API tools faq
paste
Guest User

Untitled

a guest
Jan 23rd, 2018
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.43 KB | None | 0 0
raw download clone embed print report
  1. $ ssh-keygen -t rsa -f ~/.ssh/production-key.id_rsa
  2.  
  3. .ssh$ ls -l
  4. total 36
  5. -rw-rw-r-- 1 viggy viggy 234 Dec 22 15:21 config
  6. -rw------- 1 viggy viggy 1766 Dec 22 15:03 development-key.id_rsa
  7. -rw-r--r-- 1 viggy viggy 397 Dec 22 15:03 development-key.id_rsa.pub
  8. -rw------- 1 viggy viggy 1766 Dec 22 13:12 production-key.id_rsa
  9. -rw-r--r-- 1 viggy viggy 397 Dec 22 13:12 production-key.id_rsa.pub
  10. -rw------- 1 viggy viggy 1766 Sep 5 20:36 id_rsa
  11. -rw-r--r-- 1 viggy viggy 403 Sep 5 20:36 id_rsa.pub
  12. -rw-r--r-- 1 viggy viggy 4422 Dec 22 11:45 known_hosts
  13.  
  14. vim config
  15. Host production
  16. HostName xx.xxx.xx.xxx
  17. User myuser
  18. IdentityFile ~/.ssh/production-key.id_rsa
  19.  
  20. Host development
  21. HostName xx.xxx.xx.xxx
  22. User myuser
  23. IdentityFile ~/.ssh/development-key.id_rsa
  24.  
  25. cd ~/.ssh
  26. vim authorized_keys // deleted contents of this file and copied my development-key.id_rsa.pub into it and saved file
  27. cat authorized_keys // looked at contents to confirm it matched my development-key.id_rsa.pub
  28.  
  29. $ ls -l | grep home
  30. drwxr-xr-x 6 root root 4096 Aug 7 2012 home
  31. $ ls -l | grep myuser
  32. drwxr-xr-x 16 myuser myuser 4096 Dec 22 17:47 myuser
  33. $ ls -la | grep .ssh
  34. drwx------ 3 myuser myuser 4096 Dec 22 15:32 .ssh
  35. ~/.ssh $ ls -l | grep authorized_keys
  36. -rw------- 1 myuser myuser 396 Dec 22 15:32 authorized_keys
  37.  
  38. $ cd /etc/ssh
  39. $ head -n 1000 sshd_config | grep 'PasswordAuthentication'
  40. #PasswordAuthentication yes
  41.  
  42. $ head -n 1000 sshd_config | grep 'AllowUsers'
  43. $ head -n 1000 sshd_config | grep 'DenyUsers'
  44.  
  45. head -n 1000 sshd_config | grep 'PubkeyAuthentication'
  46. PubkeyAuthentication yes
  47. $ head -n 1000 sshd_config | grep 'RSAAuthentication'
  48. RSAAuthentication yes
  49. RhostsRSAAuthentication no
  50.  
  51. sudo restart ssh
  52.  
  53. ls -A /home
  54. .directory lost+found quota.group someuser
  55. myuser passenger quota.user
  56.  
  57. / $ locate sshd_config
  58. /etc/ssh/sshd_config
  59. /usr/share/doc/openssh-client/examples/sshd_config
  60. /usr/share/man/man5/sshd_config.5.gz
  61.  
  62. ssh -vv myuser@xx.xxx.xx.xxx
  63. OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
  64. debug1: Reading configuration data /home/viggy/.ssh/config
  65. debug1: Reading configuration data /etc/ssh/ssh_config
  66. debug1: /etc/ssh/ssh_config line 19: Applying options for *
  67. debug2: ssh_connect: needpriv 0
  68. debug1: Connecting to xx.xxx.xx.xxx [xx.xxx.xx.xxx] port 22.
  69. debug1: Connection established.
