OpenSSH is one of the most popular implementations of SSH used today and available by default in many Linux and Unix-like operating systems.
Questions tagged [openssh]
1002 questions
321
votes
18 answers
Windows SSH: Permissions for 'private-key' are too open
I've OpenSSH 7.6 installed in Windows 7 for testing purposes. SSH client & server work just fine till I tried to access one of my AWS EC2 box from this windows.
It seems like I need to change the permission on the private key file. This can be…
Sabrina
- 3,873
- 6
- 14
- 22
229
votes
8 answers
How to make an SSH tunnel publicly accessible?
Referring back to this question, I am executing the below via OpenSSH (Client: Mac OS X 10.6 | Server: Linux Mint), however the port that is being tunneled is not working publicly:
ssh -R 8080:localhost:80 -N root@example.com
The purpose is so the…
Trevor Rudolph
- 2,421
- 3
- 14
- 14
219
votes
11 answers
Remove key from known_hosts
I built several virtual machines during the last few weeks. The problem is, the .ssh/known_hosts gives me the Man in the middle warning. This happens because another fingerprint is associated with the virtual machine IP.
In the .ssh/known_hosts…
Adam Matan
- 7,320
- 16
- 55
- 82
202
votes
12 answers
Is there a way for one SSH config file to include another one?
In case it matters:
OS: Ubuntu 10.04
SSH: OpenSSH_5.3p1 Debian-3ubuntu5
I'd like one SSH config file to include another one. The use case would be to define whatever I want in my default .ssh/config file and then pre-pend a couple of extra things…
Joe Casadonte
- 4,823
- 5
- 24
- 37
134
votes
6 answers
SHA256 ssh fingerprint given by the client but only md5 fingerprint known for server
When connecting to a new/unknown server (with recent OpenSSH), for example:
ssh example.com
You get the fingerprint like below:
The authenticity of host 'example.org (192.0.2.42)' can't be established.
RSA key fingerprint is…
JonnyJD
- 3,513
- 3
- 17
- 21
115
votes
2 answers
Howto force ssh to use a specific private key?
With ssh -i you can instruct ssh to use an extra private key to try authentication.
The documentation is not clear on how to explicitly use only that key.
Herman van Rink
- 2,733
- 3
- 10
- 9
67
votes
4 answers
How can I find a list of MACs, Ciphers, and KexAlgorithms that my openssh client supports?
Is there a way to make ssh output what MACs, Ciphers, and KexAlgorithms that it supports?
I'd like to find out dynamically instead of having to look at the source.
Colin Dean
- 1,527
- 3
- 12
- 9
59
votes
4 answers
get SSH key fingerprint in (old) hex format on new version of openssh
It seems that openssh has changed the way it displays key fingerprints.
I am trying to ssh from a client machine to a server:
client: ubuntu 14.04 running OpenSSH 6.6.1
server: FreeBSD running OpenSSH 7.2p2.
The client reports the md5 hash of…
stochastic
- 843
- 1
- 6
- 15
53
votes
1 answer
Does the right half of the rsa public key matter?
In a public key file "id_rsa.pub" generated by ssh-keygen, does the part after the == matter?
I ask because when I changed "root@somedomain.com" to "root", it seems to still work.
More generally, I am curious about what the purpose of that half is.
merlin2011
- 1,641
- 3
- 21
- 26
51
votes
4 answers
SSH permission denied on correct password authentication
I could successfully SSH into my machine yesterday with the exact same credentials I am using today. The machine is running CentOS 6.3. But now for some reason it is giving me permission denied.
Here is my -v print out, sshd_config, and ssh_config…
Kentgrav
- 1,372
- 1
- 15
- 18
46
votes
2 answers
What does "key_load_public: no such file or directory" mean?
I've been troubleshooting a PubkeyAuthentication-only issue. When I use verbose mode, I see a lot of "key_load_public: no such file or directory".
Obviously, the keys exits on the filesystem, so that message does not appear to have a customary…
jww
- 10,938
- 35
- 110
- 195
46
votes
2 answers
ssh -o PreferredAuthentications: What's the difference between "password" and "keyboard-interactive"?
Both PreferredAuthentications=password and PreferredAuthentications=keyboard-interactive would prompt for the password, so what's the difference between them?
I Google'd with the keywords ssh PreferredAuthentications password keyboard-interactive…
su.root
- 764
- 1
- 5
- 14
46
votes
4 answers
Can someone explain the 'PasswordAuthentication' in the /etc/ssh/sshd_config file?
On this page, the explanation given is:
The option PasswordAuthentication
specifies whether we should use
password-based authentication. For
strong security, this option must
always be set to yes.
But it fails to provide any use case…
Zeta2
- 835
- 2
- 8
- 8
45
votes
4 answers
Disable "Permanently added ..." warning on local LAN
I have the following in my ssh_config to connect to machines on my local LAN and machines in a VM:
Host 172.16.*.*
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
However, each time I connect it produces a warning:
$ ssh…
jww
- 10,938
- 35
- 110
- 195
43
votes
7 answers
How to edit known_hosts when several hosts share the same IP and DNS name?
I regularly ssh into a computer which is a dual-boot OS X / Linux computer. The two OS instance do not share the same host key, so they can be seen as two host sharing the same IP and DNS. Let's say the IP is 192.168.0.9, and the names are hostname…
Frédéric Grosshans
- 1,265
- 2
- 10
- 10