Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "ssh"
-
today at programming class...
professor: today we will be teaching you about vim and using the terminal and ssh. those who are smart enough to know these may leave the class, but be sure to sign the attendance sheet.
me: *starts packing and stands up and walks up to the front to sign*
me: *turns around*
EVERYBODY WAS LOOKING AT ME. i was the one only who stood up and the professor was also looking at me like "wtf this doesnt happen everyday". and so i walked out of there and im so proud of myself lmfao58 -
*SSH's into VPS*
*Starts doing some general maintainance (updating, checking the logs etc)*
*runs the who command for fun*
*NOTICES THAT THERE"S ANOTHER ACTIVE SESSION*
*FURIOUSLY STARTS TO TRY AND LOOK HOW THAT USER MIGHT HAVE GOTTEN IN (root)*
*Goes one terminal to the left after a few minutes to see if I can use that one as well*
*notices an active and forgotten SSH session to that VPS*
I am stupid.19 -
Had to debug an issue,
*ssh user@domain*
"some wild network connection issue"
*hmm weird.. *
*checks everything again*
*hmm seems alright.. *
*tries again*
*same damn error*
*ssh -v user@domain*
*syntax error thingy on the -v part*
😮
*messages co-worker asking what the fuck could be giving on*
"ey mate check your aliases 😂"
*alias"
"alias ssh="echo {insert network connection issue"*
*loud laughing from the co-worker I messaged*
MOTHERFUCKER 😆15 -
*Dev in his 40's from our counter-part office.
Me: Here's my SSH keys.
Dev: What's this?
Me: SSH keys. Give me access to the repository.
Dev: We don't use any version control here. Let's just use FTP or Remote Desktop and just download the codes.19 -
My Linux machine completely froze up so I used another Linux machine to ssh into it and kill the misbehaving process.12
-
I sleepy, accessing the server in the middle of the night to resolve a problem.
Problem solved.
shutdown now
'ssh connection closed'
shutdown now
Go back to sleep.
Phone ringing.7 -
While working from home, my wife overlooked my work Slack chat.
She saw me typing "can you ssh?" and told me "that's a bit rude".
She understood it as "can you shush?".4 -
Can't ssh to my vps at work; hello new hobby project!
(server hosted on vps, http request -> shell -> http response)
Next up is supporting an interactive shell18 -
When I was in high school, the IT had the bright idea to use the same username/password for each machine in our site, and there was this jerk who knowing this, would occasionally SSH into the computers of the other classmates and wget porn mp4s to their home directory to embarrass them, as some sort of weird-ass prank.
So, in order to give him a lesson, I one day had logged in and set a rule on the class' router to forward all port 22 traffic back to his own IP address, and had SSHed into his machine, aliasing wget with a full-screen kiosk mode chrome, followed by a force disable of the USB HID devices.
It might have been less awkward and he might have seen less scared, if it wasn't for the fact that I had also remotely set his machine to maximum volume, and the teacher wasn't in the middle of a lecture. 😏
To this date, his expression is the most precious reaction I have ever seen.9 -
Dear outsourced developers. Don't send me your private SSH key by email. I don't need it, it allows me to access anything else you can access pretending I'm you, and it shows a misunderstanding of how SSH keys work. 🤦🏻♂️14
-
enabling firewall on a vps to secure my docker containers and forgetting to add openssh to allowed list --> ssh blocked 😃🔫24
-
Windows 10 Native SSH client inside CMD is crazy nice, no more putty... given its a windows feature and all!
(Hidden in additional features if any one is interested, will need a reboot to work)17 -
Setting my ssh banner to an instance of cowsay speaking the navy seal copypasta is one of my best ideas yet6
-
Status update after my first day of my internship:
I realized I know literally nothing about SSH Keys.
Bye.7 -
Full stack web dev has no idea what an ssh key is. He is telling me that he can't read the key file, it would be kind of me if I could send him a .txt file instead.
Fuck me man...5 -
That mini heart attack you get when you've rebooted the server, but it takes longer than normal before it comes up again (and before you can ssh it).2
-
Doing Linux server management stuff via ssh with a FUCK 500ms PING IS NOT FUN AT ALL
GET OFF THE FUCKING NETWORK EVERYONE 😤😤😤😤😤5 -
!rant
I've launched a small new project at https://2048.run
It will let you play 2048 (the game) over SSH or Telnet.
Connection Details
ssh play@2048.run
telnet 2048.run
Use username/password "play" to play the game.
Have fun!12 -
Thanks ssh!
Because of you I don't have to leave the bed to run commands on my Linux server(laptop) sitting on my desk.8 -
So I did a rookie mistake this week. Connected a webapp for a client using Nginx and installed the SSL cert for the site. I decided to activate the firewall of the server because hey security. All was well. Went home feeling like I am the shit.
Next day I find out I can't log in to the server over ssh. Only to find out that I had forgotten to allow SSH through the firewall.
I had basically locked myself out of the server. 😞9 -
Cores! (i wish i had them inside this little companion - but no, it's a ssh session to an amd epyc server :)15
-
I've been contracted to work on a website. The bloody thing does not have ssh and the disk space is 500mb.15
-
Came across: https://krypt.co sounds interesting, because its like an additional 2fa for your ssh key, is locally encrypted, open source, well documented and transparent:
https://krypt.co/docs/security/...
Why is it not much talked about? sounds great so far, but maybe somebody can find the tick? or is using it himself?31 -
A few days after deploying a big important Website into production, I wanted to copy the whole thing including DB back onto our test server for future testing/bug fixing if something comes up. (Last changes were done on production server before going live)
So I opened SSH, removed everything on the test sever aaaaand then I realized I was connected to production...
Took about an hour to get everything up and running again. We didn't tell the client and hoped it would not be noticed.2 -
I just discovered my server being brute forced over SSH by over 25 different IPs per minute. WHAT THE FUCK?! It's not even a public website... Now I installed fail2ban.35
-
>on laptop in kitchen
>music playing on workstation in office
>fiancee asks to turn it off
>ssh workstation -t 'sudo poweroff'
It's like 6ft away... -
I wrote this blog post entirely on my phone through doing an SSH on my home server. Why, you ask, well because I don't have my laptop and I am hella bored. Stupid, you say, well I agree.
http://iostreamer.me/chip/2016/...7 -
Why nobody uses public/private key authentication for ssh and disable password auth?
Am I the only one around here doing this?15 -
This guy has a weird sense of system security if he thinks an SSH MOTD will keep unauthorised people away. Because you know, setting SSH permissions would be too sensible.15
-
Just discovered that all FRC robots have open ftp and ssh ports..
For future reference:
When ssh-ing into the robot, use username "admin" and pressing enter three times in a row at the password prompt will skip login and you will be root. The entire device is Linux / BusyBox based.
So.. the question is, why? Why would they open up root ssh on a robot?23 -
Win10 shell has ssh? Oh boi, let's try that out.
> help ssh
This command is not supported by the help utility. Try "ssh/?".
> ssh /?
ssh: Could not resolve hostname /?: Name or service not known.
😲🔫9 -
Installed an SSH server on my desktop so I can use the shell from my laptop...while still sitting in front of my desktop. Keyboard is less than a foot beyond my reach because leaning back, but laptop is in reaching distance.
Still have that SSH server up for mainly the same reason. Decided to also open it to WAN so I can do shit while I'm not home too.4 -
Some of my coworkers call connecting with SSH "git bashing", because they use git bash for making ssh connections. 😋
They never understand me when I use the term "SSH". 😔3 -
One of our newly-joined junior sysadmin left a pre-production server SSH session open. Being the responsible senior (pun intended) to teach them the value of security of production (or near production, for that matter) systems, I typed in sudo rm --recursive --no-preserve-root --force / on the terminal session (I didn't hit the Enter / Return key) and left it there. The person took longer to return and the screen went to sleep. I went back to my desk and took a backup image of the machine just in case the unexpected happened.
On returning from wherever they had gone, the person hits enter / return to wake the system (they didn't even have a password-on-wake policy set up on the machine). The SSH session was stil there, the machine accepted the command and started working. This person didn't even look at the session and just navigated away elsewhere (probably to get back to work on the script they were working on).
Five minutes passes by, I get the first monitoring alert saying the server is not responding. I hoped that this person would be responsible enough to check the monitoring alerts since they had a SSH session on the machine.
Seven minutes : other dependent services on the machine start complaining that the instance is unreachable.
I assign the monitoring alert to the person of the day. They come running to me saying that they can't reach the instance but the instance is listed on the inventory list. I ask them to show me the specific terminal that ran the rm -rf command. They get the beautiful realization of the day. They freak the hell out to the point that they ask me, "Am I fired?". I reply, "You should probably ask your manager".
Lesson learnt the hard-way. I gave them a good understanding on what happened and explained the implications on what would have happened had this exact same scenario happened outside the office giving access to an outsider. I explained about why people in _our_ domain should care about security above all else.
There was a good 30+ minute downtime of the instance before I admitted that I had a backup and restored it (after the whole lecture). It wasn't critical since the environment was not user-facing and didn't have any critical data.
Since then we've been at this together - warning engineers when they leave their machines open and taking security lecture / sessions / workshops for new recruits (anyone who joins engineering).26 -
We need to use VPN to ssh into the university's server when on a university WiFi, but not at home.
#ohTheSecurity1 -
Inception.
Today I needed to check something in a remote server: this was the easiest way:
1: teamviewer to my home pc from university
2: started a vm on that machine with vpn connection to my work office
3: rdp to a windows server vm
4: ssh to a vm on our hosting cluster
5: from there, ssh to the server that I needed access to7 -
The moment...
...you work on a script for over an hour via ssh, want to shutdown your notebook and do 'shutdown -h 0' on the remote machine...7 -
Installed an SSD in my Linux box. Installed fresh distro, tried to log in via SSH on localhost. Didn't work. Tried like three times, turned off firewalls, restarted ssh servers, nothing.
Looked at username. Typo in username when setting things up. *facepalm*1 -
Something strange just happened, activated Fail2ban on another server and instantly blocked me when I already had ssh session open >_>
Does macOS terminal keep on sending ssh authentication requests? Or is my OpenVPN that keeps on sending requests.
Why does this keep on happening to me T_T18 -
Back in my sysadmin days we had an IT zoo to look after. And I mean it... Linux side was allright, but unix.... Most unices were no longer supported. Some of their vendors' companies were already long gone.
There was a distant corner in our estate known to like 2 people only, both have left the company long ago. And one server in that corner went down. It took 2 days to find any info about the device. And connecting to it looked like:
1 ssh to a jumpbox #1
2 ssh to a jumpbox #2
3 ssh to a dmz jumpbox
4 ssh to an aix workload
5 fire up a vnc server
6 open up a vnc client on my workstation, connect to than vnc server [forgot to mention, all ssh connections had to forward a vnc port to my pc]
7 in vnc viewer, open up a terminal
8 ssh to hp-uxes' jumpbox
9 ssh to the problematic hp-ux
.....6 -
Making an infinite loop of cat /dev/urandom for anyone trying to login to server via ssh as an April Fool...
But on prod server instead of dev server...3 -
So, I recently set up fail2ban on one of our new servers. In 4 days we got 16k failed SSH login attempts. Found out that most of them were from South Korea. A few months back one of our competitors failed to have a deal with our organization. Interestingly, they were a South Korean. Lol.2
-
Damn... some dude has his full SSH credentials to his webserver in his published NPM package...
I have to tell him 😅15 -
I hate when I'm in a SSH shell on my phone and all my non-techie friends think I'm programming some elaborate app2
-
It took forever to get SSH access to our office network computers from outside. Me and other coworkers were often told to "just use teamviewer", but we finally managed to get our way.
But bloody incompetents! There is a machine with SSH listening on port 22, user & root login enabled via password on the personal office computer.
"I CBA to setup a private key. It's useless anyways, who's ever gonna hack this computer? Don't be paranoid, a password is enough!"
A little more than 30 minutes later, I added the following to his .bashrc:
alias cat="eject -T && \cat"
alias cp="eject -T && \cp"
alias find="eject -T && \find"
alias grep="eject -T && \grep"
alias ls="eject -T && \ls"
alias mv="eject -T && \mv"
alias nano="eject -T && \nano"
alias rm="eject -T && \rm"
alias rsync="eject -T && \rsync"
alias ssh="eject -T && \ssh"
alias su="eject -T && \su"
alias sudo="eject -T && \sudo"
alias vboxmanage="eject -T && \vboxmanage"
alias vim="eject -T && \vim"
He's still trying to figure out what is happening.5 -
I find it hard to take people serious when they keep telling me to 'ssh into the server' ...like shhhh, not S.S.H7
-
Opened up my SSH port to the internet out of curiosity on a useless box.
Wow..... so, so many requests.18 -
FUCK
FUCKING BULLSHIT!
WHY THE FUCK DID I UPDATE MY RASPBERRY PI! FUCK, I CANT SSH INTO IT ANYMORE! ITS BOOTED AND THE FUCKING PI HOLE PROGRAMM WORKS BUT I CANT ACCESS IT TO SEE IF EVERYTHING IS FUCKING FINDE (which it totally isn't) FFFFFFFF11 -
Should’ve posted this after it happened, but it requires a bit of background anyway.
There’s this guy that oversees our OpenStack environment. My team often make jokes and groan about him in private because he’s so overbearing. A few months back, he had to take us to our data center to show us our new racks, and he kept saying stupid stuff like “you break this and it costs me $30,000” as if he owns everything. He’s just... one of THOSE people. Always speaks in such a condescending way. We make jokes that he is our “best friend”.
Our company is shifting most of our products to the cloud in response to the coronavirus (trying to make it an opportunity for “innovation”). This has involved some structural and responsibility changes in our department, and long story short, I’m now heading the OpenStack environment alongside other projects.
This means going through grueling 1-on-1 meetings with our “best friend”. It’s not too bad, I can be pretty patient with people, so I didn’t mind too much at first. Then a few things happened.
1. He sent a shared folder that he owned containing info related to the environments. Several documents were outdated and incomplete, so I downloaded them, corrected them, and then uploaded the documents to my teams file share, as I was supposed to since we now own the projects.
2. Several files were missing, and when I asked about them, he said “Oh, did you refresh the browser?”. I told him no, that I downloaded them locally and republished them to my teams server, because he was supposed to hand everything off to us at once. He says “Well, silly, how are you going to get updates if you’re looking at them locally?” and kind of chuckles at me like I’m stupid.
3. He insists on training me how to remote into one of the servers to check on cluster space, which in itself is fine. I understand others wanting to make sure things will be done right by the people who come after them. But he tells me to download SuperPutty. I tell him, “oh no, that’s alright. I don’t need putty”. He says “oh cool, what tool do you use for ssh?”. I answer him “Just Git. If I want to I can use a CentOs bash terminal too, because we have WSL installed”. He responds “You can’t ssh through Git”.
I was actually a little shocked. I didn’t know if he was serious or not so I was silent for a few seconds before hesitantly saying “yes you can”. He says “this is news to me” and I so I tell him “every single one of our build jobs fetches code from Git with ssh” and he seemed genuinely shocked and surprised by that.... so then it occurs to me to show him that you can ssh in Powershell and that REALLY blew his mind. He would not shut up about it for several minutes. I was amused until it just got annoying.
Needless to say, my team had been previously teasing me about having to work with him, so they found it hilarious when I told them afterwards.8 -
Since we are posting workspace setups...
Lenovo 100s Chromebook and Raspberry Pi 3 running Arch Linux and an attached hard drive.
SSH and Vim are my friends.14 -
The fact that windows doesn't come bundled with a fucking SSH CLI client really pisses me off and I don't know why... Just let me be angry20
-
SSH is the most basic thing a web developer should know.
Some people are just lazy to learn something and all they do is give hard time to other people.2 -
Me trying to generate a new ssh key after a long while
ssh keygen
ssh key-gen
*DuckDuckGo how to*
Oh!
ssh-keygen5 -
Someone is trying to launch a brute force attack on one of my servers that I set up for an old project. According to the logs, they've tried Jorgee, they've tried directly accessing the MySQL database (with the laziest passwords), and they're now on day 4 of their brute force attack against my SSH server. I'm fairly certain that they won't be getting in (not that there's anything worth getting in the first place), but what's the standard protocol for this? Do I just wait this out, or is there something I can do to break their bot? I have fail2ban enabled, and it is doing its job, but the attacker is changing their IP address with every attack.10
-
Used teamviewer to login to my other system to ssh into my other system to reboot cz didn't want to walk 5 steps and press the button.1
-
I finally found it!
I set up an self-hosted gitlab at our company and for some reason everything worked except for one thing: using git (clone, push, etc) via SSH.
The solution was on the 'common installation problems' page at gitlab, but it took me a long time finding it through Google.
I read through the auth.log and realized the 'git' user was locked. Swapped the '!' for a '*' in the /etc/shadow and now it works. -
I once had to deal with GoDaddy customer support telling me their servers only support putty for SSH.
Well, fuck you! I use Linux and I SSH with a single command in terminal, no doubt putty is great but get your senses straight that putty is not the only way to SSH when you are being customer support for a tech company, don't just fucking recite a phrase list. Besides, they should understand Windows with putty is not the only way to SSH into servers, juicessh via Android, openssh via Linux, etc...
*btw, before you all rant about me buying from GoDaddy, I was lead dev for a startup few years back and they had already bought it from GoDaddy. Ofcourse they also provide free offers along with an order, which often includes email addresses, annoying support, gut-wrenching quality of service access...1 -
Note to my future self:
A 2048Bit SSH key is minimum,
4096Bit is good enough
8182Bit is too much
16364Bit... why do I even bother about this size5 -
- I woke up litle bored.
- Turn on SSH session to linux server
chmod -R 000 /*
Me: uuhh... Now I feel more excited!8 -
Putty remote executuon vulnerability(no patch yet)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.7 -
Check out this amazing project that won the 2022 Summer CodeDay challenge.
It's a different take on whack-a-mole that's multiplayer using SSH
https://github.com/pranavnt/whack4 -
Do you git clone with ssh or https and why?
I am thinking about using ssh just based on my own research, though you guys may have a your own reasons.10 -
TIL shutting down a Linux machine with systemd with a delay will block new SSH sessions until the shutdown/restart happened.8
-
!rant
I am a Windows user and have been using Mac for last 3 years. I knew SSH for a while, but used it just to connect servers when no other options were available.
Today I just found that I can connect to my Mac from my Android phone using SSH and can run any command I want. I am now running builds and deploying code from my phone since then.
I don't know why I am feeling this happy 😁1 -
I gave this so called web developer username and password to ssh into our server. This is his reply:
"Hey we tried to log into your server. We are getting permission error. Please fix that"
Me: Sure, can you tell me how are you trying to connect?
"We tried to ssh like this: ssh root@xxx.com"
Me (in my mind): WHY THE FUCK ARE YOU USING ROOT FOR!?!11 -
Lots of IPs tried accessing my Raspberry Pi's SSH. Dumb bots, trying to brute-force a key-auth-only SSH server...
On a relevant note, I love fail2ban!13 -
...He hired a shit dev who did the same work in 3 times less than what I asked for.
He's now back crying to fix his Fuck up.
You ask how I know he is shit. He SSH-ed into the server. Worked directly off the production files. Worst of all, he installed phpmyadmin, changed the db structure without even writing a fucking migration !!!
How the hell am I supposed to know what he changed!! It's gonna be a long night 😥5 -
I got denied work from home status on black friday because I did not have RDP access for our solution.
let 👏 me 👏 use 👏 s 👏 s 👏 h 👏4 -
OpenSSH 8.2 is out. This release removes support for the ssh-rsa key algorithm. The better alternatives include:
1. RSA SHA-2 signature algorithms rsa-sha2-256/512. These algorithms have the advantage of using the same key type as "ssh-rsa" but use the safe SHA-2 hash algorithms (now used by default if the client and server support them).
2. The ssh-ed25519 signature algorithm.
3. ECDSA algorithms: ecdsa-sha2-nistp256/384/521.
In this release, support for FIDO/U2F hardware tokens. Also noteworthy, a future release of OpenSSH will enable UpdateHostKeys by default to allow the client to automatically migrate to better algorithms.19 -
Don't question my infrastructure setup. I ssh into server A because it's the only one available from the outside. From there i ssh into server B to ssh into server C. C functions as a router and allows me to ssh into D, E, F and G. I could go from A to C directly, but OCD.1
-
If you want to install, configure, and dedicate resources to fail2ban, knock yourself out, but putting these options in your sshd_config alone will save you mountains of headache:
PermitRootLogin no
PasswordAuthentication no7 -
Today’s DevOps public service announcement... don’t test your server provisioning scripts locally. Especially when this gem is in there:
rm -f ~/.ssh/id_rsa
echo ‘vault secret/ssh_key’ > ~/.ssh/id_rsa
Well, I no longer have my key, but the script works! I’m sitting with a very locked down server key6 -
Hey, looks like some employee of this hosting company failed to 750 his home directory and 640 the files...
I was SSHing around on our hosting account when I slipped into his home direcory where at least two(!) SSH public keys of his admin account for the server were readable!
Being an honest guy, I had to call them...
It's fixed now.2 -
Have been using redis for my new system and wanted to try some gui, so I stumbled on "redis desktop manager", it supports ssh tunnels, privatekeys and more, great isn't it?
BUT IT SAVES YOUR FUCKING PLAINTEXT PASSWORD AND PATH TO YOUR PRIVATE KEY IN %USER%\.rdm\connections.json
WHAT THE FUCK, fucking ask that password during connection, don't fucking save it in plaintext and give an attacker literally the path to my key, wanted to PR it, but fuck c++, probably thats why he doesnt have it, because hes just using some library, so he doesn't have to fuck with the actual implementation of it.2 -
So @Linux gave me a website to check which happens to have a tutorial on how to close ssh session after x inactive minutes, and now every time I'm back to the terminal I find my self out T_T
but it is a good life savior if I forgot my session on work computer lol11 -
Lesson learned the hard way: Remember your SSH Ports or write them down...
On the bright side of things, i had backups this time! Tyy DigitalOcean :)8 -
Copy my private ssh key to multiple machines so I only have to configure one key in github, gitlab, bitbucket etc.3
-
I was at my study once where I had to start a node app on a server I couldn't reach because SSH was bound to a port blocked by the network. SSH'd into my vps and from that vps, ssh'd into that box 😁 worked like a charm!
-
I've just checked my server's auth logs and my god that's a lot of failed ssh login attempts.
I think I'll install an ssh honeypot to waste these peoples time...11 -
Accidentally killed the ssh deamon on the prod server. I meant to kill my local sshd but confused the terminal tabs :#
-
So one day I sat in our break hall at school plonking away in my ssh terminal when suddenly someone walks behind me and screams HACKEERRR! When he sees that i start turning around he started sprinting away from me and for 2 weeks he would be extremely scared of me. Thant was probably the weirdest day in my life.1
-
Let's talk a bit about CA-based SSH and TOFU, because this is really why I hate the guts out of how SSH works by default (TOFU) and why I'm amazed that so few people even know about certificate-based SSH.
So for a while now I've been ogling CA-based SSH to solve the issues with key distribution and replacement. Because SSH does 2-way verification, this is relevant to both the host key (which changes on e.g. reinstallation) and user keys (ever replaced one? Yeah that's the problem).
So in my own network I've signed all my devices' host keys a few days ago (user keys will come later). And it works great! Except... Because I wanted to "do it right straight away" I signed only the ED25519 keys on each host, because IMO that's what all the keys should be using. My user keys use it, and among others the host keys use it too. But not by default, which brings me back to this error message.
If you look closely you'd find that the host key did not actually change. That host hasn't been replaced. What has been replaced however is the key this client got initially (i.e. TOFU at work) and the key it's being presented now. The key it's comparing against is ECDSA, which is one of the host key types you'd find in /etc/ssh. But RSA is the default for user keys so God knows why that one is being served... Anyway, the SSH servers apparently prefer signed keys, so what is being served now is an ED25519 key. And TOFU breaks and generates this atrocity of a warning.
This is peak TOFU at its worst really, and with the CA now replacing it I can't help but think that this is TOFU's last scream into the void, a climax of how terrible it is. Use CA's everyone, it's so much better than this default dumpster fire doing its thing.
PS: yes I know how to solve it. Remove .ssh/known_hosts and put the CA as a known host there instead. This is just to illustrate a point.
Also if you're interested in learning about CA-based SSH, check out https://ibug.io/blog/2019/... and https://dmuth.org/ssh-at-scale-cas-... - these really helped me out when I started deploying the CA-based authentication model.19 -
After many teeth clenching failed deployment to production attempts and finally realizing I forgot didn't add ssh keys
-
A technician to me: You need to check the ssh server of this machine, I can't manage to login with the MAC address...
Me: ROFLMAO!1 -
Does changing default SSH port really make server more secure? Most of scan apps (eg. Nmap) will find it anyway, won't they?5
-
Next week, I'll be with a new company - this week I'm scouring the corporate laptop for all the places I stashed personal SSH keys and AWS credentials.1
-
neat, ansible control server on my phone, now I can transfer my playbooks and ssh keys and have it execute things on the go.7
-
So, I just setup a honeypot on my freshly installed Mint Laptop.
So many SSH connections, it's absolutely unbelievable. Can someone recommend me a good honeypot? I have only the SSH port monitored at the moment.8 -
I set up unRAID on my server this weekend, and only just checked my logs to see if anything weird was happening. Turns out 2 IPs have been trying to brute-force the SSH password all weekend. I quickly installed the DenyHosts plugin and reminded myself to always use a strong password, which luckily I did.
A bit later now, and one of the 2 gave up, the other one keeps trying but of course the connection is refused. Just keep trying buddy :P6 -
*ssh into server*
*runs 'sudo systemctl start docker'*
*ssh into server again*
> Permission denied
How docker? How are you destroying the ssh servers auth?12 -
Just discover that I can send "echo bomb" to one of my fellow students trough SSH with the write command.
Then I discover the wall command to send messages to every connected user. Not sure if I am brave enough or if I am going to be banned from our network if I do that 😅5 -
I need someone who knows how to use 'ssh', to help me make a mockery for my game.
Just need to ask a few questions20 -
Simultaneously opening ssh sessions to test and production system, finally stopping the application in the factory.
It was me. -
When company gave me a SSH I am a noob I have a filezilla what I do is delete all temp files and clear log files
Because the log file size goes 1gb After next day all are looking weird
Senior developer:wtf are you doing yesterday
Me: delete all the tmp files and log files 😂😂20 -
> attempt to change password on laptop
> try sudoing to test if it changed
> it hasn't
> assume i was ssh'd into my server
> try the password, along with like 10 other permutations of it
> get ip-banned from ssh to my server :/
> try an online ssh client
> use old password
> it works!
> so what did i change?3 -
I FUCKING love it when I try to understand how to simply fucking connect to my server via SSH, and seeing tutorials from cocksuckers that just screen some form fields without telling where I can find them, and juping from steps to steps like I'm in your fucking head
CAN'T YOU WRITE SOMETHING THAT WOULD MAKE SENSE, YOU FUCKING MORON???3 -
Today, in the course of my job, I said...
FFS. I HATE WINDOWS.
It has begun.
Took me five minutes to ssh into the Linux EC2 and get the Jenkins agent installed, configured, and running. Half a fucking hour for Windows Server 2012.
1) Can't ssh to it, so I connect via AWS console... Which means I have to install MS Remote Desktop. WHATEVER. FINE. It's not like ssh is quick and easy or anything.
2) Can't just use the command line, run the .jar &, cntl-z, and bg then log off. Noooo. I have to install the unpacked binaries as a fucking SERVICE. FINE. WHATEVER.
I'm so glad we have a Windows guy that does most of this shit. I can't stand it.1 -
My fucking internet went off and was so slow that even ssh resetted me, fucking thanks. And it was the same typical pattern again: turn off, turn on, kbps speed, wait ~30/50 minutes and then again fullspeed, fucking cuntbags stop fucking fingerbanging the ethernet ports - I need to get shit done.1
-
OpenSuse'e sarcasm is BRILLIANT!
```
~$ ssh 192.168.122.43 -l root
Last login: Thu Feb 2 19:12:45 2023 from 192.168.122.1
Have a lot of fun...
localhost:~ #
```4 -
FINALLY, all my dreams have come true, now I can totally say I don't really miss Linux all that much (although I work with Linux all the time, as all my VMs are on Ubuntu).
Obviously, Microsoft has a port of the ssh client and server on windows.28 -
How bad is it for a fortune 500 company to open port 22 over the internet for all its linux servers?? Today, I reported this to my boss and he said "it won't be a problem, no one can login without a password".10
-
While sitting in a train (5 hours trip) I really want to code something, unfortunately I dont have my laptop with me, so i just connected with ssh from my phone to my ubuntu vps, created some project via npm and use android app to edit the code. It is not perfect but works. Someone else code like that?3
-
Every time I see a client open ssh or rdp to the world when the servers sit behind a vpn, I die a little inside.4
-
Warning long rambling story cause sleep deprivation
I never really bothered with ssh outside of using putty to remote into my servers and rpi's from my desktop to run updates, install something, or whatever else.
But today I was on a call with my cousin bored cause she was just rambling, so I opened vscode to clean my install of unnecessary extensions I installed and haven't used more than once or twice.
I saw Remote - SSH and as I was bored listening to a teenager complain about high school just like I used to (lol) and responding when she asked me something. I scrolled through the page, then the documentation just casually skimming the text
I setup an ssh key on an rpi I threw manjaro arm following the instructions on their tips and tricks page
I then moved the key to my desktop using winscp (cause lazy)
leading to having a minor hicup of rsa not being an accepted keytype (thanks 'your favorite search engine' for the help)
Finally, I was able to connect using the private key
at this point my cousin went to bed cause she has school tomorrow. But I was still doing stuff with ssh, I created a new ssh connection in VSCode, but had to go to the documentation to figure out how to make it use my fancy new key file, not hard took 30 seconds of looking to get it working.
Now that I was in, I moved to my development folder, created a folder for PiHole, created a compose yml, created a pihole-data folder.
I opened the yml and pasted in a compose from dockerhub.
at this point I thought 'i can't just run this from terminal can I'. and Obviously it worked cause there's literally no reason it wouldn't I'm just stupid to think it might not.
So I created folders and files on a remote system, launched a docker container, checked for package updates after on a linux machine. All from VS-Code on a windows machine.
I know this is simple for some people, i know some people are like 'where's the interesting part'. but ehhh I thought it was cool to get it setup, I now really regret not getting into ssh sooner, and I'm definitely going to uninstall vscode on all my smaller graphical VM's in favor of doing this. and this will definitely help with my headless vm's.
I also will have to thank my cousin, might not have done this if I wasn't stuck at my computer on messenger call with her lol
I'm gonna go to bed now, But I feel accomplished for the first time in a while even if it's for something so simple as setting up anssh key for the first time3 -
Sooooo.....
I just spend roughly 5 hours trying to get a Laravel Homestead up and running. Constantly jumping from one error to the other, getting nowhere.
Turns out that,
...
...
I NEVER FUCKING GENERATED A BLOODY SSH KEY
ARE YOU FUCKING KIDDING ME
AN ENTIRE DAY WASTED
JESUS CHRIST
I swear, I'm way too junior for like 95% of this shit....5 -
My biggest regret is underestimating what my school's server would log and what my teachers could see me do.
SSH is just way to powerful...4 -
I have to say mosh. For those that don't know, it's an extension on SSH for intermittent connections e.g. when on mobile data. I live in an area with several "black spots" and dodgy connections, so I find it really useful.
http://mosh.org1 -
techie 1 : hey, can you give me access to X?
techie 2 : the credentials should be in the password manager repository
t1 : oh, but I don't have access to the password manager
t2 : I see your key A1B2C3D4 listed in the recipients of the file
t1 : but I lost that key :(
t2 : okay, give me your new key then.
t1 : I have my personal key uploaded to my server
t1 : can you try fetching it?
t1 : it should work with web key directory ( WKD )
t2 : okay
t2 : no record according to https://keyserver.ubuntu.com
t1 : the keyserver is personal-domain.com
t1 : try this `gpg --no-default-keyring --keyring /tmp/gpg-$$ --auto-key-locate clear,wkd --locate-keys username@personal-domain.com`
t2 : that didn't work. apparently some problem with my dirmgr `Looking for drmgr ...` and it quit
t1 : do you have `dirmngr` installed?
t2 : I have it installed `dirmngr is already the newest version (2.2.27-2)`
t2 : `gpg: waiting for the dirmngr to come up ... (5)` . this is the problem. I guess
t1 : maybe your gpg agent is stuck between states.
t1 : I don't recall the command to restart the GPG agent, but restarting the agent should probably fix it.
