ssh

Hello, I'm a new user of FreeBSD - I recently installed FreeBSD 11.2 p4, and I use it as a backup- and fileserver using Samba48 and bacula. I also play around with it. I've joined the machine to a Samba domain and log in with winbind with domain users works using GSSAPI. NFSv4 with kerberos...

Suppose you have a remote machine that you can ssh into. You want to make some changes to the config, but making a mistake could lock you out of the box. This is a technique for setting up a 2nd sshd instance and also how to configure it as a service. Standalone On the server enter...

I have been keeping an eye on issues pertaining to 11.2 on this platform for the past four days. I, like many others, just upgraded my box [from FBSD 11.1-RELEASE-p9] to 11.2. And I ran a few other commands like portmaster -a, pkg upgrade and so on after the upgrade. After restarting the PC, I...

Hello All, With all the fuzz and issues with security and privacy these days I decided to give it a go with a VPN, mostly for the fun and challenge. I am partially done with a scenario that sounds very typical these days, although it is not necessary plain vanilla. The overall idea is...

Hi I'm trying to disable password login for all users except one, "foo". That way, for example, I can login as "bar" with public key but not password. And I can login as "foo" with password. I tried this config: AllowUsers foo bar Match User !foo PasswordAuthentication no Match all #...

I have a use case for authpf. However, I'd prefer to stick with IPFW as it seems to be more maintained and more recent than the included PF version. However, I've been unable to locate an alternate option that'll work with IPFW. Maybe I'm missing something, or maybe there's another way...

Hi, I try to use a ssh connection with Public Key (ECDSA) In client: I create a private/public key ssh-keygen -t ecdsa i choose filename: id_ecdsa_toto In remote server: IP:AAA.BBB.CCC.DDD I create a new user: toto. toto is not in wheel group. I add my public key id_ecdsa_toto.pub in...

Hello, I am trying to get security/keychain to work but I am experiencing a problem with it not actually setting the env: SSH_AUTH_SOCK and SSH_AGENT_PID. It starts and apparently set everything as expected but does not work when I try to use ssh, unless I set the variables manually later...

When using ssh to connect to FreeBSD 11.0 the link will occasionally shut down with the following in /var/log/messages Aug 23 14:45:11 karen sshd[62451]: fatal: Fssh_packet_write_poll: Connection from 174.77.777.77 port 57670: Permission denied If no program is running in the shell, the link...

So here's my scenario. * I have a home server (HostB) which is completely within my control. * I have an off-site machine that can potentially be physically accessed by other people I don't trust (HostA). I want to do off-site backups (encrypted of course) via `duplicity` from HostB to...

Hello. Has anyone worked out a way of enabling Google Authenticator (security/pam_google_authenticator) on a FreeBSD host to require one-time passwords for ssh connections, except for those from a whitelisted IP address range? I need to add this extra layer of protection to my hosted server as...

Hello, we are using net/ssh in Ruby to execute scripts on a FreeBSD machine, in order to do some checks for Nagios. Actually it is a brand new Pfsense applicance. The code is roughly the following: Net::SSH.start(@host, @user, {:password=>@pass}) do |ssh| erg=ssh.exec! "ls -al" p erg end...

Hello, each time I reload my pf.conf using the command: pfctl -F all -f /etc/pf.conf my ssh session dies. It does not just hang for a few seconds. It simply dies and I have to launch a new one. This happens even though both the old and the new configurations allow incoming connexion to the ssh...

I've been trying to setup ssh exclusively over IPV6 but have run in to a few issues. These are the steps I'm following, theoretically this should just work. Which is why I'm baffled at this point. I researched a few guides going back to version 10.3 and the process seems to be as follows...

What would be the easiest way to provide access to the "End devices" on the picture? I need accessing just a few TCP/IP ports. I can use SSH port forwarding, maybe using security/autossh to make it persistent (in pfSense?). Would it be reliable? A fully functional VPN maybe an overkill for this...

Hello! I've installed FReeBSD 11 on my client mashine. On my server I have also FreeBSD 11. My client has 3G modem which successfully connects through ppp daemon to the cellurar network. After that my client successfully establish L2TP IPSec connection to my server. After that I connect to my...

I have FreeBSD 10.3 AMD64. I have a github account, but I thought I would like a private repo as well, so I got a bitbucket account. I set up ssh for bitbucket, and would like to do so for github as well. But how will git not become confused as to which remote I am trying to sync with? I...

All right gone until move my desktop with 2 PC (pc1:FreeBSD 10.1, pc2:Windows 7 pro) I use all days connection on my server in data housing with SSH via VPN routers. Now, I can connect on my server with pc2 on Putty. But I can't connect with pc1. I don't understand. # ssh -vv...

Hello, I am finally using automount/autofs for mounting home samba shares (and my BlackBerry 10 phone, which has also Windows sharing enabled [samba inside]). Work reliably even with laptop sleeps and moving between networks (proper timeouts, no hangs etc.). My /etc/auto_master file...

I was using the send/recv ZFS command to upload snaphots from a server to another via ssh. There were no issue while both were running 10.3-RELEASE. But, since I upgraded the receiver to 11-RELEASE, the process hangs while sending or receiving the 2nd set. First set, root@mySnap is well...