SSH Question

Running Solaris 10 on SPARC
How can I find the current version of ssh running?
svcs -l ssh does not return version information
Does Sun have it's own SSH (flavor) or does Sun use openSSH??
Thanks

Run the following command to find the version of SSH on the host : $ ssh -VNote that it's a capital "V".
Yes, Sun uses it's own version of SSH. Version 1.0 (which is out of the box) is based on OpenSSH 2.3 while version 1.1 is based on 3.5p1. There's more information on this in the SSH project page at the OpenSolaris.org site.
Cheers,
Erick Ramirez
Melbourne, Australia

Similar Messages

  • SFTP and SSH question.

    Currently I have a headless OS X Client running Crush FTP over SSH (SFTP) for our work SFTP server this is separate from our main OS X G5 server box.
    I can't seem to SSH into the SFTP server via the terminal in order to manage it an poke around like I do with our server.
    I am about to setup a little OS X server at home and want SFTP access from it, as I can't justify a seperate box, but I also want to be able to SSH into the box from the outside world too.
    I am firstly wondering what the issue is with my Crush FTP server as to wether I will experience the same problem at home.
    The 2nd question is can OS X run FTP over SSH (SFTP) with the built in server admin tools and if so is it as easy as Crush FTP to manage?
    I will be using ACL's so I guess I could restrict access down that way.
    Thoughts, comments, suggestions and explanations very much welcome as I can't find much to answer the above.

    Hi: Port 115 is generally used for SimpleFTP. SecureFTP or FTPS uses port 989 and 990. This might help.
    Tony

  • Terminal SSH question

    Hi, i'm trying to SSH into my ATV2 in order to install xbmc.
    In my efforts, i managed to muck up my ssh commands in terminal.
    when i try to log in to root, i get;
    /Users//.ssh/config: line 2: Bad configuration option: as;ldfkj
    /Users//.ssh/config: line 3: Bad configuration option: j;ljk
    /Users//.ssh/config: line 4: Bad configuration option: ls
    /Users//.ssh/config: terminating, 3 bad configuration options
    What command do i need to type in order to clear out those configuration options?
    thanks in advance!!

    Edit: I just looked at the original post again, because I was wondering how SSH could be of any use to someone who doesn't understand the shell, and I realized that you're asking for help in hacking a jailbroken AppleTV. This isn't the place for that. Go back to the site where you found the hack and ask your question there.

  • AAA & SSH question

    Hi~
    I have an authentication problem, my config is as follows:
    1. When I use telnet, "% Authorization failed."
    2. When I use ssh, enter the username without entering the password can authenticatoin success
    3. Use ssh authentication is successful not see the record passed authentication log in ACS
    Why line vty 0 4 config "login authentication console" use ssh enter the username without entering the password can authenticatoin success?
    aaa new-model
    aaa authentication login default group tacacs+ line
    aaa authentication login console none
    aaa authorization exec default group tacacs+ if-authenticated
    aaa authorization exec console none
    aaa accounting exec default start-stop group tacacs+
    aaa accounting commands 1 default start-stop group tacacs+
    aaa accounting commands 15 default start-stop group tacacs+
    aaa accounting connection default start-stop group tacacs+
    tacacs-server host 172.18.1.247
    tacacs-server timeout 60
    tacacs-server directed-request
    tacacs-server key xxxx
    line con 0
    authorization exec console
    login authentication console
    line vty 0 4
    login authentication console
    length 0
    line vty 5 15
    password 7 xxxx

    Hi Hussam,
    -IP Domain-name is missing from the configuration-Transport input SSH is missing under line vty 0 4-Crypto key generate rsa is missing as well
    but they are all not needed in this situation. And the "crypto key generate" is never  included in the running config.
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

  • Ssh to iMac from my PC with graphic applications

    How can I ssh to my iMac from my window PC?
    I am using SecureCRT + Xming to ssh to my iMac, but I could not open the graphic applications (e.g. xv) through ssh. (I can do it when ssh to a Linux machine though).
    Do I have to setup something in my iMac machine?
    Is there any window software (other than SecureCRT + Xming) that can help me to do that?
    Thanks.

