Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Secure Shell Tools for over the web

  1. #1
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Secure Shell Tools for over the web

    Hello, I've set up OpenSSH which works fine locally. However what tools would you recommend that work over the internet and can be easily installed at work behind a proxy server on a windows machine?

  2. #2
    prodigy_ is offline May the Ubuntu Be With You!
    Join Date
    Mar 2008
    Beans
    1,219

    Re: Secure Shell Tools for over the web

    SSH does work over the Internet (though you need port forwarding unless the server is directly connected to the Internet). Putty is a commonly used Windows client.

    I never tried to SSH through proxy but it should be possible:
    http://www.techtalkz.com/blog/tips-n...-firewall.html
    Last edited by prodigy_; May 11th, 2013 at 03:36 PM.

  3. #3
    Join Date
    Sep 2006
    Beans
    8,623
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Secure Shell Tools for over the web

    If you're stuck on a Windows client then PuTTY is the way to go. There is also portable PuTTY, too.

    What kind of proxy are you talking about? Most set ups let SSH pass right through. If you have a proxy that you must log into with SSH before connecting further, then you should look into Jump Hosts and that kind of thing.

  4. #4
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Secure Shell Tools for over the web

    Cheers both, I popped home forwarded 22 to my server, came back to work and logged in via putty, and to my surprise it worked first time.

    I'm now happily playing on my server whilst I should be working.

  5. #5
    Join Date
    Sep 2006
    Beans
    8,623
    Distro
    Ubuntu 14.04 Trusty Tahr

    key-based authentication

    If you check your logs you can probably see that crackers are hammering away at your SSH server. There are two useful things to do. One is to disable root logins. (PermitRootLogin No) Root is already disabled in Ubuntu, but this is just crossing the ts and dotting the is. The other is to disable password authentication (PasswordAuthentication no) and use keys with a good passphrase to connect. That will prevent bruteforce attacks from guessing your password. See the manual page for sshd_config for more options and explanations.

  6. #6
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Secure Shell Tools for over the web

    grep sshd.\*Failed /var/log/auth.log | less
    grep sshd.\*Did /var/log/auth.log | less

    produces;

    Apr 17 12:54:19 Tomato sshd[24650]: Did not receive identification string from 83.244.225.145

    Does that mean someone tried to get in?

    I couldn't get the keys to work over the LAN I kept getting "Agent admitted failure to sign using the key."

  7. #7
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Secure Shell Tools for over the web

    This might be of help. I don't use any agent to remember my passphrase, so I enter it whenever I need to connect.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  8. #8
    Join Date
    Sep 2006
    Beans
    8,623
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Secure Shell Tools for over the web

    You'll get things like this, when people try to get in. Largely it's automated and distributed:

    Code:
    Apr 16 00:28:14 lubuntu sshd[22515]: Failed password for invalid user admin from xx.yy.zz.aa port 34953 ssh2
    To get keys working, you need a key pair and the public key needs to be copied over to the server and put in ~/.ssh/authorized_keys. The whole key has to stay unbroken on one single line.

    Then to connect, you can reference the private key directly:

    Code:
    ssh -i ~/.ssh/server.key rhysgm@xx.yy.zz.aa
    Or you can load it into the agent first, and let that worry about the key. This is good if you're going to log in multiple times in short order.

    Code:
    ssh-add ~/.ssh/server.key
    ssh rhysgm@xx.yy.zz.aa
    Did you do those steps?

  9. #9
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Secure Shell Tools for over the web

    +1 to Lars. I use logwatch to keep an eye on my logs so I don't have to check them manually on the server every day.

    I checked my VPS and this is what logwatch said:

    Code:
    --------------------- SSHD Begin ------------------------ 
    
     
     Didn't receive an ident from these IPs:
        200.77.161.1 (200-77-161-1.cable.dyn.cablevision.net.mx): 1 Time(s)
        202.121.166.203: 1 Time(s)
        202.28.123.194: 1 Time(s)
        54.251.250.122 (ec2-54-251-250-122.ap-southeast-1.compute.amazonaws.com): 1 Time(s)
        79.133.201.90: 1 Time(s)
     
