SSH ciphers help

Similar Messages

• Adding SSH Ciphers

  I've done a fair amount of googling for information about adding ciphers to ssh but no real luck. Is it possible to add a cipher to ssh? I can't even seem to find the location of supporting files (if there are any) for ssh.
  I am looking to add the RC6 cipher to ssh. Any help with finding information on adding ciphers and if possible the files for RC5 or RC6 would be greatly appreciated.

  The predecessor to both of these ciphers is RC4 or arcfour which is included in the ssh client as arcfour128 and arcfour256.

• SSH basics - help needed

  I'm new to networking, so bear with me. Here is what I am trying to do:
  I would like to get to websites that are blocked by a corporate firewall (websense). (I take full responsibility for what I am doing and am not putting myself at risk - don't worry).
  It seems like I could use SSH to connect to my home internet connection thus bypassing the firewall.
  Is that true? If so, what do I need to do?
  Here's my equipment - 2 Macbook Pros, one fuctioning as a desktop at home, one portable. Airport Extreme N router (not gigabit). Comcast home cable internet.
  I just downloaded a program salled SSHTunnel that sounds like it should help, but I don't know where to start.

  The easy route.
  Use TeamViewer <http://teamviewer.com>. Leave TeamViewer running on your home Mac. It will display a "Wait for session ID". Copy that session ID number, and take it with you to work.
  On your work system, run another copy of TeamViewer (there are both PC and Mac versions).
  Configure the work TeamViewer with your corporate Proxy settings
  TeamViewer -> Preferences -> General -> Proxy Settings...
  Now on your work TeamViewer enter the Wait for session ID you got from your home system, and enter that in your work system's Create session ID field. Then click Connect to Partner button.
  This is the easiest way I know about.
  The HARD WAY: You can do this via ssh, but there are a lot more detailed steps.
  1st question. Does your company allow "Out-Bound" ssh connections? If it does, that helps a lot. If they DO NOT, then you would need to mess with an OpenSource program called "Corkscrew" that will get ssh through a proxy server.
  Once you get through the firewall, then you will need to get a dynamic DNS name for your home system. No-IP.com and DynDNS.org offer free dynamic DNS names. You use this so you do not need to worry about your ISP changing your home IP address.
  Now you need to configure your home router so it Forwards Port 22 from the internet side to your destination Mac.
  On your destination Mac, you need to enable System Preferences -> Sharing -> Remote Login, and while you are at it, you should enable screen sharing preference.
  Now on your work system, you ssh to your home system. The form of the command depends on whether you need to use corkscrew or not.
  Without corkscrew:
  ssh -L 5901:localhost:5900 [email protected]
  With corkescrew:
  ssh -L 5900:localhost:5900
  -o 'ProxyCommand /path/to/corkscrew proxy.server.address 8080 %h %p'
  [email protected]
  Now you have an ssh tunnel which you can run screen sharing across. Using a VNC client. On a Mac you can use:
  Finder -> Go -> Connect to server
  vnc://localhost:5900
  If using a 3rd party VNC client, you still specify localhost and port 5900 as these what the ssh tunnel established as the path to the remote Mac's VNC server.
  Now you should be able to use your home Mac and its browser to surf anywhere you like.
  If you wish to increase your complication, you could use ssh to create a SOCKS proxy. You would add the following to your ssh command:
  -D 12345
  Then you configure your bowser to use the SOCKS proxy server via port 12345

• SecureAFP and SecureVNC via SSH Login - Help?