t1 : `gpg-connect-agent reloadagent /bye`
source : https://superuser.com/a/1183544
t1 : *uploads ASCII-armored key file*
t1 : but please don't use this permanently; this is a temporary key
t2 : ok
t2 : *uploads signed password file*
t1 : thanks
t2 : cool
*5 minutes later*
t1 : hey, I have forgotten the password to the key I sent you :(
t2 : okay
...
t2 : fall back to SSH public key encryption?
t1 : is that even possible?
t2 : Stack Overflow says its possible
t1 : * does a web search too *
t1 : source?
t2 : https://superuser.com/questions/...
t2 : lets try it out
t1 : okay
t2 : is this your key? *sends link to gitlab.com/username.keys*
t1 : yes, please use the ED25519 key.
t1 : the second one is my old 4096-bit RSA key...
t1 : which I lost
...
t1 : wait, you can't use the ED25519 key
t2 : why not?
t1 : apparently, ED25519 key is not supported
t1 : I was trying out the steps from the answer and I hit this error :
`do_convert_to_pkcs8: unsupported key type ED25519`
t2 : :facepalm: now what
t1 : :shrug:
...
t1 : *uploads ASCII-armored key file*
t1 : I'm sure of the password for this key
t1 : I use it everyday
t2 : *uploads signed password file*
*1 minute later*
t1 : finally... I have decrypted the file and gotten the password.
t1 : now attempting to login
t1 : I'm in!
...
t2 : I think this should be in an XKCD joke
t2 : Two tech guys sharing password.
t1 : I know a better place for it - devRant.com
t1 : if you haven't been there before; don't go there now.
t1 : go on a Friday evening; by the time you get out of it, it'll be Monday.
t1 : and you'll thank me for a _weekend well spent_
t2 : hehe.. okay.8 -
Anybody else want to DDoS whole Russia and China Hosting Companys for there god damn dead Servers?
Always get a lot of spoofing and ssh login try's from there.
fail2ban FTW!8 -
just sent an id_rsa private key file to our corporate Linux Administrator and he asked me to send him the private key in .ppk format. ==)))9
-
Here at the client site everyone uses Windows 7, since this is not an IT firm. They make jewellery. So I don't blame them.
The problem is their in house dev team are also forced to use Windows.
Today someone from their dev team was with me for a new project. Their senior guy sent us a mail mentioning that the project code is on AWS EC2 instance and we will have to SSH to see it.
I checked the code on my MacBook with SSH and copied it to local using SCP. The dev guy was seeing it in amazement. I asked, what's it?
He just asked, "You don't have to use PUTTY" 😮
I smirked 😏3 -
That facepalm moment when you input shutdown now in your own terminal instead of the one in the ssh session.😑3
-
I just fucked myself big time with iptable rules and blocked all incoming connections to my WiFi-AP. No SSH, can't go back, time for a factory-reset...
-
When I started ssh'ing into remote linux machines I would wonder why a lot of the programs I started wouldn't keep running after I logged out... :facepalm:6
-
Sunday guilt: Do I ssh in and finish the testing I didnt mange Friday? Pro-Tip: never set up your work VPN.3
-
using ssh over terrible internet speeds, spends all the time trying to figure out the cursor position3
-
So, my network security faculty thinks s/mime is secure multipurpose internet message encryption. And ssh is secure socket header.
Time to leave the class. 😭1 -
Had some problems with my Raspberry Pi (connected via SSH). Decided to restart it. Now it refuses connection. And I don't have physical access to it at the moment.
Fuck. This. Shit.2 -
Plan plan and then plan again
Especially on a hardened server in an off-site facility.
If you fuck up your SSH then you will be in trouble.4 -
I work in a place where I don't have ssh access to the web server. No proper use of composer. I have to pull packages to my local machine and upload through ftp.3
-
What good is a ssh-server when the machine doesn't even connect to the lan? Seriously, this is a fresh version of ubuntu server and i just updated the packages.4
-
Guys has this happened with anyone ..my older aws ec2 instance just vanished from my console but I can still ssh into it, how do I manage it for security groups and other things..?9
-
And this happened today:
While on ssh session, this guy restarted network manager. According to him "his Facebook page wasn't showing him recent feeds". -
When you are bored and you don't know what to do :D. Starts an SSH Connection in your Private Home Server to change the settings of all installed Service7
-
How do you keep track of your servers? their credentials/ssh keys, opened ports, services, IP, domain etc?15
-
That moment when you're connected to a server to adapt a setting in the SSH service config and it errors into your face when you attempt to reload it.
Schrödinger's SHell 😰1 -
I'm trying to install my SSH Server and nothing works. I think i've seen every SSH Stackoverflow site and i'm still too dumb :C27
-
https://mosh.org, together with GNU Screen running on the remote, is just the best when I'm trying to fix something on my server while I'm in the fucking forest with bad reception that would cause normal ssh sessions to kill themselves all the time
-
!rant
I just realised my VPS ssh private key was in my servers web root for the last 4 months. Luckily nobody found it (hopefully).2