Friday, May 31, 2013

Install ssh on Linux - CentOS/Fedora/RHEL/SL


ssh (secure shell)
         ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine.  It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network.  X11 connections and arbitrary TCP ports can also be forwarded over the secure channel.

  ssh connects and logs into the specified hostname (with optional user name).  The user must prove his/her identity to the remote machine using one of several methods depending on the protocol version used (see below).

sshd (secure shell daemon) - ssh server

Install ssh on CentOS/Fedora/RHEL/Scientific Linux

Run following command in terminal
# yum install openssh-server openssh-clients

Start and stop the ssh service
# service sshd start & # service sshd stop

Automatically start the service at boot
# chkconfig sshd on

Check status of ssh
# service sshd status

Firewall :
Open Port 22 in Firewall :
Add following line in the file /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

Restart iptables
# service iptables restart

Check port 22 is opened or not
Run following command
# netstat -lnp | grep :22

Output should be like this
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 9657/sshd tcp 0 0 :::22 :::* LISTEN 9657/sshd

Install ssh on Debian/Ubuntu
click here

Friday, May 17, 2013

Error: Host key verification failed

Error: Host key verification failed
Please select another viewer and try again.

If you are trying to access directory structure using sftp and you are getting Host Key verification failed error. Try following solutions to remove it.





Solution 1 : Remove key-prints from your known_hosts file
Remove all key-prints of the server from your known_hosts file.
$ ssh -R hostname-of -the-server
Suppose you are trying to access server 192.168.2.2 using
$ ssh 192.168.2.2
and it gives above error. Just remove key prints of the server from your known_hosts file using
$ ssh -R 192.168.2.2
The keys are removed and it gives following message
/root/.ssh/known_hosts updated. Original contents retained as /root/.ssh/known_hosts.old
Now try to log in again.

Solution 2 : Remove key-prints manually from known_hosts file
If you can identify old key prints of the server in the file known_hosts . Remove it and it will ask to add new key-prints when you will try to re-connect.

Solution 3 : Remove known_hosts file
Delete the file known_hosts and it will be created again automatically when you will try to connect to the server using ssh.

If you are trying to connect to the server first time after deleting the file known_hosts, it will ask to add the key-prints in known_hosts file. 
The authenticity of host '192.168.2.2 (192.168.2.2)' can't be established. RSA key fingerprint is 3c:36:9d:ff:10:2c:c6:0d:b1:45:30:9d:cf:2d:42:a6.
Once you add the key prints, it will not ask again for same server. It asks for permission every time when you try to connect to the new server.

Path of known_hosts file :
If you are root - /root/.ssh/known_hosts
If you are user - /home/username/.ssh/known_hosts




WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed.


If you are trying to access other host using ssh and you are getting the error. Try following solutions to remove it.




Solution 1 : Remove key-prints from your known_hosts file
Remove all key-prints of the server from your known_hosts file.
$ ssh -R hostname-of -the-server
Suppose you are trying to access server 192.168.2.2 using
$ ssh 192.168.2.2
and it gives above error. Just remove key prints of the server from your known_hosts file using
$ ssh -R 192.168.2.2
The keys are removed and it gives following message
/root/.ssh/known_hosts updated. Original contents retained as /root/.ssh/known_hosts.old
Now try to log in again.

Solution 2 : Remove key-prints manually from known_hosts file
If you can identify old key prints of the server in the file known_hosts . Remove it and it will ask to add new key-prints when you will try to re-connect.

Solution 3 : Remove known_hosts file
Delete the file known_hosts and it will be created again automatically when you will try to connect to the server using ssh.

If you are trying to connect to the server first time after deleting the file known_hosts, it will ask to add the key-prints in known_hosts file. 
The authenticity of host '192.168.2.2 (192.168.2.2)' can't be established. RSA key fingerprint is 3c:36:9d:ff:10:2c:c6:0d:b1:45:30:9d:cf:2d:42:a6.
Once you add the key prints, it will not ask again for same server. It asks for permission every time when you try to connect to the new server.

Path of known_hosts file :
If you are root - /root/.ssh/known_hosts
If you are user - /home/username/.ssh/known_hosts