  Hello, Just want to check that there are no security problems in the my future setup ideas.
  I have a MacMini and iMac at home, and also a MacBook Air/Pro (one of which I always have with me). I want to set up either the MacMini or iMac as a Server for all my files etc. My plan is to set up Remote SSH Login in the sharing panel so I can open a SSH Tunnel, and tunnel VNC and AFP through it (I'm not sure if I need to also set up Screen Sharing and File Sharing in the Preference Pane?)
  Once this is set up I should (if I'm not wrong) be able to open up terminal.app and type in "SSH [email protected]:[Port number (depending on the Mac I want to connect to, be it the MacMini or iMac as I use port forwarding)]", once that is done I will need to type my normal login password (is this send in clear text or not - does anyone know??). Hopefully a SSH tunnel will then be up and running. When it is, can I just go to Finder>Connect to Server>"afp://myhostname.dyndns.com" or "vnc://myhostname.dyndns.com" and then these services will be sent through the SSH tunnel, or will they not?
  Is this a good set up or not? Would I be better with using FTP/(S)FTP (although that is Read-only, if what I have read is correct)? Or use Transmit (a FTP/(S)FTP Client) Or would I just be better using Back-To-My-Mac from MobileMe? Is there any GUI for setting up a SSH tunnel, which can save info for multiple Servers? What set-up do you guys use?
  Very sorry for the Long post, but I hope I can have your experienced help on this.
  Thanks in Advance - Adam J.

  Thanks both of you for your detailed help, I'm guessing it doesn't matter if your put 10548 or 22548 etc as long as you map it to the right port (548) on the mac (when typing the "-L....:localhost:...." commend) and within Finder itself.
  Correct. The choice of 10548, 22548, 12345, etc... is up to you as long as you use a valid port number and do not pick a port that is associated with a service you depend on (most of those are low numbered ports, but if you are concerned, you can do Google server on "Known Port Numbers"
  In Finder do I just type "localhost" or the name of the computer on my network?
  In Finder -> Go -> Connect to Server, you type vnc://localhost:publicportnumber. This is the 10548, or 22548, or 12345, whatever port number you choose. The :port_number is how you tell the software making the network connection which non-standard (customized) port number you wish to use.
  You are specifying localhost, because you have created a tunnel that goes from your local host port number 10548 (or 22548, or 12345, ...) to the remote port 548 on your server Mac. As with any kind of tunnel you have to enter it on one end, and when you emerge you are at the other end. So the point of entry is on your localhost, at port 10548, hence afp://localhost:10548.
  Just out of a matter of interest obviously the "-p" command tells terminal what port, but what does the "-L" command do,
  The terminal is NOT the command line. The terminal is just a bit of software that passes your keyboard input to a pseudo serial port which is being read by your shell (typically 'bash'), that parses your input and looks for a command that matches the first token, and then starts a subprocess to run that command and passing the rest of the command line to that command for it to parse.
  so the -p is tell the ssh command to make its initial connection to that port.
  The -L 10548:localhost:548 tells ssh that on the localhost it should open and listen on port 10548 for any connection requests, and to pass anything and everything across the tunnel to port 548 on the other side of the ssh connection. Each -L option establishes a separate port pair to listen and forward network requests between.
  does it also matter if they are capitals or not (e.g. could "-p" be "-P").
  ABSOLUTELY! The Unix environment is VERY MUCH Case Sensitive.
  See "man ssh" and pay attention to the fact that some options are lowercaser and some are upper case. Using the wrong case will either not work, or you will get some behavior you did not expect.
  When setting up the alias where are they then stored - or does it just remember them, so when you type "sshmacmini" it will auto fire up a SSH tunnel to the MacMini and then ask for a password? Is there anyway to then delete these alias or reset them?
  Do you mean a bash shell command alias, as in
  alias sshmacmini='ssh -p 22001 -L 22548:localhost:548 -L 22590:localhost:5900 [email protected]'
  If you mean one of those, then it should be stored in your shell initialization file. For bash (the default Mac OS X comamnd line shell), the typical place would be
  $HOME/.bash_profile
  However, if you already have a .profile, then use that. Bash looks for and uses the first initialization file it finds, in the following order. If you have multiple, one the first found will be used:
  .bash_profile
  .bash_login
  .profile
  If you mean some other kind of alias, please clarify.
  When you use NNNNN and KKKKK they are obviously two different port numbers to port forward to port 22 on the two different Macs?
  If by NNNNN and KKKKK you mean establishing your router's port forwarding so that Public Internet port NNNNN is forwarded to Mac 'A's port 22 and Public Internet port KKKKK is forwarded to Mac 'B's port 22, then yes. This is a bit of router port forwarding magic. In my example I used 22001 and 22002 as my NNNNN and KKKKK values.
  Thanks you again, ever so much for the help! And again very sorry for all the questions - I hope to pick up and learn a bit of Command Line as I'm a total beginner just very good with GUIs.
  A lot of the command line stuff is generic 'bash' shell, so go to your local bookstore and browse some books on 'bash'.
  Personally for learning about how Unix glues things together via the shell, I am still partial to the Kernighan and Pike "Unix Programming Environment" Copyright 1984. The first half of that book will teach you many of the underlying Unix principals. Just keep in mind that it was written 27 years ago when Unix could run on a PDP-11 with less than a megabyte (NOT Gigabye) of memory. However the basic principals are still there. Plus Kernighan is an excellent writer and has his name on many of the early Unix books and programs (such as the 'k' in awk is for Kernighan, the original typesetting program roff and nroff used to format all the man pages, the K&R "C" manual, etc...).

