• How to allow SSH root user access in Linux/Debian/Mint/RHEL/Ubuntu/CentOS


    A lot of newer installs will automatically prohibit the root user from logging in directly, for security reasons or they will only allow key based access. If you know what you are doing/don't care about security or have an incredibly secure password for testing, then you can enable it. Edit this file: /etc/ssh/sshd_config Find the following line: PermitRootLogin Set it like this: PermitRootLogin yes Now rest........
  • SSH and sshfs timeout settings keepalive


    A big problem over ssh and especially sshfs is that your connection will often timeout and disconnect after inactivity. To fix this you can modify the server but it may not be practical or you may not have access. Why not send keep alives fom your end (client side)? Just edit /etc/ssh/ssh_config (not to be confused with sshd_config as that is the server side): Find the line that says "Host *" and change it like this:........
  • Linux Ubuntu Debian Missing privilege separation directory: /var/run/sshd


    service sshd status ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: failed (Result: start-limit-hit) since Wed 2019-10-02 11:07:54 EDT; 36s ago Process: 476 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255) Oct 02 11:07:54 box systemd[1]: Failed to start OpenBSD Secure Shell server. Oct 02 11:07:54 box sys........
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution


    If you get error messages like this it is usually because /var/run/sshd does not exist. root@userbox:/# service sshd status ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab Active: failed (Result: start-limit-hit) since Wed 2019-04-10 02:24:44 EDT; 1 Process: 511 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)........
  • ssh reverse proxy to enable remote access behind a LAN and firewall


    So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
  • X11 SSH Linux Forwarding Error


    Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket. The solution for me on the server side was the following in sshd_config: AddressFamily inet *Remember to restart sshd and also reconnect from the client side. Ihad all the normal X11 settings on the server but it just stopped........
  • Debian 9 SSH root password authentication failure password not working problem / solution


    In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password. The logs also indicate the password is wrong but what is often the case is in the config file Check /etc/ssh/sshd_config cat /etc/ssh/sshd_config|grep -i permitrootlogin Make sure it says: PermitRootLogin yes If not change it and restart SSH........
  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system. The key commands or arguments you will use with systemctl are the following: Unit Commands: list-units [PATTERN...] List loaded units &nbs........
  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication


    One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have. Edit your /etc/ssh/sshd.conf file Set this option PasswordAuthentication no Restart your SSH server. service sshd restart ........
  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution


    First of all I got this error after accidentally messing up my usergroup by using usermod -G user group When I would login using SSHkeys it would fail: sshd[2020]: Authentication refused: bad ownership or modes for directory /home/one No worries, the fix is simple! chmod g-w /home/use........
  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian


    Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access). 1. Edit /etc/ssh/sshd_config Find the section like this:........
  • sshd[10470]: Authentication refused: bad ownership or modes for directory /root


    This can be a case of bad permissions or modes as the error says. Normally one would assume permissions but often a script may change ownership of /root to something else. This was the case half the time I've encountered this. So in short make sure ownership is correct chown -R root.root /root........
  • Ubuntu/Debian OpenVZ Template Problems No Networking and SSH not starting


    It all comes down to a bug essentially where you are running an older kernel that doesn't support the newer Debian templates. The solution is to update your OpenVZ kernel. Here are some symptoms of the problem/lack of kernel support: Ubuntu Template 12.04 requires a manual network start: service networking start sshd will not start: /usr/sbin/sshd PRNG is not seeded mknod /dev/random c 1 8........
  • ssh session and port forward or reverse port matching or assocation howto


    Use netstat with the -anpe option. The e option shows the inodes and I do not know if it will always work or if it was by fluke but I was dealing with dozens of SSHsessions and needed to know which session was related to which forward (the PIDs of the SSHand SSHD did not match etc...) Notice the "59560675" and "59560762" those are almost identical, if you find two sets that are nearly identical except for the last 3 digits they may match (in my ca........
  • pxe-32 tftp open timeout


    pxe-32 tftp open timeout The solution was to enable tftp in xinetd with "chkconfig tftp on". See the troubleshooting below: chkconfig --list NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off&n........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • Linux Out of Memory OOM Object Killer Solution "Out of memory: kill process 1955 (sshd) score 81 or a child"


