I had used Ubuntu for a while and I have configured ssh aliases for hosts I need to connect through ssh. A few days ago I started using mac book and I moved all ssh info (keys, config) onto my mac. But when I'm typing ssh project_ and press TAB it does not show possible hostnames, and even when I'm typing ssh project_sta and TAB, autocompletion not working. But when I'm typing the full name like ssh project_staging it works, so I assume that everything is okay with the config file
I tried to use the original mac terminal and iterm2, same issue on both. Also, I asked other guys who work on mac, and ssh autocompletion works for them.
My ssh config:
Host project_staging
HostName xxxxx
User xxxx
Port xxxx
Host project_production
HostName xxxx
User xxxxx
Port xxxx
In real life, I have much more hosts and it's hard to remember all of them.
Any ideas, thank you!
okay, I solve it by adding zsh with oh_my_zsh and add ssh as a plugin to a .zshrc file
Related
Need to reach phpMyAdmin on an EC2 instance behind a bastion/jumpserver from local laptop.
Looking to reduce these steps into using .shh/config. The question seeks to solve the right configurations.
When connecting to EC2 without public bastion server to jump through, this is the normal way documented which does not work in my case because our deployment uses a public facing bastion:
https://docs.bitnami.com/aws/faq/get-started/access-phpmyadmin/
When you need to jump through a public facing bastion e.g.:
Local/Laptop ------> bastion/jumpserver -----> ec2
This above reference link does not follow the same workflow and documentation is sparse.
Setting up inbound/outbound rules for this capability is also sparse.
The preference is to use .ssh/config which is setup like this:
Host bastionHostTunnel
Hostname <publicBastionIp>
User <bastionusername>
ForwardAgent yes
IdentityFile <local path to .pem file>
Host ec2Host
Hostname <privateEC2IP>
User <ec2 username>
ForwardAgent yes
IdentityFile <local path to .pem file>
# -A Enable forwarding of the Authentication agent connection
# -W used on older machines instead of -J to bounce through
# %h the remote hostname
# On Windows 10(only?) seems must call ssh.exe instead of only ssh
ProxyCommand ssh.exe -A -W %h:22 bastionHostTunnel
I obviously left out vars in <> above - but I have them and have verified similar configuration is working for enabling SFTP as above with FileZilla.
Then in shell call this to bind port localhost:8888 (http://127.0.0.1:8888):
ssh ec2Host -D 8888
Then ought to be able to open browser and go to the following to access phpMyAdmin:
http://127.0.0.1:8888/phpmyadmin
Current issue is that this process is hanging and possibly refusing the connection. This points to either bad configuration above or incorrect inbound/outbound rules for either/both bastion and ec2 instance.
Has anyone here had similar issue and was able to solve and could share further, much appreciated. Plus any extra clues as far as debugging the overall process would help in the answer.
I'm most curious if it works if you specific everything on the command line...once you determine that works, you can start refactoring to put some aspects in to .ssh/config. It's usually easier for me to find errors with my configuration if everything is on the command line, plus I don't know that I see the correct forwarding options all listed there.
Unless I'm very mistaken, you don't need any reference to the ec2 host in your SSH config file because you're using the jump machine to redirect localhost traffic there, you wouldn't directly be able to reach the ec2 host machine from your local machine using an SSH tunnel.
There are many ways to do a tunnel, but when I do this, I use a command like ssh -L 8080:destination:80 -i <keyfile> me#jumpbox . destination must be reachable from jumpbox, which I can verify by first using ssh -i <keyfile> jumpbox then, once on that machine, ssh destination. If there's a problem along the way, it's easier to debug these little steps (for instance, if I can't connect by manual ssh to jumpbox then I know the tunnel will never work).
I'm able to access google coral via putty using same network. But is it possible to access google coral using different network (like VNC server)
Regards
Rahul
If you would like to access the google coral through remote ssh e.g. putty or another ssh service you can change the ssh permissions:
sudo nano /etc/ssh/sshd_config
and set:
ChallengeResponseAuthentication yes
PasswordAuthentication yes
save the file and restart the ssh service:
sudo systemctl restart ssh
Remote ssh should work now. To get the vnc server working the coral would need a GUI which it does not have.
I've solved the problem. Checked with google support officially you can't connect google coral with different network. But incase if you want to connect within same network this is how you will connect.
generate key using puttygen.
once key is generated store public/private key (.ppk).
copy public key and paste in authorized_key location.
once public key is pasted get the broadcast ip address by hitting below command
mdt shell
ip addr | grep wlan0
Load ppk file in putty/winscp and pass the ip address which we got after running above command.
Google coral is now successfully connected with putty/winscp
I have installed ubuntu 18.04(WSL) in my win 10 64 bit, 1903.
For the command git clone https://github.com/facebookresearch/fastText.git,
it works well in git bash(git for windows) and ubuntu 18.04 shell but not in bash (C:\Windows\System32\bash.exe), the error message is
$ git clone https://github.com/facebookresearch/fastText.git
Cloning into 'fastText'...
fatal: unable to access 'https://github.com/facebookresearch/fastText.git/': Could not resolve host: github.com
I have only two .gitconfig file in my pc, one for git bash and another for ubuntu 18.04 shell. I think ubuntu 18.04 shell may equal to bash in some degree but the bash must have problems.
It could be that your /etc/resolv.conf file is corrupt - it happened to me!
Symptoms are:
Inside WSL /etc/resolv.conf is not plain text but some binary garbage. It should be plain text.
You cannot e.g. ping google.com or ping stackoverflow.com from inside WSL.
You can ping those domains OK from powershell in the windows host. Windows git also works OK.