     Illegal users from:
        86.109.100.24: 6 times
           teamspeak: 2 times
           nagios: 1 time
           oracle: 1 time
           postgres: 1 time
           test: 1 time
        96.45.18.226: 2 times
           nagios: 1 time
           teamspeak: 1 time
        115.238.73.16: 7 times
           oracle: 3 times
           msr: 1 time
           nagios: 1 time
           test: 1 time
           user0: 1 time
        183.62.232.93: 202 times
           oracle: 11 times
           user0: 6 times
           i-heart: 4 times
           diskbook: 3 times
           mircte: 3 times
           nagios: 3 times
           test: 3 times
           webmaster: 3 times
           www: 3 times
           bash: 2 times
           cwalsh: 2 times
           dolby: 2 times
           eddy: 2 times
           eduis: 2 times
           firefox: 2 times
           forevermd: 2 times
           guest: 2 times
           hub: 2 times
           mpsoc: 2 times
           mysqll: 2 times
           public: 2 times
           robertas: 2 times
           savitarna: 2 times
           ss2701: 2 times
           tadas: 2 times
           2012eduworld-2: 1 time
           Giani: 1 time
           PruncuTz: 1 time
           a: 1 time
           ale: 1 time
           alumno: 1 time
           apple_search: 1 time
           appltest: 1 time
           appluat: 1 time
           arthur: 1 time
           best: 1 time
           bkalle: 1 time
           bluecore: 1 time
           brightcorea: 1 time
           cjh: 1 time
           cladhaire: 1 time
           content: 1 time
           crond: 1 time
           danger: 1 time
           db2inst1: 1 time
           ddtddt: 1 time
           demuji: 1 time
           deng: 1 time
           dmd: 1 time
           dna1admin: 1 time
           dwsadm: 1 time
           eb: 1 time
           eclasi: 1 time
           eggbreaker2: 1 time
           evil: 1 time
           ewt: 1 time
           filecoupon: 1 time
           fm: 1 time
           fslbsmo: 1 time
           ftp: 1 time
           ftp2: 1 time
           ftp_wooripa: 1 time
           ftpd: 1 time
           ftpuser: 1 time
           gamme: 1 time
           gis: 1 time
           gwool: 1 time
           herosys: 1 time
           hhzls: 1 time
           httpd: 1 time
           ic: 1 time
           idclicksucai: 1 time
           img_data: 1 time
           info: 1 time
           inx: 1 time
           ip: 1 time
           jboss: 1 time
           jhshin: 1 time
           joyko: 1 time
           kai: 1 time
           kkamja: 1 time
           langliguo: 1 time
           lday: 1 time
           lex: 1 time
           lions: 1 time
           lipo: 1 time
           lovetravel-ftp: 1 time
           luis: 1 time
           mark: 1 time
           mbkim: 1 time
           megafile: 1 time
           mercy: 1 time
           michael: 1 time
           mmroot: 1 time
           moon: 1 time
           mooon: 1 time
           msr: 1 time
           multirode: 1 time
           multitrode: 1 time
           mviara: 1 time
           mysql0: 1 time
           mythtv: 1 time
           netcool: 1 time
           network: 1 time
           nexus: 1 time
           oratest: 1 time
           organize1: 1 time
           pabon: 1 time
           paul: 1 time
           paulb: 1 time
           paulos: 1 time
           perfectpond.org: 1 time
           pjtas: 1 time
           plechlo: 1 time
           postgres: 1 time
           prince: 1 time
           prueba: 1 time
           quegen: 1 time
           rayyau: 1 time
           rob: 1 time
           royalsoft: 1 time
           rppt: 1 time
           sandbox: 1 time
           scott: 1 time
           search: 1 time
           server: 1 time
           shobo: 1 time
           sir: 1 time
           smcgrath: 1 time
           sshserver: 1 time
           ssl: 1 time
           suniltex: 1 time
           svn: 1 time
           swsgest: 1 time
           tanglp: 1 time
           taz: 1 time
           tazelaar: 1 time
           template5: 1 time
           tmax: 1 time
           tomcat: 1 time
           tommy: 1 time
           trustconsult: 1 time
           tryit: 1 time
           tst: 1 time
           ttf: 1 time
           user: 1 time
           utnet: 1 time
           veronique: 1 time
           vivian: 1 time
           vizz: 1 time
           web: 1 time
           whg: 1 time
           x: 1 time
           xmap: 1 time
           xtreme: 1 time
           yangjun: 1 time
     
     ---------------------- SSHD End -------------------------
    Gee, I wonder if someone is trying to do an attack against my server...
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  10. #10
    Join Date
    Sep 2006
    Beans
    8,623
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Secure Shell Tools for over the web

    Cool. Thanks for the logwatch output, CharlesA. Are the probes coming close enough together that rate limiting with IP tables could trim it down a little? The ones I see against sshd come in kind of slowly and they seem to be hoping that a small percentage of a very, very large pool will match.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •