liv04soccer

Q: How to config ssh ?

Hello I am not really Terminal Savvy.  But I currently want to use ssh to remote log in so I can access my files from anywhere using Filezilla. Wile still having the most secure connection that I can possibly have.

 

I currently did set up ssh and it is working I am using Filezilla so I can remotely access my files. But my worry is using my Mac account name and password. I would like to know how to lock down my server as much as possibe to avoid hackers.

 

1. I'm not Terminal Savvy

2. I would like to know how to disable protocol 1 (Heard it was less secure)

3. I would like to know how to disable root login.

4. I use Filezilla for (SFTP) secure ftp and still want to be able to use this with the above security measures in effect if possible.

 

 

 

Just wondering how or if this is possible your help would be greatly appreciated.

Mac Pro, Mac OS X (10.6.8)

Posted on Dec 30, 2012 8:24 PM

Close

Q: How to config ssh ?

  • All replies
  • Helpful answers

first Previous Page 3 of 3
  • by Alberto Ravasio,

    Alberto Ravasio Alberto Ravasio Jan 8, 2013 2:37 PM in response to liv04soccer
    Level 5 (4,070 points)
    Jan 8, 2013 2:37 PM in response to liv04soccer

    On the client in Terminal issue

     

    ssh -v admin@server

     

    Post the result. You may want to obscure the IP addresses and Server host key.

  • by liv04soccer,

    liv04soccer liv04soccer Jan 8, 2013 2:53 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Jan 8, 2013 2:53 PM in response to Alberto Ravasio

    OpenSSH_5.2pl, OpenSLL 0.9.8.r Feb 2011

    debug1: Reading configuration data /etc/ssh_config

    ssh: Could not resolve hostname server: nodename nor servname provided, or not known

  • by Alberto Ravasio,

    Alberto Ravasio Alberto Ravasio Jan 8, 2013 2:57 PM in response to liv04soccer
    Level 5 (4,070 points)
    Jan 8, 2013 2:57 PM in response to liv04soccer

    Sorry I didn't mention, because it was obvious to me, but you must change admin with the username of your MacPro, and server with the IP or servername of your MacPro

  • by liv04soccer,

    liv04soccer liv04soccer Jan 8, 2013 3:05 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Jan 8, 2013 3:05 PM in response to Alberto Ravasio

    Oh sorry about that. Here is what I got.

     

    OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011

    debug1: Reading configuration data /etc/ssh_config

    debug1: Connecting to xx.xxx.xxx.xxx [xx.xxx.xxx.xxx] port 22.

    debug1: Connection established.

    debug1: identity file /Users/Ryan/.ssh/identity type -1

    debug1: identity file /Users/Ryan/.ssh/id_rsa type -1

    debug1: identity file /Users/Ryan/.ssh/id_dsa type 2

    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2

    debug1: match: OpenSSH_5.2 pat OpenSSH*

    debug1: Enabling compatibility mode for protocol 2.0

    debug1: Local version string SSH-2.0-OpenSSH_5.2

    debug1: SSH2_MSG_KEXINIT sent

    debug1: SSH2_MSG_KEXINIT received

    debug1: kex: server->client aes128-ctr hmac-md5 none

    debug1: kex: client->server aes128-ctr hmac-md5 none

    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

    debug1: Host 'xx.xxx.xxx.xxx' is known and matches the RSA host key.

    debug1: Found key in /Users/Ryan/.ssh/known_hosts:2

    debug1: ssh_rsa_verify: signature correct

    debug1: SSH2_MSG_NEWKEYS sent

    debug1: expecting SSH2_MSG_NEWKEYS

    debug1: SSH2_MSG_NEWKEYS received

    debug1: SSH2_MSG_SERVICE_REQUEST sent

    debug1: SSH2_MSG_SERVICE_ACCEPT received

    debug1: Authentications that can continue: publickey

    debug1: Next authentication method: publickey

    debug1: Trying private key: /Users/Ryan/.ssh/identity

    debug1: Trying private key: /Users/Ryan/.ssh/id_rsa

    debug1: Offering public key: /Users/Ryan/.ssh/id_dsa

    debug1: Authentications that can continue: publickey

    debug1: No more authentication methods to try.

    Permission denied (publickey).

    RyanTorriero-MacBook:~ Ryan$

  • by liv04soccer,

    liv04soccer liv04soccer Jan 17, 2013 3:54 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Jan 17, 2013 3:54 PM in response to Alberto Ravasio

    I followed your directions exactly step by step but in don't understand why is says I cant connect permission dined even when I have the public and private key.

  • by Alberto Ravasio,

    Alberto Ravasio Alberto Ravasio Jan 18, 2013 9:47 AM in response to liv04soccer
    Level 5 (4,070 points)
    Jan 18, 2013 9:47 AM in response to liv04soccer

    liv04soccer wrote:

     

    Oh sorry about that. Here is what I got.

     

    debug1: Authentications that can continue: publickey

    debug1: Next authentication method: publickey

    debug1: Trying private key: /Users/Ryan/.ssh/identity

    debug1: Trying private key: /Users/Ryan/.ssh/id_rsa

    debug1: Offering public key: /Users/Ryan/.ssh/id_dsa

    debug1: Authentications that can continue: publickey

    debug1: No more authentication methods to try.

    Permission denied (publickey).

     

    There must be something wrong in your /Users/Ryan/.ssh directory or the SSH server ~/.ssh/ directory.

     

    Save your actual ~/.ssh contents on both the server and the client then remove every files in it.

     

    After you made the above house cleaning, generate once again the key pair on the client (see my post Step 2 - Key pair)

     

    The following files are the only files needed in ~/.ssh on the client

     

    id_dsa

    id_dsa.pub

     

    After you connected for the first time to an SSH server

     

    known_hosts

     

    will be created.

     

    The only file needed in ~/.ssh on the server is

     

    authorized_keys

     

    that is the exact copy of your id_dsa.pub if you are the only one allowed to connect to the server.

  • by liv04soccer,

    liv04soccer liv04soccer Mar 11, 2013 2:53 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Mar 11, 2013 2:53 PM in response to Alberto Ravasio

    Thank you for all your help, will try this and get back to you.

  • by liv04soccer,

    liv04soccer liv04soccer Mar 11, 2013 4:12 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Mar 11, 2013 4:12 PM in response to Alberto Ravasio

    This is what I got after I tried to connect to my server Permission denied (publickey)

     

    My Passphrase consists of random letters numbers and symbols.  Could that be a reason why its not working ?

  • by Alberto Ravasio,

    Alberto Ravasio Alberto Ravasio Mar 12, 2013 3:16 PM in response to liv04soccer
    Level 5 (4,070 points)
    Mar 12, 2013 3:16 PM in response to liv04soccer

    This article explains how to troubleshoot ssh connection issues.

  • by Ciarals,

    Ciarals Ciarals Mar 12, 2013 5:49 PM in response to Alberto Ravasio
    Level 1 (0 points)
    Mar 12, 2013 5:49 PM in response to Alberto Ravasio

    DELETED POST

first Previous Page 3 of 3