Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: cool34000 on August 03, 2008, 09:46:09 AM
-
Here's a little script (http://mirror.contribs.org/contribs/sgomez/scripts/ssh/SSH.sh) to generate secured SSH keys for ROOT user on your SME... A quick and easy way to get started!
# wget "http://mirror.contribs.org/contribs/sgomez/scripts/ssh/SSH.sh"
# sh SSH.shFollow screen instructions!
Clientside key will be sent by email to the admin with needed instructions to start.
Creating a strong passphrase is highly recommended... Full version of PuTTY is needed to translate the key file to PuTTY format under Windows...
Be carefull, authentication with passwords is disabled once the key is generated! (You can still re enable it in the server-manager if something goes wrong...)
PS : howto avoid RkHunter's daily warning if ROOT has SSH access?
Edit /etc/rkhunter.conf (no template for rkhunter!)
And change:ALLOW_SSH_ROOT_USER=notoALLOW_SSH_ROOT_USER=yes
:mrgreen:
-
Thanks! Very userfull!
-
Thanks for the script! I have downloaded is and run it and I got the following message:
: command not found
: command not found
'SH.sh: line 5: syntax error near unexpected token 'in
'SH.sh: line 5: case "$LANG" in
I changed 4 times "$LANG" in $LANG and the script worked fine. The mail was send and it worked well with Putty.
I have tested it on a SME 7.3 server with all patches applied.
Patrick
-
Thanks for the script! I have downloaded is and run it and I got the following message:
: command not found
: command not found
'SH.sh: line 5: syntax error near unexpected token 'in
'SH.sh: line 5: case "$LANG" in
I changed 4 times "$LANG" in $LANG and the script worked fine. The mail was send and it worked well with Putty.
I have tested it on a SME 7.3 server with all patches applied.
Patrick
the same here for me.. without double quotes everything is working fine
Ciao
Stefano
-
just delete blank lines. There is some hidden bytes blocking the script.
#!/bin/sh
WORKDIR=/root
#!/bin/sh
WORKDIR=/root
-
Also, if you are not familiar with key handling for puttygen (like myself), we have to click the "Load" button to read the key, and then "Save private key" to obtain a putty compatible key.
The keys (for different servers) should be kept in a folder accessible from WinSCP and putty. WinSCP will try to read the key file every time it is opened.
-
Hi All,
I like to use the SSH.sh script a 2nd time on the same server but when i try to login with putty or winscp i still get an error-message:
Disconnected: No supportet authentication methods available
???
regards
fpausp
-
Hi all,
I've modified this script [very] slightly so that it can be used by any user with shell access (enabled using Stephano's contrib :lol: ) to generate SSH keys.
The only other thing I need to do is change it so that it sends an email to the current user's email address.
Regards,
Craig
EDIT: Only problem is, is that a non-priviledged user cannot set the db variable (obviously) so thats disabled somehow unless the user is prompted for a password using su but I don't know how to do that... maybe give an option in the script? e.g. "Would you like to disable password authentication (requires root password)? [Y/n]"
Just my $.02