• IOS SSH AAA help!!

  Hi All,
  I have this config:
  aaa authentication login default local line enable
  aaa authorization console
  aaa authorization exec default local
  aaa authorization network default local
  line vty 0 4
  password Gr834!
  transport preferred ssh
  transport input ssh
  transport output ssh
  then create username "admin" with privilege 15. But I can't login to SSH with this username and password? I've already generated public key on the router.
  any idea would be very appreciated.
  thanks
  Alex

  Here is a complete ssh config that doesn't need a hostname or domain name:
  crypto key gen rsa gen label SSH_Keys mod 1024
  ip ssh ver 2
  ip ssh authentication-retries 3
  ip ssh time-out 90
  ip ssh source-interface loopback0
  username test secret p@ssw0rd
  enable secret s3cr3tPassw0rd!
  aaa new-model
  aaa authentication login default local
  aaa authentication enable default enable
  line vty 0 4
  transport input ssh
  I would recommend AGAINST creating level 15 usernames.

• Cisco VPN client and SSH

  Hi,
  I am using Cisco VPN client 4.9.01.0180 to connect to remote server. From the Cisco client, I see that I am connecting to the remote server.
  Using the terminal, with command:
  ssh 192.168.1.2 or ssh [email protected] to connect to the remote server.
  However, the output is:
  ssh: connect to host 192.168.1.2 port 22: Operation timed out
  I don't know what is going wrong. The Cisco client 's setting is simple, and no problem using Windows. Do I have to modify the Mac OS?
  Regards,
  Terence

  hi,
  sorry for asking stupid. how and what did you change your subnet to ?
  i have almost the exact same problem (same client and on Windows it does work and I cannot ssh to a Mac in the work office) furthermore i am using a wireless connection (via Airport Express) ... not sure if that matters.
  do i just go into the Network Prefs and select the tcp/ip tab, and manually change the ip-addresses ?
  my settings (DHCP) currently are
  ip 10.0.1.2
  Subnet Mask 255.255.255.0
  Router 10.0.1.1
  The strange thing for me is that if I Remote Desktop to a PC (via VPN) on the same office net as the above Mac I cannot ssh (via Putty), but when i am physically at the PC i am able to ssh.
  any help appreciated
  ./allan

• Error when creating ssh keys for Oracle RAC on Solaris 10

  I'm in the process of configuring 2 node oracle cluster running on Sun cluster 3.2 /solaris 10 OS.
  I have followed this oracle guide to when creating keys (oracle document No =B14205-01)
  But im having problem when executing this step
  bash-3.00$ scp authorized_keys tsavo-east:/oracle/.ssh/
  ssh: connect to host tsavo-east port 22: Connection timed out
  lost connection
  bash-3.00$
  Please advise
  Thanks
  Francis Mwangi

