ssh

Hi, looking for help. Whenever I start/restart the PF service (sudo service pf start), my SSH tunnel disconnects (and hangs locally). I have to kill the process locally or let it timeout, and reconnect in order to continue. Though I don't interfere with pf service often, this dropping of...

I'm using /etc/hosts to resolve several local hosts for ages, but recently discovered that now (FreeBSD 12.0-RELEASE-p3) ssh tries to resolve them via DNS first which causes huge delays. I couldn't find any specific setting for that. Am I missing anything? Thanks for advises!

I need to set up permissions properly on a web folder for two users and apache's www user. The hierarchy looks like so: /var/www/ contains several folders for several websites managed by user1. /var/www/special/ contains a special website folder managed by user2. Therefore, I need user1 to be...

I've been having troubles running my playlist with mplayer over ssh. This used to work without any issues for me with the following: ssh -i .ssh/user_key.id_rsa user@host "mplayer -shuffle -playlist /path/to/playlist.txt -af resample=44100,channels=2,format=s16le -ao pcm:file=/dev/stdout...

Hello, I'm a new user of FreeBSD - I recently installed FreeBSD 11.2 p4, and I use it as a backup- and fileserver using Samba48 and bacula. I also play around with it. I've joined the machine to a Samba domain and log in with winbind with domain users works using GSSAPI. NFSv4 with kerberos...

Suppose you have a remote machine that you can ssh into. You want to make some changes to the config, but making a mistake could lock you out of the box. This is a technique for setting up a 2nd sshd instance and also how to configure it as a service. Standalone On the server enter...

I have been keeping an eye on issues pertaining to 11.2 on this platform for the past four days. I, like many others, just upgraded my box [from FBSD 11.1-RELEASE-p9] to 11.2. And I ran a few other commands like portmaster -a, pkg upgrade and so on after the upgrade. After restarting the PC, I...

Hello All, With all the fuzz and issues with security and privacy these days I decided to give it a go with a VPN, mostly for the fun and challenge. I am partially done with a scenario that sounds very typical these days, although it is not necessary plain vanilla. The overall idea is...

Hi I'm trying to disable password login for all users except one, "foo". That way, for example, I can login as "bar" with public key but not password. And I can login as "foo" with password. I tried this config: AllowUsers foo bar Match User !foo PasswordAuthentication no Match all #...

I have a use case for authpf. However, I'd prefer to stick with IPFW as it seems to be more maintained and more recent than the included PF version. However, I've been unable to locate an alternate option that'll work with IPFW. Maybe I'm missing something, or maybe there's another way...

Hi, I try to use a ssh connection with Public Key (ECDSA) In client: I create a private/public key ssh-keygen -t ecdsa i choose filename: id_ecdsa_toto In remote server: IP:AAA.BBB.CCC.DDD I create a new user: toto. toto is not in wheel group. I add my public key id_ecdsa_toto.pub in...

Hello, I am trying to get security/keychain to work but I am experiencing a problem with it not actually setting the env: SSH_AUTH_SOCK and SSH_AGENT_PID. It starts and apparently set everything as expected but does not work when I try to use ssh, unless I set the variables manually later...

When using ssh to connect to FreeBSD 11.0 the link will occasionally shut down with the following in /var/log/messages Aug 23 14:45:11 karen sshd[62451]: fatal: Fssh_packet_write_poll: Connection from 174.77.777.77 port 57670: Permission denied If no program is running in the shell, the link...

So here's my scenario. * I have a home server (HostB) which is completely within my control. * I have an off-site machine that can potentially be physically accessed by other people I don't trust (HostA). I want to do off-site backups (encrypted of course) via `duplicity` from HostB to...

Hello. Has anyone worked out a way of enabling Google Authenticator (security/pam_google_authenticator) on a FreeBSD host to require one-time passwords for ssh connections, except for those from a whitelisted IP address range? I need to add this extra layer of protection to my hosted server as...

Hello, we are using net/ssh in Ruby to execute scripts on a FreeBSD machine, in order to do some checks for Nagios. Actually it is a brand new Pfsense applicance. The code is roughly the following: Net::SSH.start(@host, @user, {:password=>@pass}) do |ssh| erg=ssh.exec! "ls -al" p erg end...

Hello, each time I reload my pf.conf using the command: pfctl -F all -f /etc/pf.conf my ssh session dies. It does not just hang for a few seconds. It simply dies and I have to launch a new one. This happens even though both the old and the new configurations allow incoming connexion to the ssh...

I've been trying to setup ssh exclusively over IPV6 but have run in to a few issues. These are the steps I'm following, theoretically this should just work. Which is why I'm baffled at this point. I researched a few guides going back to version 10.3 and the process seems to be as follows...

What would be the easiest way to provide access to the "End devices" on the picture? I need accessing just a few TCP/IP ports. I can use SSH port forwarding, maybe using security/autossh to make it persistent (in pfSense?). Would it be reliable? A fully functional VPN maybe an overkill for this...

Hello! I've installed FReeBSD 11 on my client mashine. On my server I have also FreeBSD 11. My client has 3G modem which successfully connects through ppp daemon to the cellurar network. After that my client successfully establish L2TP IPSec connection to my server. After that I connect to my...