Openunix.eu

OpenSSH

Key based ssh login

ssh-keygen -t rsa creating private and public keys

ssh backup@192.168.0.11 mkdir -p .ssh

cat .ssh/id_rsa.pub | ssh backup@192.168.0.11 'cat >> .ssh/authorized_keys'

ssh backup@192.168.0.11 "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"

ssh backup@192.168.0.11 logging without password freely

Source: https://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/

Locking web users to their CHROOT hosting (sftp only)

"One place to chroot them all, one login to find them, and into sftp bind them"

append code to /etc/ssh/sshd_config

 
Match User webmaster
PasswordAuthentication yes
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
AllowAgentForwarding no
PermitTunnel no
PermitTTY no
X11Forwarding no

Add user webmaster (on NetBSD)

useradd -k /etc/skel -s /sbin/nologin -d /var/www/htdocs/sites/web -m webmaster
password webmaster

restart the daemon (on BSD)

   /etc/rc.d/sshd restart

Fixing permissions - absolute must

chown root:webmaster /var/www/htdocs/sites/web webmaster
mkdir /var/www/htdocs/sites/web/content
chown webmaster:webmaster /var/www/htdocs/sites/web/content webmaster

After loggin in, the user will see the web directory and be able to write to content directory

Source: https://www.bsdnow.tv/tutorials/chroot-sftp



HOME
~~~~~~~~~~~~~~~
OpenBSD
      
	Networking
	Installing software
	
	Session managent
	Desktop env
	Multimedia
	Printing
	Sharing

     
NetBSD
     
	Desktop
Xen

     
FreeBSD
Linux
      
	Debian
	Centos
	OpenSuse        
     
Solaris
      
	Packages
	Zones
	ZFS
 	Services       
     
Windows
~~~~~~~~~~~~~~~
Git
Ansible
Atlassian
Network tools
Qemu
Virtualbox
Vim
Tmux
Mutt
     
         Mutt-settings
         Mutt-accounts
         Mutt-html,pdf,doc
         Mutt-address book
         Mutt-signature
     
STar
~~~~~~~~~~~~~~~
MySQL
PostgreSQL
Postfix
OpenSSL
tcpdump
SSH
~~~~~~~~~~~~~~~
Packet Filter
IP Filter
    IPFilter
	    IPNAT
	    Commands
~~~~~~~~~~~~~~~
Bash
      
	    Hack
	    If
        Loop
        Math
        Test
        Awk
        Array
             

web-dev
   
    html
	php
	css
  
Hacking
LINUX DAYS

Powered by NetBSD. Running on a toaster.