  Robert Thanks alot for your reply. have a look of what i found out
  ps -ef | grep sshd
  root 4270 4267 0 16:22:46 ? 0:00 /usr/lib/ssh/sshd
  root 759 1 0 Nov 09 ? 0:00 /usr/lib/ssh/sshd
  root 4267 759 0 16:22:41 ? 0:00 /usr/lib/ssh/sshd
  root 4372 4311 0 18:56:52 pts/3 0:00 grep sshd
  ===================================
  netstat -a | grep ssh
  *.ssh *.* 0 0 49152 0 LISTEN
  tsavo-west.ssh 10.30.210.213.2241 63668 51 49640 0 ESTABLISHED
  *.ssh *.* 49152 0 LISTEN
  6002b4aec88 stream-ord 6002b5a0740 00000000 /tmp/ssh-mgPl3398/agent.3398
  ==============================
  telnet tsavo-west 22
  Trying 10.20.3.151...
  Connected to tsavo-west.
  Escape character is '^]'.
  SSH-2.0-Sun_SSH_1.1.1
  #has hanged here for the last 10 minutes
  Thanks please what can you conclude from above; also from the console monitoring both nodes
  i saw messages that end with
  LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to up
  #another line here
  LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to down
  #another line here
  LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to up
  this happens on both nodes
  Any idea
  did i use the right document. have other steps that works (anyway not sure if this error are related to the stepsfor configuring ssh)
  Please help if you can ....

• Unable to open remote connection

  For all vApp VMs (Linux, Windows) when selecting "Open With..." the response is "RDP, VNC or SSH is not enabled or accessible on this VM". However I am able to connected to the same deployed vApp VMs via the the helper apps (Remoter, iSSH, etc.) directly from the iPad and from my laptop without any issue.
  User form iPad is org admin.
  Possible causes:
  Under the Hardware section of the VM, the IP address field is blank. The VM clearly has an IP that can be reached; I looked it up in vCLoud Director from my laptop
  No matter how many times I change the helper apps it does not persist after a save.
  There is no problem seeing, deploying, etc. from the vCloud iPad app.

  To connect to remotely, the guest OS must have RDC, VNC, or SSH services enabled, and accessibly through its firewall.
  Here are a couple of articles discussing how to enable these services in a couple of guest OSes (though I imagine you probably already know how to do this):
  SSH:
  https://help.ubuntu.com/10.04/serverguide/C/openssh-server.html
  http://www.windowsnetworking.com/articles_tutorials/install-ssh-server-windows-server-2008.html
  RDC:
  http://technet.microsoft.com/en-us/library/cc794832(v=ws.10).aspx

• Urgent! DHCP service stop, server lose its IP...

  Hi all,
  I have a serious problem:
  My Macmini Server (late 2010) firstly suddened stop lease IPs event I restart Macmini, restart DHCP service... OK, I set clients (Mac, window) to use static IP, its work for a day and now the server even lose its IP. It is mean I can not ping to server, cannot have Internet, can not share file... just a nice, deadly box!
  At home I can still use SSH to connect to that server and when I use ipconfig:
  server-001:~ Xadmin$ ipconfig getifaddr en2
  get if addr en2 failed, (os/kern) failure
  server-001:~ Xadmin$ ipconfig getifaddr en0
  10.0.0.10
  server-001:~ Xadmin$ ipconfig getoption en0 2
  ipconfig_get_option failed, (os/kern) failure
  server-001:~ Xadmin$ ipconfig getoption en2 2
  ipconfig_get_option failed, (os/kern) failure
  server-001:~ Xadmin$ ipconfig getoption en2 3
  ipconfig_get_option failed, (os/kern) failure
  server-001:~ Xadmin$ ifconfig en2
  en2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
            ether 10:9a:ad:41:c6:10
            media: autoselect (none)
            status: inactive
  server-001:~ vidagisadmin$ ifconfig en0
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
            ether c4:1c:03:4a:eb:d4
            inet6 fe80::c12c:1ff:fe3a:ebd4%en0 prefixlen 64 scopeid 0x8
            inet 10.0.0.10 netmask 0xffffff00 broadcast 10.0.0.255
            media: autoselect (100baseTX <full-duplex>)
            status: active
  Do you have this before?
  How can I active the en2 network interface?
  Any clue is very appriciate and this is very URGENT!!!!!
  Thanks for your time!
  Please note that:
  - I use Macmini server as a gateway, and use an USBEthernet (en2) to sharering that internet connection.
  - hostname appear is OK when I check it through ssh
  Please help!!!