    I had a system running a 128MB live CD image with 2.8 gigs of available RAM and the OOM kernel killer went crazy when using dd for more than 8 minutes and kept killing everything. I've read that this is due to a low-memory issue and paging in the kernel and 32-bit systems with lots of RAM. I even enabled swapspace on my LiveCD and the issue happened 25 minutes into dd rather than 8 minutes, so what gives? Also no swap space was ever used! cat /proc/s........
  • sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys


    sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys I made sure the entire .ssh subdir is owned by the user root (this is root's account); chown -R root.root .ssh chmod 600 .ssh/authorized_keys but it still doesn't work and gives me the same message sshd[7339]: Authentication refused: bad ownership or modes for directory /root chmod 700 /root........
  • SSH Automatic/Passwordless Logon - Setup Public Key Encryption In Single Command


    This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that. If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :) Just use this code to easily enable passwordless login with SSHD key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
  • SSH automatic login without password


    SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa -t is the encryption type -f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used A password will be asked; leave this part blank, just pressing Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
  • Updated to Version 3.8 and can't login


    Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from" This occurred during a yum update after upgrading my release, installing the new kernel and rebooting. I got kicked out of sshd after seeing the following during yum update: telnet 100 % done 85/476 tux 100 % done 86/476 ntsysv 100 % done 87/476 rpmdb-redhat 94 % done 88/476........
  • SSH Slow Login even with SSHD UseDNS no parameter


    Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay. The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
  • SSH Server Slow/Lagged/Delayed Login Response


    This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks. The chances are this is the cause of your SSHSlow/Delayed Login problems. The easy solution to SSH Login Problems Edit /etc/ssh/sshd_config Add this line to disable r........
  • SSH Problem User username from 127.0.0.1 not allowed because not listed in AllowUsers


    User username from 127.0.0.1 not allowed because not listed in AllowUsers What's going on? The user was created properly, it has been defined as having a shell entry and the entry for /etc/passwd and /etc/shadow is set just fine. This is a new and very smart/secure feature of SSHD. It is simple and yet effective, but also very annoying if you didn't know about it being implemented and that hand editing of /etc/ssh/sshd_config is required to allow a newly add........
  • Latest Articles

  • Cloned VM/Server/Computer in Linux won't boot and goes to initramfs busybox Solution
  • How To Add Windows 7 8 10 11 to GRUB Boot List Dual Booting
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial
  • efibootmgr: option requires an argument -- 'd' efibootmgr version 15 grub-install.real: error: efibootmgr failed to register the boot entry: Operation not permitted.
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif
  • Linux Debian Mint Ubuntu Bridge br0 gets random IP
  • redis requirements
  • How to kill a docker swarm
  • docker swarm silly issues
  • isc-dhcp-server dhcpd how to get longer lease
  • nvidia cannot resume from sleep Comm: nvidia-sleep.sh Tainted: Linux Ubuntu Mint Debian
  • zfs and LUKS how to recover in Linux
  • [error] (28)No space left on device: Cannot create SSLMutex Apache Solution Linux CentOS Ubuntu Debian Mint
  • Save money on bandwidth by disabling reflective rpc queries in Linux CentOS RHEL Ubuntu Debian
  • How to access a disk with bad superblock Linux Ubuntu Debian Redhat CentOS ext3 ext4
  • ImageMagick error convert solution - convert-im6.q16: cache resources exhausted
  • PTY allocation request failed on channel 0 solution
  • docker error not supported as upperdir failed to start daemon: error initializing graphdriver: driver not supported
  • Migrated Linux Ubuntu Mint not starting services due to broken /var/run and dbus - Failed to connect to bus: No such file or directory solution