  70. debug1: identity file /home/viggy/.ssh/id_rsa type 1
  71. debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
  72. debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
  73. debug1: identity file /home/viggy/.ssh/id_rsa-cert type -1
  74. debug1: identity file /home/viggy/.ssh/id_dsa type -1
  75. debug1: identity file /home/viggy/.ssh/id_dsa-cert type -1
  76. debug1: identity file /home/viggy/.ssh/id_ecdsa type -1
  77. debug1: identity file /home/viggy/.ssh/id_ecdsa-cert type -1
  78. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
  79. debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
  80. debug1: Enabling compatibility mode for protocol 2.0
  81. debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
  82. debug2: fd 3 setting O_NONBLOCK
  83. debug1: SSH2_MSG_KEXINIT sent
  84. debug1: SSH2_MSG_KEXINIT received
  85. debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  86. debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
  87. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  88. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  89. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  90. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  91. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  92. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  93. debug2: kex_parse_kexinit:
  94. debug2: kex_parse_kexinit:
  95. debug2: kex_parse_kexinit: first_kex_follows 0
  96. debug2: kex_parse_kexinit: reserved 0
  97. debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  98. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  99. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  100. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  101. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  102. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  103. debug2: kex_parse_kexinit: none,zlib@openssh.com
  104. debug2: kex_parse_kexinit: none,zlib@openssh.com
  105. debug2: kex_parse_kexinit:
  106. debug2: kex_parse_kexinit:
  107. debug2: kex_parse_kexinit: first_kex_follows 0
  108. debug2: kex_parse_kexinit: reserved 0
  109. debug2: mac_setup: found hmac-md5
  110. debug1: kex: server->client aes128-ctr hmac-md5 none
  111. debug2: mac_setup: found hmac-md5
  112. debug1: kex: client->server aes128-ctr hmac-md5 none
  113. debug1: sending SSH2_MSG_KEX_ECDH_INIT
  114. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  115. debug1: Server host key: RSA 42:f0:18:ae:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
  116. debug1: Host 'xx.xxx.xx.xxx' is known and matches the RSA host key.
  117. debug1: Found key in /home/viggy/.ssh/known_hosts:3
  118. debug1: ssh_rsa_verify: signature correct
  119. debug2: kex_derive_keys
  120. debug2: set_newkeys: mode 1
  121. debug1: SSH2_MSG_NEWKEYS sent
  122. debug1: expecting SSH2_MSG_NEWKEYS
  123. debug2: set_newkeys: mode 0
  124. debug1: SSH2_MSG_NEWKEYS received
  125. debug1: Roaming not allowed by server
  126. debug1: SSH2_MSG_SERVICE_REQUEST sent
  127. debug2: service_accept: ssh-userauth
  128. debug1: SSH2_MSG_SERVICE_ACCEPT received
  129. debug2: key: /home/viggy/.ssh/id_rsa (0xb8bab790)
  130. debug2: key: viggy@teamviggy (0xb8bb1e18)
  131. debug2: key: viggy@teamviggy (0xb8bb1cb8)
  132. debug2: key: /home/viggy/.ssh/id_dsa ((nil))
  133. debug2: key: /home/viggy/.ssh/id_ecdsa ((nil))
  134. debug1: Authentications that can continue: publickey,password
  135. debug1: Next authentication method: publickey
  136. debug1: Offering RSA public key: /home/viggy/.ssh/id_rsa
  137. debug2: we sent a publickey packet, wait for reply
  138. debug1: Authentications that can continue: publickey,password
  139. debug1: Offering RSA public key: viggy@teamviggy
  140. debug2: we sent a publickey packet, wait for reply
  141. debug1: Authentications that can continue: publickey,password
  142. debug1: Offering RSA public key: viggy@teamviggy
  143. debug2: we sent a publickey packet, wait for reply
  144. debug1: Authentications that can continue: publickey,password
  145. debug1: Trying private key: /home/viggy/.ssh/id_dsa
  146. debug1: Trying private key: /home/viggy/.ssh/id_ecdsa
  147. debug2: we did not send a packet, disable method
  148. debug1: Next authentication method: password
  149. myuser@xx.xxx.xx.xxx's password:
  150.  
  151. ssh -vv myuser@xx.xxx.xx.xxx
  152. OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
  153. debug1: Reading configuration data /home/viggy/.ssh/config
  154. debug1: Reading configuration data /etc/ssh/ssh_config
  155. debug1: /etc/ssh/ssh_config line 19: Applying options for *
  156.  
  157. #============= sshd_t ==============
  158. allow sshd_t home_root_t:file { read getattr open };
  159.  
  160. Host production
  161. HostName xx.xxx.xx.xxx
  162. User myuser
  163. IdentityFile ~/.ssh/production-key.id_rsa
  164.  
  165. Host development
  166. HostName xx.xxx.xx.xxx
  167. User myuser
  168. IdentityFile ~/.ssh/development-key.id_rsa
  169.  
  170. Host development
  171. HostName xx.xxx.xx.xxx
  172. User myuser
  173. IdentityFile ~/.ssh/development-key.id_rsa
  174.  
  175. Host production
  176. HostName xx.xxx.xx.xxx
  177. User myuser
  178. IdentityFile ~/.ssh/production-key.id_rsa
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!