  Hi Esther, I use DHCP for server.
  Actually I found that we have problem with the network cable only! Anyway thanks!
  If this forum have a moderator I hope, please delete this discussion, thanks!

• [Solved][KF5 Plasma] I broke my kwallet service

  Hello,
  I think I broke my kwallet service between updates and an attemp to reset it.
  Few week ago, after an update, kwallet started to ask password any time I wanted to connect to a WIFI network.
  As I didn't remember the kwallet password, I clicked "cancel" and entered the WIFI password manually.
  Today I looked for method to reset kwallet and I've done this :
  rm ~/.config/kwalletrc
  mv ~/.local/share/kwalletd ~/.local/share/kwalletd.bak
  Now i briefly see the kwallet password window, without any chance to do anything with that window.
  And I can't connect WIFI network as it doesn't ask for WIFI password anymore.
  kwalletmanager doesn't work :
  [thomas@thomas-xps-14:~]$ kwalletmanager
  QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.
  QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  Connecting to deprecated signal QDBusConnectionInterface::serviceOwnerChanged(QString,QString,QString)
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  [thomas@thomas-xps-14:~]$ kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  kwalletmanager(7331)/kdeui (Wallet): The kwalletd service has been disabled
  Installed packakages
  [thomas@thomas-xps-14:~]$ pacman -Qs kwallet
  local/kdeutils-kwalletmanager 15.04.1-1 (kde-applications kdeutils)
  Wallet Management Tool
  local/ksshaskpass 5.3.0-3 (plasma)
  ssh-add helper that uses kwallet and kpassworddialog
  local/kwallet 5.10.0-1 (kf5)
  Secure and unified container for user passwords
  Is anyone could help me to get kwallet working again, or make the WIFI password prompt appear again ?
  Last edited by kanar (2015-05-15 09:03:07)

  Working again.
  mv .kde4/share/config/kwalletrc .kde4/share/config/kwalletrc.bak
  mv .kde4/share/config/kwalletmanagerrc .kde4/share/config/kwalletmanagerrc.bak
  Then reboot and it was ok.

• TACACS + Command Logging Problems

  All,
  Working on a problem that I'm having getting command logging setup for my switch / router infrastructure.  Below is my config, authentication is working, both console & SSH.  Authorization is also working.  Some of my accounting features are working, like successful TACACS+ logins, but all my command logging features are not working properly.
  I'm currently running ACS V4.1.  Also, what is the difference between using named auth / accounting lists, and the default?  Is it just that I need to apply them to certian interfaces, where the default is applied to all interfaces?
  Configs:
  aaa new-model
  aaa authentication login SSH group tacacs+ local
  aaa authentication login CONSOLE local
  aaa authorization console
  aaa authorization exec CONSOLE local
  aaa authorization exec SSH group tacacs+
  aaa authorization network CONSOLE local
  aaa authorization network SSH group tacacs+
  aaa accounting exec SSH start-stop group tacacs+
  aaa accounting commands 0 SSH start-stop group tacacs+
  aaa accounting commands 1 SSH start-stop group tacacs+
  aaa accounting commands 15 SSH start-stop group tacacs+
  aaa accounting network SSH start-stop group tacacs+
  access-list 1 permit X.X.56.0 0.0.0.255
  tacacs-server host X.X.X.X key XXXXXXXXXXXXX
  tacacs-server timeout 30
  tacacs-server directed-request
  control-plane
  line con 0
  session-timeout 10
  authorization exec CONSOLE
  login authentication CONSOLE
  line vty 0 4
  session-timeout 10
  access-class 1 in
  authorization exec SSH
  accounting commands 0 SSH
  accounting commands 1 SSH
  accounting commands 15 SSH
  accounting exec SSH
  login authentication SSH
  transport input ssh
  line vty 5 15
  session-timeout 10
  access-class 1 in
  authorization exec SSH
  accounting commands 0 SSH
  accounting commands 1 SSH
  accounting commands 15 SSH
  accounting exec SSH
  login authentication SSH
  transport input ssh
  Any help is appreciated.
  Thanks!
  Jon

