Apple Event: May 7th at 7 am PT

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Level 1

0 points

How to config ssh ?

Hello I am not really Terminal Savvy. But I currently want to use ssh to remote log in so I can access my files from anywhere using Filezilla. Wile still having the most secure connection that I can possibly have.

I currently did set up ssh and it is working I am using Filezilla so I can remotely access my files. But my worry is using my Mac account name and password. I would like to know how to lock down my server as much as possibe to avoid hackers.

1. I'm not Terminal Savvy

2. I would like to know how to disable protocol 1 (Heard it was less secure)

3. I would like to know how to disable root login.

4. I use Filezilla for (SFTP) secure ftp and still want to be able to use this with the above security measures in effect if possible.

Just wondering how or if this is possible your help would be greatly appreciated.

Mac Pro, Mac OS X (10.6.8)

Posted on Dec 30, 2012 8:10 PM

39 replies

liv04soccer Author

Level 1

0 points

Jan 8, 2013 2:53 PM in response to Alberto Ravasio

OpenSSH_5.2pl, OpenSLL 0.9.8.r Feb 2011

debug1: Reading configuration data /etc/ssh_config

ssh: Could not resolve hostname server: nodename nor servname provided, or not known

Jan 8, 2013 2:57 PM in response to liv04soccer

Sorry I didn't mention, because it was obvious to me, but you must change admin with the username of your MacPro, and server with the IP or servername of your MacPro

liv04soccer Author

Level 1

0 points

Jan 8, 2013 3:05 PM in response to Alberto Ravasio

Oh sorry about that. Here is what I got.

OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011

debug1: Reading configuration data /etc/ssh_config

debug1: Connecting to xx.xxx.xxx.xxx [xx.xxx.xxx.xxx] port 22.

debug1: Connection established.

debug1: identity file /Users/Ryan/.ssh/identity type -1

debug1: identity file /Users/Ryan/.ssh/id_rsa type -1

debug1: identity file /Users/Ryan/.ssh/id_dsa type 2

debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2

debug1: match: OpenSSH_5.2 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_5.2

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes128-ctr hmac-md5 none

debug1: kex: client->server aes128-ctr hmac-md5 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Host 'xx.xxx.xxx.xxx' is known and matches the RSA host key.

debug1: Found key in /Users/Ryan/.ssh/known_hosts:2

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey

debug1: Next authentication method: publickey

debug1: Trying private key: /Users/Ryan/.ssh/identity

debug1: Trying private key: /Users/Ryan/.ssh/id_rsa

debug1: Offering public key: /Users/Ryan/.ssh/id_dsa

debug1: Authentications that can continue: publickey

debug1: No more authentication methods to try.

Permission denied (publickey).

RyanTorriero-MacBook:~ Ryan$

liv04soccer Author

Level 1

0 points

Jan 17, 2013 3:54 PM in response to Alberto Ravasio

I followed your directions exactly step by step but in don't understand why is says I cant connect permission dined even when I have the public and private key.

Jan 18, 2013 9:47 AM in response to liv04soccer

liv04soccer wrote:

Oh sorry about that. Here is what I got.

debug1: Authentications that can continue: publickey

debug1: Next authentication method: publickey

debug1: Trying private key: /Users/Ryan/.ssh/identity

debug1: Trying private key: /Users/Ryan/.ssh/id_rsa

debug1: Offering public key: /Users/Ryan/.ssh/id_dsa

debug1: Authentications that can continue: publickey

debug1: No more authentication methods to try.

Permission denied (publickey).

There must be something wrong in your /Users/Ryan/.ssh directory or the SSH server ~/.ssh/ directory.

Save your actual ~/.ssh contents on both the server and the client then remove every files in it.

After you made the above house cleaning, generate once again the key pair on the client (see my post Step 2 - Key pair)

The following files are the only files needed in ~/.ssh on the client

id_dsa

id_dsa.pub

After you connected for the first time to an SSH server

known_hosts

will be created.

The only file needed in ~/.ssh on the server is

authorized_keys

that is the exact copy of your id_dsa.pub if you are the only one allowed to connect to the server.

liv04soccer Author

Level 1

0 points

Mar 11, 2013 2:53 PM in response to Alberto Ravasio

Thank you for all your help, will try this and get back to you.

liv04soccer Author

Level 1

0 points

Mar 11, 2013 4:12 PM in response to Alberto Ravasio

This is what I got after I tried to connect to my server Permission denied (publickey)

My Passphrase consists of random letters numbers and symbols. Could that be a reason why its not working ?

Mar 12, 2013 3:16 PM in response to liv04soccer

This article explains how to troubleshoot ssh connection issues.

Ciarals

Level 1

9 points

Mar 12, 2013 5:49 PM in response to Alberto Ravasio

DELETED POST

How to config ssh ?