SSH access

Similar Messages

• Mac Mini login GUI not responding (but SSH access OK)

  I have an ongoing intermittant issue with my Mac Mini (running Lion).
  I can see the login GUI but can't login!  Sometimes the mouse pointer moves in response to my trackpad motions but the "click" doesn't respond when I try it. Generally the keyboard doesn't seem to respond (but pressing "enter" does wake-up the screen).
  I have the problem at the moment and have managed to actually enter 3 characters of my password, but now it's not responding.
  VNC access is enabled and if I connect via that method the results are exactly the same (so it's not an issue with my actual/physical keyboard or mouse).
  I have enabled SSH access and I can login via this method so the system is still responding.  I have run "top" from the SSH session and no particular process seems to be "hogging" the system.
  So I am at a loss as what to do.
  I would appreciate any advice on how to fault-find this via the SSH session.

  In System Preferences>Accounts, unlock the lock, click the little + icon & add a new Admin user, log into that account & see if it works.
  While in Safe mode/boot, in System Preferences>Accounts, unlock the lock, click the little + icon & add a new Admin user, log into that account & see if it works if you set the new user to Automatically login.

• Best practice for SSH access by a user across multiple Xserves?

  Hello.
  I have 3 Xserves and a Mac Mini server I'm working with and I need SSH access to all these machines. I have given myself access via SSH in Server Admin access settings and since all 4 servers are connected to an OD Master (one of the three Xserves), I'm able to SSH into all 4 machines using my username/password combination.
  What I'm unsure of though is, how do I deal with my home folder when accessing these machines? For example, currently, when I SSH into any of the machines, I get an error saying...
  CFPreferences: user home directory at /99 is unavailable. User domains will be volatile.
  It then asks for my password, which I enter, and then I get the following error...
  Could not chdir to home directory 99: No such file or directory
  And then it just dumps me into the root of the server I'm trying to connect to.
  How should I go about dealing with this? Since I don't have a local home directory on any of these servers, it has no where to put me. I tried enabling/using a network home folder, but I end up with the same issue. Since the volume/location designated as my home folder isn't mounted on the servers I'm trying to connect to (and since logging in via SSH doesn't auto-mount the share point like AFP would if I was actually logging into OS X via the GUI), it again says it can't find my home directory and dumps me into the root the server I've logged in to.
  If anyone could lend some advice on how to properly set this up, it would be much appreciated!
  Thanks,
  Kristin.

  Should logging in via SSH auto-mount the share point?
  Yes, of course, but only if you've set it up that way.
  What you need to do is designate one of the servers as being the repository of home directories. You do this by simply setting up an AFP sharepoint on that server (using Server Admin) and checking the 'enable user home directories' option.
  Then you go to Workgroup Manager and select your account. Under the Home tab you'll see the options for where this user's home directory is. It'll currently say 'None' (indicating a local home directory on each server). Just change this to select the recently-created sharepoint from above.
  Save the account and you're done. When you login each server will recognize that your home directory is stored on a network volume and will automatically mount that home directory for you.

• Cisco Nexus 3000 ssh access

  I have a Cisco  Nexus 3172T in a small environment running System version: 6.0(2)U3(1). I am using a vlan as management access, i.e. vlan100 is on every device and is using for snmp/ssh access. On the same switch I have one non-switchport (routed) port (eth1/6 in this case) connecting to a remote datacenter. I am able to SNMP poll and ping the vlan100 interface on the switch from everywhere, and I am able to SSH login while I am connected on any of the VLANs that are known to the switch. My problem comes when trying to access (SSH) the switch from the remote datacenter location (SNMP/Ping also works from the remote location). The only way to SSH access the switch from the remote location is only if I SSH in on the routed port (i.e. eth 1/6).
  I am not using the dedicated management port on the switch (nor I have any plans in the future). I am also running very plain config, a few switchports, one routed port, and the default control-plane policy (which is only policy pps). There are the ACLs on the VTY.
  Am I running into a known bug or is there some configuration requirement to allow this ?
  thanks
  dragan

  Its not in a VRF or anything like that is it?
  Also have you tried setting the ssh source interface to be vlan 100.
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/security/6x/b_Cisco_n3k_Security_Config_6x/b_Cisco_n3k_Security_Config_6x_chapter_0110.html#task_4AFC76AF5CD04C728EF30CB15EAE2655

• How to get ssh access to my Azure Website?

  Hi,
  I can connect to Website via FilZilla using ftp hostname and username. But how to get ssh access to Azure Wedsite?

  ssh is not supported, but FTP should absolutely work using FileZilla. You can also use the
  Kudu Console, which gives you a console into your site.