  This looks fine:
  3d22h: AAA/ACCT(00000034): Accounting method=tacacs+ (TACACS+)
  3d22h: TPLUS: Queuing AAA Accounting request 52 for processing
  3d22h: TPLUS: processing accounting request id 52
  3d22h: TPLUS: Sending AV task_id=114
  3d22h: TPLUS: Sending AV timezone=UTC
  3d22h: TPLUS: Sending AV service=shell
  3d22h: TPLUS: Sending AV priv-lvl=15
  3d22h: TPLUS: Sending AV cmd=write memory
  3d22h: TPLUS: Accounting request created for 52(testusr)
  3d22h: TPLUS: using previously set server X.X.X.X from group tacacs+
  3d22h: TPLUS(00000034)/0/NB_WAIT/36C23C0: Started 30 sec timeout
  3d22h: TPLUS(00000034)/0/NB_WAIT: socket event 2
  3d22h: TPLUS(00000034)/0/NB_WAIT: wrote entire 115 bytes request
  3d22h: TPLUS(00000034)/0/READ: socket event 1
  3d22h: TPLUS(00000034)/0/READ: Would block while reading
  3d22h: TPLUS(00000034)/0/READ: socket event 1
  3d22h: TPLUS(00000034)/0/READ: read entire 12 header bytes (expect 5 bytes data)
  3d22h: TPLUS(00000034)/0/READ: socket event 1
  3d22h: TPLUS(00000034)/0/READ: read entire 17 bytes response
  3d22h: TPLUS(00000034)/0/36C23C0: Processing the reply packet
  3d22h: TPLUS: Received accounting response with status PASS
  On ACS, look in the log directories for the CSTacacs and CSLog services, and find the entries corresponding to the above.
  Incidentally, you may want to make the timestamps on the router be datetime rather than uptime, it makes it esaier to correlate logs.
  service timestamp debug datetime localtime msec
  service timestamp log datetime localtime msec

• Storage Disappeared! Sort of...

  Hello all,
  I'm running a single host instance of VDI3.0 on a Sun Fire x2200. The storage backend is a Unified Storage 7110. I recently updated the 7110 to the latest firmware version - after which, VDI tells me that my storage is unresponsive. The system shows me as having no storage whatsoever, but yet I am typing this forum post from a virtual machine that was booted and running from the "missing" storage pool.
  As a result of this madness, I am unable to import and boot any new virtual machines. I attempted to add a new storage backend to the system, and when I put in the credentials of the 7110, it does not present the system with a certificate. I can, however, ssh directly into the storage from the VDI provider host.
  I appreciate any insight, because I am totally at a loss on this one.
  Thanks,
  Bob Prendergast

  Hi Bob.
  I suppose you use the 2009.Q2.0.0 version of the 7110 software? The SSH ciphers offered by the SSHD of that release have not a single match in the ciphers list of the SSH client of VDI 3, therefore all SSH connections fail. This issue is currently fixed for the upcoming VDI 3 patch to be released end of this month.
  If you are really in the urgent need of a workaround - and I can't emphasize enough that this workaround isn't even sanity tested yet, so apply it on your own peril - you can download the 1.41 version of the jsch library from http://prdownloads.sourceforge.net/jsch/jsch-0.1.41.jar?download. Shutdown the VDI service on every VDI host ("cacaoadm stop --force"), replace old library at /opt/SUNWvda/lib/jsch-0.1.39.jar with the new one (you need to rename the new library to match the name of the old library) and restart the VDI services again ("cacaoadm start").
  ~Thomas