    Generally speaking, you tunnel your X11 X-Windows session by starting the ssh session using the -X (capital X) or -Y (capital Y) ssh command line option. This establishes an X11 tunnel, and on the remote system associates your DISPLAY environment variable with the remote end of the ssh tunnel. Typically DISPLAY looks something like localhost:14.0
    I do not know how to tell your SecureCRT + Xming setup to export your X11 display server's DISPLAY environment to Mac OS X.
    I also assume you have an X11 display server running on your Windows PC.
    Note: Terminal, Unix, command line (such as ssh) questions are best asked in the Mac OS X Technologies > Unix Forum
    <http://discussions.apple.com/forum.jspa?forumID=735>

  • Diamond question mark boxes instead of unicode via ssh in term.

    Terminal and iTerm both show the diamond shaped question mark box (instead of the proper unicode when I am SSHed into a remote machine. For the most part this is just a cosmetic issue, though it's annoying when I am trying to read non-english messages on IRC, etc.
    irssi (for example) running locally displays everything properly: http://dl.dropbox.com/u/62449/localirssiunicode.png
    Over ssh I get this: http://dl.dropbox.com/u/62449/sshirssiwat.png
    The local terminal is set to utf8, and all the default encodings are selected, but playing with them doesn't seem to help much.
    I hope I am posting this in the right place.

    The general approach at this time is to ask if you've checked for any problematic fonts (all languages) with Apple's Font Book (look in the Applications folder). Find and remove all duplicates also.
    Start there to be sure all fonts that are in play come out with a clean bill of health.
    Don't hesisate to perform wholesale deletion of old and/or little used fonts - be skeptical of anything that has come from Office 2008, including those related to an Equation Editor installation.
    By all means be sure any 3rd party apps AND plug-ins are Snow Leopard compatible.
    An additional measure is to clear the existing font caches:
    http://www.macworld.com/article/139383/2009/03/fontcacheclear.html
    That said, 10.6.2 release notes have this to say about fonts:
    http://support.apple.com/kb/HT3874
    Fonts fixes provided for:
    • an issue with font spacing
    • an issue in which some Fonts are missing
    • font duplication issues
    • an issue with some PostScript Type 1 fonts not working properly
    Good luck in any case.

  • Advanced Network Question - SSH tunneling through time capsule

    Hi!
    I have a small question. I just got a time capsule the other day and things are working great with it. At home, internet speeds are what they should be and everything is fine. I replaced it with a linksys, which I consistently got 6.5/1 up. After replacing it, I'm now getting 7.5 down/1mbps up, which is what I am subscribed to.
    I used to ssh into my linux box and tunnel web traffic over SSH so when I'm on the road, other's can't sniff my traffic. Basically, I setup firefox to use a socks server, then ssh into home with a dynamic port mapping.
    On the linksys (wrt54g), this worked great, and the speeds were acceptable (about 1mbps down/1mbps up). However, after switching the linksys with the time capsule, it seems like the speeds have slowed down tremendously. I'm now getting about 200k down and 1 mbps up when I ssh and tunnel web traffic through my home.
    I know that this isn't anything people normally do, but it works great and prevents people from spying on my web traffic when I'm away from home. I was just wondering if anybody has any ideas on why it might be slower now that I replaced it with the time capsule.
    Thanks!

    Hello H Salk. Welcome to the Apple Discussions!
    Enabling NAT on any Internet router, not just the AirPort & Time Capsule, will affect data transfer rates (in both directions) to devices connected either by wire or wireless to that router.

  • Basic N1 SSH config questions...

    At the risk of asking remedial questions, are these actions correct?: <p>
    <li> When generating SSH keys, I am to generate one set with the ID used to install/owner of the MS (agent, server, cli)? (i cant remember now if cli installed w/ the master seerver or not, i think it did)</li><p>
    <li> I am to create a second user and generate keys, and place this users pub key into the authorized_keys2 file of the first user (product install/owner of MS) </li><p>
    <li>How do I tell N1 about the existance of this second user? Is this what pe.defaultUserToRunAs is for? I cannot find this in the docs. </li><p>
    <li> According to previous postings, root ssh'ing is required for OSP. This makes no sense to me when the agent can be owned by a non-root user, yet can execute native commands with root priv.</li><p>
    <li>The docs state that SSH forwarding works downstream, but can it use loop back to the master server?</li><p>
    <li>Why do I see the product use a root shell to CLI back to the Master server (OSP question)? Should this be happening?</li><p>
    Thanks for everyones help.
    <p>
    Pete.

    At the risk of asking remedial questions, are these
    actions correct?: <p>
    <li> When generating SSH keys, I am to generate one
    set with the ID used to install/owner of the MS
    (agent, server, cli)? (i cant remember now if cli
    installed w/ the master seerver or not, i think it
    did)</li><p>True for MS/LD/RA as they always run with the same uid. CLI works best, if always invoked as the install owner. If the CLI is invoked as any other user, then there are couple options,
    one is to make sure that each user has their ssh keys configured so that the connection from their machine to the MS machine with their ssh credential succeeds.
    Another is to configure CLI to always a single identity to connect to the MS. For security reasons, you may want this identity to be different from the MS install owner. If you look at the ssh man page, it allows you to override the default uid and identity file locations through options -l & -i.
    Lets say we create a new user spsuser, for CLI authentication.
    We can then generate ssh keys for spsuser and put them in this identity file, lets say /home/spsuser/ssh/identity.
    We can then configure sps CLI to override the ssh credentials that are used when connecting to the MS as
    net.client.parms.1=sshargs=-o|BatchMode yes|-l|spsuser|-i|/home/spsuser/identityThat way CLI will always try to use the same ssh identity regardless of who invokes it. However, since I haven't tested this configuration, I'm not certain if it will work. The one possible issue here is that ssh may complain about the identity file having global read permissions.
    >
    <li> I am to create a second user and generate keys,
    and place this users pub key into the
    authorized_keys2 file of the first user (product
    install/owner of MS) </li><p>Nope, the keys always belong to the same user, unless you are overriding the default user to the first user when running ssh as the second user.
    >
    <li>How do I tell N1 about the existance of this
    second user? Is this what pe.defaultUserToRunAs is
    for? I cannot find this in the docs. </li><p>I think you are talking about the CLI here. In this case you'll be running the CLI as the second user, right? In that case all you need to do is to make sure that the second user is able to connect to the MS machine from the CLI machine using ssh, without requiring any user interaction.
    >
    <li> According to previous postings, root ssh'ing is
    required for OSP. This makes no sense to me when the
    agent can be owned by a non-root user, yet can
    execute native commands with root priv.</li><p>The ability to run native commands as root is only available when the agent is running as root. Otherwise the plan that tries to run exec native as root will fail if the agent that its running on is not running as root.
    >
    <li>The docs state that SSH forwarding works
    downstream, but can it use loop back to the master
    server?</li><p>Not sure I understand the question. downstream here implies from the machine invoking ssh client to the machine thats running the ssh daemon. I don't think ssh would care if the the ssh daemon was connected to via any IP address or loopback...
    >
    <li>Why do I see the product use a root shell to CLI
    back to the Master server (OSP question)? Should
    this be happening?</li><p>My opinion is that CLI doesn't need to run as root for most of its functionality. The only case where it may need to run as root is when the files that its trying to checkin are only readable by root. However, it may make sense make those file readable by the CLI user instead of running CLI as root in that case. Don't know if it makes sense to have OSP run the CLI as a non-root user instead..
    hth,
    Aj

  • Combo unix ssh port forwarding + iChatAV + Bonjour question

    I don't know which forum is best for this question, so thought I'd try here first.
    I've been tossing around the idea of picking up a couple of iSights and running iChatAV. Problem is, if I understand this correctly, iChatAV uses a couple of ports for connections to third-party servers: AOL buddy server or Jabber server, a port for something called snatmap, a port for SIP, and some other stuff. Plus, it requires that you open up nearly 20 ports on your network for the AV traffic! (I get nervous just having my non-standard ports for smtp and ssh open, and my imaps port open (which is another issue -- anybody know how to change imaps port 993 to a non-standard port if running uw-imap server?) It doesn't look like iChatAV can, normally, operate by "calling up" an IP address or hostname...it always has to set up calls using AOL or Jabber...unless, perhaps, the destination iSight/iChatAV is on your own Bonjour-capable subnet.
    So, I'm thinking, what if a calling party created a ssh tunnel and port-forwarded the dozens of UDP and couple of TCP ports over a ssh tunnel, as a lengthy list of port forward options like "-L 5297:localhost:5297 -L ...", (assuming that the forwarding host, to whom the caller ssh's, is the same computer that is running iChatAV, hence, the remote host specification in the "-L" option of "localhost"). Would the caller then be able to treat the connection like Bonjour networking and when he calls localhost on his end of the circuit, it "bonjours" to the called hostname's localhost and thus a peer-to-peer connection would be made?
    Or perhaps a reverse port forward tunnel ("-R" options) could be set up in advance by the "to-be-called" party, and then the calling party initiates a iChatAV call as a "same-subnet-as-calling-computer-via-Bonjour" type of call?
    I'm just kicking around some thoughts here; I don't know enough about the intricacies of iChatAV and Bonjour (and ssh) to really know all the "gotchas" and I'd like to get the planning done with a high degree of confidence of success before I plunk out $300 on two iSights.
    If the general concensus of the group moderator and others on this forum is that this question should be posted in another forum, I apologize, and I'll move, but I thought that the ssh tunneling nature of my inquiry (and my unrelated side question about how to change 993 to a non-standard port) made this forum the obvious, and best, choice.
    Thanks in advance for any thoughts on these issues!
    2001 Quicksilver G4   Mac OS X (10.4.5)  

    No, you can't do what you describe. You have to use port forwarding on the router for any incoming connections, and each port forward rule can only map to a single server/service.
    However, SSH has the ability to tunnel other connections, so it may be possible to remove one or more of the existing port forwarding rules and replace them with a SSH rule, then use SSH tunneling to get to those services. Of course, this will only work for services that only you (or other authorized users) need to access, and not public services such as web/http traffic (assuming you're running a public web site).
    The only other option would be to replace your router with one that doesn't have such a strict limit on the number of port forwarding rules.

  • Built-in SSH Terminal question on how to save and exit

    Howdy, Heres my question and problem.
    I haven't been able to figure out how to save and exit the editor for the SSH terminal that the mac has. I've read that to save you press control -O hit return and to exit hit control -X but that doesn't seem to be working.
    I'm trying to install imagemagick onto my web server and I get stuck at that point of saving and then exiting.
    can anyone tell me how to save and exit the editor?
    I hold down control press -O i let go of the buttons then i press control -X and it stays at the same editor like nothing happened. I try quitting the terminal and reloading it all but that just causes me to restart and nothing saved. and I actually hit the "-" key should i do that or no?
    heres the instructions I'm following for the imagemagick install.
    (For this next part, if you don't have "pico", you can use "vi" instead)
    $ cd libtiff-lzw-compression-kit
    $ pico Makefile
    change
    TIFFSRCDIR = /tmp/libtiff
    to
    TIFFSRCDIR = ../tiff-v3.5.5
    Then save and exit the Editor $ make install
    $ cd ..
    $ cd tiff-v3.5.5
    $ ./configure
    thanks for any help
    -Ahufs

    ctrl+x (thats both keys at the same time) will invoke the exit of the program. at wich point if youve made changes to the file it will ask you if you want to save the data or not. If yes you need to type yes or y and hit enter... if no then no or n. Then it will ask you what you want the file name to be with the default being whatever the file was that you opend to buffer to work on so in most cases you hit enter again.
    hitting ctrl+o (thats both at the same time again) should write the file out and close the application without prompting i think (i dunno for sure... i always use ctrl+x myself).
    At least thats on the OS X version of pico... your server is probably linux so it may differ although i wouldnt expect it to. my pico bindings have always been the same from Debian to CentOS to Darwin.
    Also i msut ask... why cant you pass the TIFFSRCDIR as an option to ./configure like normal instead of manually editing the make file?

  • Booting from Ext HDD / SSH / Codecs question

    As I understand it, there are two things you can do to the apple TV.
    1. Boot from a regular mac os x install on an external HDD from the USB port
    2. Take the HDD out, enable SSH / install codecs, etcs
    My question is quite simple then:
    Is it possible to boot from the ext HDD and then install perian / flip4mac components and enable SSH without opening up the Apple TV?
    From my understanding of the above, logic says, "yes"
    Regards
    Paul

    As I understand it, there are two things you can do to the apple TV.
    1. Boot from a regular mac os x install on an external HDD from the USB port
    I doubt this is possible, besides a number of issues that you may or may not be able to resolve in instructing the tv to boot from another SUD, I doubt the tv has the ability to run a regular OS anyway (RAM limitations etc) but that is just my opinion, I have no specs to support this.

  • Ssh password questions

    I have a couple newbie-ish questions regarding SSH access in OS X. I currently have OS X 10.6.1, if it helps any.
    Currently, I have SSH access enabled through Remote Login in System Preferences. I have public key authentication set up for a couple of my computers, but there are some places that I can't utilize that method and have to use keyboard-interactive login.
    What I'm concerned about is having to change my password for my user account to ensure that SSH access is as secure as I can make it for passwords. However, as my wife uses this computer, she doesn't want to have to type in a weird login just to log in to the computer. Is there a way to enable a different password for SSH access than is set up for the user account on OS X?

    ZyLo wrote:
    Currently, I have SSH access enabled through Remote Login in System Preferences. I have public key authentication set up for a couple of my computers, but there are some places that I can't utilize that method and have to use keyboard-interactive login.
    Really? Usually that is just because you have some permissions problems on .ssh or your home directory.
    What I'm concerned about is having to change my password for my user account to ensure that SSH access is as secure as I can make it for passwords. However, as my wife uses this computer, she doesn't want to have to type in a weird login just to log in to the computer. Is there a way to enable a different password for SSH access than is set up for the user account on OS X?
    Not as far as I know. My advice would be:
    Get your wife her own computer, or setup multiple user accounts on this machine, make your wife's account "Standard", and set it up for default login

  • ASA 5505 ssh access question

    Hi,
    Currently any ip address can ssh to my asa 5505 firewall outside interface. What should I do to restrict only certain IP can? What's the command to see the current ssh management access rule?
    Thanks.
    Ye 

    I tried this and got an error. Please help.
    CL-T179-12IH# ssh 162.221.204.59 255.255.255.255 outside
                                     ^
    ERROR: % Invalid input detected at '^' marker.
    Also when I do   "show run ssh" I see below line. How to remove it?
    ssh 0.0.0.0 0.0.0.0 outside
    Thanks.
    Ye

  • Question about ssh login warning: Bad protocol version identification

    I set up ssh on my computer according to Tim Haigh's suggestions given here:
    http://discussions.apple.com/thread.jspa?threadID=1674968&tstart=0
    But when I log in from my iPhone, secure.log shows this:
    sshd[534]: Bad protocol version identification 'GET / HTTP/1.1' from 208.54.83.51
    Although I do log in successfully, how can I resolve this error?

    GET / HTTP/1.1
    Looks more like a Web browser handshake, than ssh.

  • Simple SSH Access-List Question

    I am enabling SSH access for all of our Cisco devices and want to restrict access to just the following ip addresses: 192.168.200.1-192.168.200.50.  I forgot the exact access-list configuration to accomplish this.  The subnet is /24 and I don't want the whole subnet - just .1 - .50.
    Thank you,
    Thomas Reiling

    Hi there,
    If using ssh make sure you have a domain name, host name and a generated rsa key.  Assuing you've done that, the the following ACL and line vty command will do the trick.  Note that the 1-50 host list is not on a subnet barrier.
    To get it exactly
    access-list 1 remark ALLOW MANAGEMENT
    access-list 1 permit 192.168.200.0 0.0.0.31
    access-list 1 permit 192.168.200.32 0.0.0.15
    access-list 1 permit 192.168.200.48 0.0.0.1
    access-list 1 host 192.168.200.50
    access-list 1 deny any log
    It would be a good idea to put it on a boundary though, so the following would be much more simpler and easier to read.
    access-list 1 remark ALLOW MANAGEMENT
    access-list 1 permit 192.168.200.0 0.0.0.63
    access-list 1 deny   any log
    Apply the access-class on the vty lines and depending on authentication, i'd put something there too.
    line vty 0 4
    access-class 1 in
    transport input ssh
    password blahblah
    That ought to do it.
    good luck!
    Brad

Maybe you are looking for

  • Cant sync iphone 5 calendar with outlook

    I can't get the calendar on my iphone 5 to sync to outlook.  Any suggestions

  • Delivery Date changed after order placed, iphone 4S

    Hi all,  I just noticed that the order I placed on the 12th, with a delivery date of the 21st , is now stating a delivery date of the 28th!! I called CS and of course they are saying there is nothing they can do. Has anyone else had this happen? Any

  • IDOC_OUTPUT_DELINS - fill enhancement for DELFOR02

    Hello, this is something new for me so I hope that somebody here can give me the necessary hints to solve this issue. I have added an enhancement to IDOC type DELFOR02. It is only a segment with three fields on position level. My problem is, how to f

  • HT201472 how can I block lost/stolen phone?

    Lost my phone, how can I block it so whoever has it can't use it?

  • Assingned Objects for an Employee

    Hello All, My FDS has a requirements on Objects On Loan, Firstly it says to fetch the IHPA-PARNR , if it matches to PA0001-PERNR , then display equipment related to PARNR. Secondly it says ER=PARNR=PERNR, ** For evry PERNR entered verify the Partner