LinuXamination

Friday, May 17, 2013

Error: Host key verification failed

Error: Host key verification failed
Please select another viewer and try again.

If you are trying to access directory structure using sftp and you are getting Host Key verification failed error. Try following solutions to remove it.

Solution 1 : Remove key-prints from your known_hosts file
Remove all key-prints of the server from your known_hosts file.

$ ssh -R hostname-of -the-server

Suppose you are trying to access server 192.168.2.2 using

$ ssh 192.168.2.2

and it gives above error. Just remove key prints of the server from your known_hosts file using

$ ssh -R 192.168.2.2

The keys are removed and it gives following message



/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old

Now try to log in again.

Solution 2 : Remove key-prints manually from known_hosts file

If you can identify old key prints of the server in the file known_hosts . Remove it and it will ask to add new key-prints when you will try to re-connect.

Solution 3 : Remove known_hosts file
Delete the file known_hosts and it will be created again automatically when you will try to connect to the server using ssh.

If you are trying to connect to the server first time after deleting the file known_hosts, it will ask to add the key-prints in known_hosts file.



The authenticity of host '192.168.2.2 (192.168.2.2)' can't be established.
RSA key fingerprint is 3c:36:9d:ff:10:2c:c6:0d:b1:45:30:9d:cf:2d:42:a6.

Once you add the key prints, it will not ask again for same server. It asks for permission every time when you try to connect to the new server.

Path of known_hosts file :
If you are root - /root/.ssh/known_hosts
If you are user - /home/username/.ssh/known_hosts

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed.

If you are trying to access other host using ssh and you are getting the error. Try following solutions to remove it.

Solution 1 : Remove key-prints from your known_hosts file
Remove all key-prints of the server from your known_hosts file.

$ ssh -R hostname-of -the-server

Suppose you are trying to access server 192.168.2.2 using

$ ssh 192.168.2.2

and it gives above error. Just remove key prints of the server from your known_hosts file using

$ ssh -R 192.168.2.2

The keys are removed and it gives following message



/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old

Now try to log in again.

Solution 2 : Remove key-prints manually from known_hosts file

If you can identify old key prints of the server in the file known_hosts . Remove it and it will ask to add new key-prints when you will try to re-connect.

Solution 3 : Remove known_hosts file
Delete the file known_hosts and it will be created again automatically when you will try to connect to the server using ssh.

If you are trying to connect to the server first time after deleting the file known_hosts, it will ask to add the key-prints in known_hosts file.



The authenticity of host '192.168.2.2 (192.168.2.2)' can't be established.
RSA key fingerprint is 3c:36:9d:ff:10:2c:c6:0d:b1:45:30:9d:cf:2d:42:a6.

Once you add the key prints, it will not ask again for same server. It asks for permission every time when you try to connect to the new server.

Path of known_hosts file :
If you are root - /root/.ssh/known_hosts
If you are user - /home/username/.ssh/known_hosts

Thursday, May 16, 2013

Add / Remove user to an existing Group in Linux

Users & Groups in Linux : ( Add & Remove )

All Groups of unix system are listed in the file /etc/group
To see the list of all groups of system

$ cut -d: -f1 /etc/group

See all Groups of a user :

$ id -nG username

Suppose I want to see all Groups of user Thomas whose username is thomas :

$ id -nG thomas

The output is name of groups of thomas.

user1 root admin sambashare vboxusers usbuser mysql apache2

Here user1 is the Primary Group (First Group) & others are secondary Groups.
You can use following command too to see groups of a user.

$ groups username

The first group after colon is Primary Group.

Add an existing Group to user (Other groups should not be removed) :

$ usermod -a -G groupname username

Suppose I want to add a new group to user thomas, other groups should not be removed.

$ usermod -a -G newgroup thomas

Now an existing group newgroup has been added to user thomas. To see the changes, Run

$ id -nG thomas

The output is

user1 root admin sambashare vboxusers usbuser mysql apache2 newgroup

Add an existing Group to user (other groups should be removed, only Primary Group and currently added Group should be available) :

$ usermod -G groupname username

Suppose I want to add new group to user thomas, other groups should be removed. Only Primary Group and currently added group should be assigned to user.

$ usermod -G grp thomas

Now an existing group grp has been added to user thomas. All other secondary groups have been removed from thomas
To find current groups of user thomas

$ id -nG thomas

The output is

user1 grp

All other secondary groups are replaced with grp. Now there is only one secondary group for thomas.

Remove Group of a user :
You can remove only secondary groups of a user. Primary Group can't be removed by this command. If you want to remove primary group, you have to assign a new primary group for user. A user can't be modified without primary group.

$ gpasswd -d username groupname

Suppose I want to remove a secondary group apache2 from user thomas.
Right now there are following Primary Group & Secondary Groups of user thomas.

$ id -nG thomas

The output is

user1 root admin sambashare vboxusers usbuser mysql apache2 newgroup

Now I delete apache2

$ gpasswd -d thomas apache2

See the groups of user thomas

$ id -nG thomas

The output is

user1 root admin sambashare vboxusers usbuser mysql newgroup

apache2 has been removed for thomas.

Change Primary Group of a user :

$ usermod -g groupname username

It removes the current Primary Group of the user and replaces with new added primary group. Secondary groups are as it is. There is no change in Secondary Groups.
Suppose I want to change primary group of user thomas.
To see the groups of user thomas

$ id -nG thomas

The output is

user1 root admin sambashare vboxusers usbuser mysql apache2 newgroup

Now I run following command to change Primary Group

$ usermod -g newgroup2 thomas

Now Primary Group user1 has been removed from thomas and it is replaced with newgroup2. Now newgroup2 is primary group of thomas.
To verify the changes, I see the groups list.

$ id -nG thomas

The output is

newgroup2 root admin sambashare vboxusers usbuser mysql apache2 newgroup

Now the Primary Group is newgroup2.