• "jeos" - Ubuntu in a box (for web developers)

  Have you ever tried to get things like kepler or sproutcore working on Arch? I did and failed, because Arch's software versions are too new and somehow break things. (luarocks failed first with op.cgi and later on kepler post_install, parts of sproutcore fail with ruby 1.9)
  Sure, there are probably ways to fix this, but sometimes it's just nice to have some things working consistently and on the same time enjoy the currency and flexibility of Arch.
  Enter jeos - my take on solving this problem.
  What is jeos? jeos is just a wrapper around a minimal Ubuntu vm, making it almost as if it was running on your machine.
  Quick Recipe:
  1. Download Ubuntu Server Edition
  2. Install VirtualBox (help) and install Ubuntu. In the start screen, press F4 and select "install minimal virtual machine". Make sure to install the ssh-server during setup.
  3. Edit the virtual machine xml configuration file. (to be found in ~/.VirtualBox, I believe, its in vm name/vm name.xml) Add the following lines inside the <ExtraData>-tag.
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/HostPort" value="2222"/>
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/GuestPort" value="22"/>
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/Protocol" value="TCP"/>
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/HostPort" value="8888"/>
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/GuestPort" value="80"/>
  <ExtraDataItem name="VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/Protocol" value="TCP"/>
  You can now ssh into the vm using ssh -p 2222 localhost and access web servers running on port 80 inside the vm via http://localhost:8888. Adjust and add new entries as needed.
  4. Create a ssh keypair (help) and scp the public key into the file ~/.ssh/authorized_keys2 on the virtual machine. You can now login without entering a password.
  5. Create a script called "jeos", make it executable and place it in $PATH. In my case the content is the following: ("Ubuntu 9.10 JEOS" is the name of the vm)
  #!/bin/bash
  VBoxHeadless -startvm "Ubuntu 9.10 JEOS" > /dev/null &
  sleep 2 # give the vm some time to start
  ssh -p 2222 localhost
  Voila - now you can execute jeos in a terminal and you will be greeted by a cli for the vm.
  First start will take about 15 seconds (make sure to adjust grub config in the Ubuntu vm), later it's just like a normal ssh connection.
  Unless you're short on RAM, you can leave the VM running in the background, it will take 0-1% CPU when idle. (C2D@800MHz)

  You are completely right, although I think it's cleaner with NAT (just personal preference).
  Instructions to set up the bridge are in the Vbox wiki article I linked, you can skip step 3 then and have to use the vm's IP instead of localhost.

• How to Change the Default SSH Port from Terminal ? now showing default SSH Port 22 i need change it pls help me how can do

  How to Change the Default SSH Port from Terminal ?
  now showing default SSH Port 22 i need change it pls help me how can do

  How to Change the Default SSH Port from Terminal ?
  now showing default SSH Port 22 i need change it pls help me how can do

• Help setting up ssh (putty) in 2821 routers

  I am trying to use ssh for the the 2821 routers. They have IOS 12.3(11)(k9) on it.
  So, these are the steps that I do:I add a new user name with no AAA model. And I give the user name privilege level 15(I also gave it 0, but nothing). The routers already have a hostname, and I add the domain-name. So After these commands, I create the key, using crypto key generate command.
  So after this, I go into putty, type the ip addres, set-up for 3des encryption.
  I am able to make a connection to the router, asking me for the login name and password, but when I typed the username and password, it response, "Access Denied"
  any comments or anything will help. Thanks

  Try using SSH Version 1. Most of the "older" Cisco hardware / IOS can only connect with Version 1.
  SSH1 has been broken, but it's still much more secure than Telnet.
  Good Luck
  Scott