:46:ad:15:77:0e:f6
  126. The authenticity of host 'ncss.opanga.com (52.26.158.77)' can't be established.
  127. ECDSA key fingerprint is 42:4d:73:ab:c7:c0:57:bf:1f:d1:46:ad:15:77:0e:f6.
  128. Are you sure you want to continue connecting (yes/no)? yes
  129. Warning: Permanently added 'ncss.opanga.com' (ECDSA) to the list of known hosts.
  130. debug1: ssh_ecdsa_verify: signature correct
  131. debug1: SSH2_MSG_NEWKEYS sent
  132. debug1: expecting SSH2_MSG_NEWKEYS
  133. debug1: SSH2_MSG_NEWKEYS received
  134. debug1: Roaming not allowed by server
  135. debug1: SSH2_MSG_SERVICE_REQUEST sent
  136. debug1: SSH2_MSG_SERVICE_ACCEPT received
  137. debug1: Authentications that can continue: publickey
  138. debug1: Next authentication method: publickey
  139. debug1: Trying private key: /root/.ssh/id_rsa
  140. debug1: Trying private key: /root/.ssh/id_dsa
  141. debug1: Trying private key: /root/.ssh/id_ecdsa
  142. debug1: No more authentication methods to try.
  143. Permission denied (publickey).
  144. [root@opsys ~]# ssh -v -i .ssh/opanga_sharedu.pem opanga@ncss.opanga.com
  145. OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
  146. debug1: Reading configuration data /etc/ssh/ssh_config
  147. debug1: /etc/ssh/ssh_config line 50: Applying options for *
  148. debug1: Connecting to ncss.opanga.com [52.26.158.77] port 22.
  149. debug1: Connection established.
  150. debug1: permanently_set_uid: 0/0
  151. debug1: identity file .ssh/opanga_sharedu.pem type -1
  152. debug1: identity file .ssh/opanga_sharedu.pem-cert type -1
  153. debug1: Enabling compatibility mode for protocol 2.0
  154. debug1: Local version string SSH-2.0-OpenSSH_6.2
  155. debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
  156. debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
  157. debug1: SSH2_MSG_KEXINIT sent
  158. debug1: SSH2_MSG_KEXINIT received
  159. debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
  160. debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
  161. debug1: sending SSH2_MSG_KEX_ECDH_INIT
  162. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  163. debug1: Server host key: ECDSA 42:4d:73:ab:c7:c0:57:bf:1f:d1:46:ad:15:77:0e:f6
  164. debug1: Host 'ncss.opanga.com' is known and matches the ECDSA host key.
  165. debug1: Found key in /root/.ssh/known_hosts:3
  166. debug1: ssh_ecdsa_verify: signature correct
  167. debug1: SSH2_MSG_NEWKEYS sent
  168. debug1: expecting SSH2_MSG_NEWKEYS
  169. debug1: SSH2_MSG_NEWKEYS received
  170. debug1: Roaming not allowed by server
  171. debug1: SSH2_MSG_SERVICE_REQUEST sent
  172. debug1: SSH2_MSG_SERVICE_ACCEPT received
  173. debug1: Authentications that can continue: publickey
  174. debug1: Next authentication method: publickey
  175. debug1: Trying private key: .ssh/opanga_sharedu.pem
  176. debug1: read PEM private key done: type RSA
  177. debug1: Authentications that can continue: publickey
  178. debug1: No more authentication methods to try.
  179. Permission denied (publickey).
  180. [root@opsys ~]# /etc/init.d/sshd status
  181. openssh-daemon (pid 1650) is running...
  182. [root@opsys ~]# less /etc/ssh/ssh
  183. ssh_config ssh_host_dsa_key.pub ssh_host_key.pub
  184. sshd_config ssh_host_ecdsa_key ssh_host_rsa_key
  185. sshd_config.rpmnew ssh_host_ecdsa_key.pub ssh_host_rsa_key.pub
  186. ssh_host_dsa_key ssh_host_key
  187. [root@opsys ~]# less /etc/ssh/sshd_config
  188. # $OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $
  189.  
  190. # This is the sshd server system-wide configuration file. See
  191. # sshd_config(5) for more information.
  192.  
  193. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  194.  
  195. # The strategy used for options in the default sshd_config shipped with
  196. # OpenSSH is to specify options with their default value where
  197. # possible, but leave them commented. Uncommented options override the
  198. # default value.
  199.  
  200. # If you want to change the port on a SELinux system, you have to tell
  201. # SELinux about this change.
  202. # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
  203. #
  204. #Port 22
  205. #AddressFamily any
  206. #ListenAddress 0.0.0.0
  207. #ListenAddress ::
  208.  
  209. # The default requires explicit activation of protocol 1
  210. #Protocol 2
  211.  
  212. # HostKey for protocol version 1
  213. #HostKey /etc/ssh/ssh_host_key
  214. # HostKeys for protocol version 2
  215. #HostKey /etc/ssh/ssh_host_rsa_key
  216. #HostKey /etc/ssh/ssh_host_dsa_key
  217. #HostKey /etc/ssh/ssh_host_ecdsa_key
  218.  
  219. # Lifetime and size of ephemeral version 1 server key
  220. #KeyRegenerationInterval 1h
  221. #ServerKeyBits 1024
  222.  
  223. # Logging
  224. # obsoletes QuietMode and FascistLogging
  225. #SyslogFacility AUTH
  226. SyslogFacility AUTHPRIV
  227. #LogLevel INFO
  228.  
