ssh arp xauth - alex-aleyan/linux_wiki GitHub Wiki
xauth -f ~/.Xauthority list
xauth add $(xauth -f ~/Xauthority list | tail -1)
xauth merge ~/.Xauthority
alias wire='TMP=/opt/tmp XAUTHORITY=$HOME/.Xauthority wireshark'
alias wire='sudo TMP=/opt/tmp XAUTHORITY=$HOME/.Xauthority wireshark'
vim /etc/ssh/sshd_config
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
arp -s 192.168.10.05 your.mac.address.here # type the following from local linux host
arp -s --hw=ether 192.168.10.05 Y0:UR:MA:CA:DD:RS
ping 192.168.10.05
-
For successful login:
-
Client needs
-
~/.ssh/id_rsa(generated usingssh-gen -t <rsa|dsa>). -
~/.ssh/known_hosts(ssh takes care of it when client SSHs to a Server). -
~/.ssh/configHost * IdentityFile ~/.ssh/cluster IdentityFile ~/.ssh/id_rsa.pub IdentityFile ~/.ssh/id_dsa.pub StrictHostKeyChecking=no
-
-
Server needs:
-
authorized_keys(an entry from client's ~/.ssh/id_rsa.pub is added when user runs ''ssh-copy -i ~/.ssh/id_rsa.pub'' command) -
/etc/ssh/sshd_configPermitRootLogin yes # <-- set to NO if machine is connected to World Wide Web RSAAuthentication yes
-
-
-
On the client, make sure its
~/.ssh/known_hostsdoes not contain an entry with the same IP address for a different server. Remove the conflicting entry from the~/.ssh/known_hostsif found. -
On the server, the
~/.ssh/authorized_keysneeds an entry specifying the clients public key (it uses this public key to compare it against the private key of the client when client tries to log in.). If an entry is missing, create one by performing this commandssh-copy -i ~/.ssh/id_rsa.pub box01from the client. -
Make sure
.ssh/configcontains (this file contained on the client tells the client which keys to try from its~/.sshwhen logging onto a server):# Added by Warewulf 2017-06-30 Host * IdentityFile ~/.ssh/cluster IdentityFile ~/.ssh/id_rsa.pub IdentityFile ~/.ssh/id_dsa.pub StrictHostKeyChecking=no</code> * Make sure /etc/ssh/sshd_config has:<code> PermitRootLogin yes RSAAuthentication yes
-
Secure shell into a remote host node:
ssh -Y user@host_name ssh -Y [email protected] -
To ssh to a server using it's hostname, modify the /etc/hosts file:
[user01@hostname ~] vim /etc/hosts # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost 129.218.10.10 remote_server01 server01 -
You can now simply do:
ssh server01 OR equivalently ssh remote_server01 -
If the host key problem is encountered, use the command provided in the next step (Step 2):
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ -
To regenerate the host keys, use this command:
ssh-keygen -R server01 -
You should now be able to
ssh -Y user01@server01without a problem. \ -
Optional workaround:
ssh -o UserKnownHostsFile=/dev/null -XY username@localhost
To create passwordless key-based authentication, perform these steps: \
-
Generate the SSH keys:
[user01@host2 ~] ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user01/.ssh/id_rsa): <ENTER> Enter passphrase (empty for no passphrase): <ENTER> Enter same passphrase again: <ENTER> Your identification has been saved in /home/user01/.ssh/id_rsa. Your public key has been saved in /home/user01/.ssh/id_rsa.pub. -
Copy the SSH keys:
[user01@host2 ~] ssh-copy-id -i ~/.ssh/id_rsa.pub user01@server01 -
Now try logging into the machine, with
ssh 'user01@server01', and check for extra conflicting keys in the .ssh/authorized_keys file. -
Big Picture Summary:
- We generate the id_ras.pub file on the client side which contains the keys
- We copy the keys contained in the id_ras.pub from the client to the authorized_keys file on the host.
- You can now ssh from client to host in a passwordless manner as long as the keys in the authorized_keys file on the host match the keys in the id_ras.pub on the client.
-
Using ssh to execute a command remotely and have the command's output returned to the local system:
[user01@host2 ~] ssh user01@server01 hostname -
To run a command remotely with options or arguments, make sure to use quotes:
[user01@host2 ~] ssh user01@server01 'ls -la /var/log/*'
-
The X11Forwarding allows graphical applications to be run through ssh.
-
Make sure X11Forwarding yes is set in
/etc/ssh/sshd_config -
To launch a GNOME desktop sessions, perform next steps: \
-
In Cygwin64 Terminal, launch xWin terminal: \
/usr/bin/xinit -
In xWin terminal, remote shell into your server:
ssh -XY [email protected] -
From the server, launch the gnome desktop:
gnome-session xinit ../c/Program\ Files\ \(x86\)/Xming/Xming.exe -query 129.218.10.46 -screen 0 @1 -nolisten inet6
-
ALL:
screen # create screen session screen –d # de-attach screen –ls # lists the screen sessions screen –r # re-attach screen –S screen_number -X quit # the screen number can be determined using –ls option -
To create a screen session:
“Ctrl-A” and “c“ screen</code> -
To de-attach a screen:
“Ctrl-A” and “d“* screen –d -
to reattach a screen:
screen –ls # lists the screen sessions screen –r screen_session_number # re-attach -
To switch between screen sessions:
“Ctrl-A” and “n“ “Ctrl-A” and “p“</code> -
To kill a screen session:
“Ctrl-A” and “K“</code>
alias sshChainToServer02='ssh -A -t -XY user01@server01 ssh -A -XY server02'