• Simple SSH Access-List Question

  I am enabling SSH access for all of our Cisco devices and want to restrict access to just the following ip addresses: 192.168.200.1-192.168.200.50.  I forgot the exact access-list configuration to accomplish this.  The subnet is /24 and I don't want the whole subnet - just .1 - .50.
  Thank you,
  Thomas Reiling

  Hi there,
  If using ssh make sure you have a domain name, host name and a generated rsa key.  Assuing you've done that, the the following ACL and line vty command will do the trick.  Note that the 1-50 host list is not on a subnet barrier.
  To get it exactly
  access-list 1 remark ALLOW MANAGEMENT
  access-list 1 permit 192.168.200.0 0.0.0.31
  access-list 1 permit 192.168.200.32 0.0.0.15
  access-list 1 permit 192.168.200.48 0.0.0.1
  access-list 1 host 192.168.200.50
  access-list 1 deny any log
  It would be a good idea to put it on a boundary though, so the following would be much more simpler and easier to read.
  access-list 1 remark ALLOW MANAGEMENT
  access-list 1 permit 192.168.200.0 0.0.0.63
  access-list 1 deny   any log
  Apply the access-class on the vty lines and depending on authentication, i'd put something there too.
  line vty 0 4
  access-class 1 in
  transport input ssh
  password blahblah
  That ought to do it.
  good luck!
  Brad

• Ssh access into virtual context on the ACE module A(2.2)

  Hello,
  I tried to configure:
  Admin(conf)#context test
  Admin(conf-context)#ssh key rsa1 1024
  but this command ssh is not supported int this newest version. How can I configure the ssh access directly into virtual context on the ACE module??
  Thank you

  Here's a link on how to configure it.
  https://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/admin/guide/access.html#wp1049450
  Hope that helps.

• WRVS4400n port forwarding (SSH access)

  I have a WRVS4400n and a CentOS server that I need to enable a SSH access to from WAN.
  I created a single port forward rule to open port 22 and forward to server (which address is 192.168.41.3)
  However ssh connect doesn't happen, the command "ssh user@{external_IP}" times out after 20 seconds.
  Wondering why...
  If I connect my server directly to modem through outside interface - I have no problems connecting to it. Once it's behind router - no luck.
  I even added same rule for UDP, not sure if it's needed, but it definitely didn't hepl.
  The router is on firmware version 2.0.1.3, version on a bottom is 2.
  Any suggestions?

  Hi Randy Manthey, Thanks for quick response. The server has 2 interfaces:  eth0 (outside, WAN) currently down. When it was up it had a static IP, default gateway and mask assigned by ISP. It was plugged into the cable modem at that time, it was accessible.  eth1 (inside, LAN), up, address 192.168.41.3, default gateway 192.168.41.1 (which is above mentioned Cisco router WRVS4400n). It can ping all machines on LAN, including gateway. It is accessible to all machines on LAN and can be pinged by the Cisco router. It CANNOT ping any IP address on WAN (I understand this is because eth0 is down).  Let me know if you need any other info. Thank you.
  Edit: I got home (the router is in one of my offices) and scanned the router with nmap:
  nmap -v -sT -PN XXX.YYY.ZZZ.88
  Starting Nmap 5.21 ( http://nmap.org ) at 2012-04-24 23:24 EDT
  Initiating Parallel DNS resolution of 1 host. at 23:24
  Completed Parallel DNS resolution of 1 host. at 23:24, 0.04s elapsed
  Initiating Connect Scan at 23:24
  Scanning wsip-XXX-YYY-ZZZ-88.nn.nn.nnn.net (XXX.YYY.ZZZ.88) [1000 ports]
  Discovered open port 8080/tcp on XXX.YYY.ZZZ.88
  Completed Connect Scan at 23:24, 6.06s elapsed (1000 total ports)
  Nmap scan report for wsip-XXX-YYY-ZZZ-88.nn.nn.nnn.net (XXX.YYY.ZZZ.88)
  Host is up (0.033s latency).
  Not shown: 999 filtered ports
  PORT     STATE SERVICE
  8080/tcp open  http-proxy
  Read data files from: /usr/share/nmap
  Nmap done: 1 IP address (1 host up) scanned in 6.14 seconds
  Port 8080 - is a port for remoute router administration.

• SSH Access On Specific IP

  Hi,
  I have configured 10 interface vlan on my cisco core switch 6509.
  However I want my users SSH it on management IP only. SSH access on other IP (defined for each interface vlan) should be blocked by switch.
  Kindly suggest how to configure this.
  Thanks in advance.

  You could use an ACL, CoPP, CPPr to do it. Here's an example-
  http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11_553261.html
  Hope it helps.

• Compile and debug to a remote server with ssh access

  How can i compile and debug from my Mac to a remote server that has ssh access only?

  Besides Microsof's Remote Desktop Connection
  <http://www.microsoft.com/mac/products/remote-desktop/default.mspx>
  Applications -> Remote Desktop Connection
  Computer:  windows.pc.address
  -OR-
  Computer:  windows.pc.address/console
  There is also CoRD (Microsoft RDC Screen Sharing)
  <http://www.macupdate.com/info.php/id/22770/cord>

• Ssh access without password

  How do set up ssh access without password? I follow the steps below but didn't work:
  1. ssh-keygen -t rsa
  2. copy the id_rsa.pub to the remote host and rename it to authenticated_keys
  3. ssh-agent $SHELL
  4. ssh-add
  5. try testing:
  ssh <remote host> date
  It still prompt for the password. Did I miss out some steps? Pls help if you know the asnwer.