  229. # Authentication:
  230.  
  231. #LoginGraceTime 2m
  232. #PermitRootLogin yes
  233. # Only allow root to run commands over ssh, no shell
  234. PermitRootLogin forced-commands-only
  235. #StrictModes yes
  236. #MaxAuthTries 6
  237. #MaxSessions 10
  238.  
  239. #RSAAuthentication yes
  240. #PubkeyAuthentication yes
  241.  
  242. # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2# but this is overridden so installations will only check .ssh/authorized_keys
  243. AuthorizedKeysFile .ssh/authorized_keys
  244.  
  245. #AuthorizedPrincipalsFile none
  246.  
  247. #AuthorizedKeysCommand none
  248. #AuthorizedKeysCommandUser nobody
  249.  
  250. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  251. #RhostsRSAAuthentication no
  252. # similar for protocol version 2
  253. #HostbasedAuthentication no
  254. # Change to yes if you don't trust ~/.ssh/known_hosts for
  255. # RhostsRSAAuthentication and HostbasedAuthentication
  256. #IgnoreUserKnownHosts no
  257. # Don't read the user's ~/.rhosts and ~/.shosts files
  258. #IgnoreRhosts yes
  259.  
  260. # To disable tunneled clear text passwords, change to no here!
  261. #PasswordAuthentication yes
  262. #PermitEmptyPasswords no
  263. # EC2 uses keys for remote access
  264. PasswordAuthentication yes
  265.  
  266. # Change to no to disable s/key passwords
  267. #ChallengeResponseAuthentication yes
  268. ChallengeResponseAuthentication no
  269.  
  270. # Kerberos options
  271. #KerberosAuthentication no
  272. #KerberosOrLocalPasswd yes
  273. #KerberosTicketCleanup yes
  274. #KerberosGetAFSToken no
  275. #KerberosUseKuserok yes
  276.  
  277. # GSSAPI options
  278. #GSSAPIAuthentication no
  279. #GSSAPICleanupCredentials yes
  280. #GSSAPIStrictAcceptorCheck yes
  281. #GSSAPIKeyExchange no
  282.  
  283. # Set this to 'yes' to enable PAM authentication, account processing,
  284. # and session processing. If this is enabled, PAM authentication will
  285. # be allowed through the ChallengeResponseAuthentication and
  286. # PasswordAuthentication. Depending on your PAM configuration,
  287. # PAM authentication via ChallengeResponseAuthentication may bypass
  288. # the setting of "PermitRootLogin without-password".
  289. # If you just want the PAM account and session checks to run without
  290. # PAM authentication, then enable this but set PasswordAuthentication
  291. # and ChallengeResponseAuthentication to 'no'.
  292. # WARNING: 'UsePAM no' is not supported in Fedora and may cause several
  293. # problems.
  294. #UsePAM no
  295. # Leaving enabled as described so that account and session checks are run
  296. UsePAM yes
  297.  
  298. #AllowAgentForwarding yes
  299. #AllowTcpForwarding yes
  300. #GatewayPorts no
  301. #X11Forwarding no
  302. X11Forwarding yes
  303. #X11DisplayOffset 10
  304. #X11UseLocalhost yes
  305. #PrintMotd yes
  306. # Explicitly enable
  307. PrintLastLog yes
  308. #TCPKeepAlive yes
  309. #UseLogin no
  310. UsePrivilegeSeparation sandbox # Default for new installations.
  311. # $OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $
  312. # This is the sshd server system-wide configuration file. See
  313. # sshd_config(5) for more information.
  314.  
  315. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  316.  
  317. # The strategy used for options in the default sshd_config shipped with
  318. # OpenSSH is to specify options with their default value where
  319. # possible, but leave them commented. Uncommented options override the
  320. # default value.
  321.  
  322. # If you want to change the port on a SELinux system, you have to tell
  323. # SELinux about this change.
  324. # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
  325. #
  326. #Port 22 #AddressFamily any
  327. #ListenAddress 0.0.0.0
  328. #ListenAddress ::
  329.  
  330. # The default requires explicit activation of protocol 1
  331. #Protocol 2
  332.  
  333. # HostKey for protocol version 1
  334. #HostKey /etc/ssh/ssh_host_key
  335. # HostKeys for protocol version 2
  336. #HostKey /etc/ssh/ssh_host_rsa_key
  337. #HostKey /etc/ssh/ssh_host_dsa_key
  338. #HostKey /etc/ssh/ssh_host_ecdsa_key
  339.  
  340. # Lifetime and size of ephemeral version 1 server key
  341. #KeyRegenerationInterval 1h
  342. #ServerKeyBits 1024
  343.  
  344. # Logging
  345. # obsoletes QuietMode and FascistLogging
  346. #SyslogFacility AUTH
  347. SyslogFacility AUTHPRIV
  348. #LogLevel INFO
  349.  
  350. # Authentication:
  351.  
  352. #LoginGraceTime 2m
  353. #PermitRootLogin yes
  354. # Only allow root to run commands over ssh, no shell
  355. PermitRootLogin forced-commands-only
  356. #StrictModes yes
  357. #MaxAuthTries 6
  358. #MaxSessions 10
  359.  
  360. #RSAAuthentication yes
  361. #PubkeyAuthentication yes
  362.  
  363. # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2# but this is overridden so installations will only check .ssh/authorized_keys
  364. AuthorizedKeysFile .ssh/authorized_keys
  365.  
  366. #AuthorizedPrincipalsFile none
  367. :
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!