  May be you need to look sshd.conf (or like) file and edit it. If that does not solve the problem, you may need to consider .shost file as in casr of rcp and rlogin you configure .rhosts file.

• ACS 5.3 SSH Access

  I have recently virtualised an ACS 5.3 on ESX 3.5 to trial before upgrading our old 3.3.
  Problem is when I come to sync the ACS with a time server I discovered I can't login directly.
  I can login to the webinterface with out any problems but not when SSH'd
  login as: acsadmin
  Using keyboard-interactive authentication.
  Password:
  Access denied
  Using keyboard-interactive authentication.
  Password:
  Am I missing something...

  The username for ssh is admin (unless you specified a different name), also the password can be different. It is based on how you entered it in the installation script.
  default superadmin account for web is acsadmin however the two accounts are not synced and neither are the databases. You create an account for GUI access, it doesn't get cli access and vice versa.
  Thanks,
  Sent from Cisco Technical Support iPad App

• ASA 5505 ssh access question

  Hi,
  Currently any ip address can ssh to my asa 5505 firewall outside interface. What should I do to restrict only certain IP can? What's the command to see the current ssh management access rule?
  Thanks.
  Ye 

  I tried this and got an error. Please help.
  CL-T179-12IH# ssh 162.221.204.59 255.255.255.255 outside
                                   ^
  ERROR: % Invalid input detected at '^' marker.
  Also when I do   "show run ssh" I see below line. How to remove it?
  ssh 0.0.0.0 0.0.0.0 outside
  Thanks.
  Ye

• Ssh Access-list

  Hi,
  I want to create an access-list that will allow any host to ssh to the Management address of a switch but, only the
  Management address. Does this look like a clean way to do this?
  ip access-list extended SSH_ACCESS
  permit udp Management VLAN ip any eq 22
  permit tcp Management VLAN ip any eq 22
  deny udp any other switch ips eq 22
  deny tcp any other switch ips eq 22
  permit ip any any
  line vty 0 15
  ip access-group SSH_ACCESS
  Thank you, Pat.

  Hi
  In IOS Version 12.4 its work likes that only. Can anyone try this in IOS version 15?
  R2#
  R2#sh ip int br | i up
  FastEthernet0/0            192.168.10.2    YES manual up                    up
  R2#
  R2#
  R2#telnet 192.168.10.1 /so fa0/0
  Trying 192.168.10.1 ... Open
  R1#
  R1#
  R1#sh ip access-list 100
  Extended IP access list 100
      10 permit tcp host 192.168.10.2 host 192.168.10.1 eq telnet log
      20 permit tcp host 192.168.10.2 any eq telnet log (8 matches)
      30 permit tcp any any eq telnet log
  R1#
  R1#
  R1#
  R1#sh ver | i Version
  Cisco IOS Software, 2600 Software (C2691-ADVENTERPRISEK9-M), Version 12.4(25c), RELEASE SOFTWARE (fc2)
  ROM: 2600 Software (C2691-ADVENTERPRISEK9-M), Version 12.4(25c), RELEASE SOFTWARE (fc2)
  R1#

• Open Directory / Active Directory SSH access

  I have recently bound all of our web and database servers on our active directory and open directory realms. I am able to augment the AD records for my account and the accounts of the other admins, give them NFS home directories and all is great. We can login to any machine with our AD password and get our homes. Problem is 9 times out of 10 we all prefer using SSH and the CLI for most of what we do. I can login to any of these machines with an OD user and get their home directory, but when I try with an AD user I cannot authenticate.
  So to recap:
  * Login works for both OD / AD users at the login window
  * SSH login works for OD users
  * SSH login does not work for AD users.
  I don't even know where to begin with debugging this one. Any help would be greatly appreciated.
  Message was edited by: Coleman Nitroy

  Okay adding even more information to this (maybe this topic needs to be moved to a different sub forum)
  Instead of assuming SSH would automatically work via AD/OD binds like the Login window does (apparently magically) I went thru and setup the SSHd on a test box to work via kerberos logins.
  On the client side I enabled GSSAPIAuthentication as well and here is the error I get for (ssh -v [email protected]):
  debug1: Unspecified GSS failure. Minor code may provide more information
  Server not found in Kerberos database.
  Then it kicks over to the next authentication method. To enable AD login via the login window I didn't have to do anything special. Kerberos tickets are generated and all is well. I am not certain as to why or how SSH works via OD automagically but still no luck getting it to work with AD. Not getting this working would be a large loss for our lab.
  Anyone....?
  Message was edited by: Coleman Nitroy