Aside: Interestingly ping github.com fails for me today on all my machines but that doesn't stop me from visiting github in my browser or using git - strange.
The solution is to sudo rm /etc/resolv.conf and restart WSL - windows will recreate that file for you and you should be able to ping away and use git once more from within WSL.
To restart WSL - open a Powershell terminal in Administrator mode and run the following commands. (taken from #germa-vinsmoke 's answer)
wsl --shutdown
Get-Service LxssManager | Restart-Service
Edit your wsl.conf
sudo nano /etc/wsl.conf
[network]
generateResolvConf = false
Save this file and exit. Then edit /etc/resolv.conf.
sudo nano /etc/resolv.conf
Add/Edit this line
nameserver 1.1.1.1
Then close your WSL console. Open Powershell with admin and shutdown the wsl.
wsl --shutdown
At last, restart the wsl service
Get-Service LxssManager | Restart-Service
More info - WSL2 - No internet connectivity. DNS Issues(Temporary failure in name resolution)
Edit 1 By P.hunter:
When your are behind an VPN, you need to set your nameserver to same what the VPN provides.
For that -
Go to Network Status (On Windows) and click on change adapter settings.
Find the adapter of your VPN, right click on it and open properties.
Find IpV4 option from the dropdown, and open it.
Find the DNS mentioned and use the same in Step 3.
None of the above answers worked for me. But this answer from this Github thread did. Reposting for ease:
It seems launching the VSCode daemon messes things up
Make this your /etc/wsl.conf file
[network]
generateResolvConf = false
Shutdown wsl
wsl --shutdown
Start wsl and create the file: /etc/resolv.conf containing
nameserver 8.8.8.8
P.S. if this answer doesn't help, others on the Github thread might!
I can assume that you have problems with proxying.
Try it:
git config --global --unset http.proxy
git config --global --unset https.proxy
Similar problem: #20370294 and #5377703
I did the following step to resolve the issue:
Check the connection to the internet.
ping stackoverflow.com
Edit /etc/resolv.conf, in my case the reason is due to the nameserver 172.22.16.1
sudo vim /etc/resolv.conf
add the nameserver to point to google server
nameserver 8.8.8.8
nameserver 8.8.4.4
and add a comment to the original nameserver by adding #
Repeat step 1 to cross-check the connection again.
Hope this helps!
I am trying to ssh a bastion using pycharm PyCharm 2018.1 on a Windows 7 machine using putty.
I found some documentation to ssh a server and this work without any issues:
https://www.jetbrains.com/help/pycharm/tutorial-using-the-product-built-in-ssh-terminal-and-remote-ssh-external-tools.html
For the bastion server, it seems that pycharm doesn't allow such conection (in the config I only see login and server name as parameters). I tried to put in the putty configuration to the bastion server a tunnel to a localhost. On my window machine I see the port of my localhost.
The issue is that I don't manage to connect pycharm to the localhost. It expect a login and a pwd while I just have the localhost name.
I see in a post from last year that "if you are using a bastion host (also referred to as a jump host), you’ll be very happy to know that PyCharm 2017.3 supports SSH config files. Even on Windows."
https://blog.jetbrains.com/pycharm/2017/10/pycharm-2017-3-eap-5/
Any idea how to have it working either with the localhoast of using OpenSSH and SSH config file ?
The issue was the localhost.Using plink directly is working with no problem using same commands than regular ssh: plink.exe -L 9009:server:22 user#bastion. With Putty it doesn't work (first the IP was 0.0.0.0:port instead of 127.0.0.1:port even with the right port pycharm failed to connect with it work when I use plink directly).
This thread was helping: https://serverfault.com/questions/387772/ssh-reverse-port-forwarding-with-putty-how-to-specify-bind-address
I have a strange problem with vagrant ssh. Similar questions, like Vagrant asks for password after SSH key update, or (vagrant & ssh) require password, or Vagrant ssh authentication failure do not help me.
So, the plot.
I have a virtual machine running Ubuntu 14.04.3. All setup was made according to this article: https://blog.engineyard.com/2014/building-a-vagrant-box.
Note: I can ssh to this virtual machine using Putty with vagrant's insecure_private_key (converted to *.ppk), which is located "C:/Users/Gino/.vagrant.d/insecure_private_key. Password is not promtped.
Then I packaged this virtual machine, init vagrant with this package and ran vagrant up. I got "Warning: Authentication failure. Retrying..." error. But nevertheless I could vagrant ssh to this machine, but it asked me a password. And if I tried to ssh to it using Putty with the necessary key (as in the first paragraph), it asked me for a password too.
I vagrant halted this machine, found it in VirtualBox VM's list and ran it manually. After that I tried to ssh to this machine using Putty with the same key and succeed - I could logon without any password.
Result of vagrant ssh-config, if needed:
h:\VagrantBoxes\main-server32>vagrant ssh-config
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile "C:/Users/Gino/.vagrant.d/insecure_private_key"
IdentitiesOnly yes
LogLevel FATAL
My Vagrantfile (it was generated automatically, almost nothing there, only a suggested line from comments was added):
Vagrant.configure(2) do |config|
config.vm.box = "vagrant-main-server32"
config.ssh.insert_key = false
end
So what's the mystery here? Why ssh using key works without vagrant up and fails and prompts for password with it?
Note. Another funny thing: it still can not authenticate during
vagrant up. But if at the time when errors "authentication failure"
appear I log in to vm through virtualbox, it also succeed to log in in
the window with vagrant up. And then vagrant ssh works.
I had the same issue with vagrant 1.8.1, on several boxes I use (ie: geerlingguy/centos6)
I didn't have any problem with Vagrant 1.7 on those boxes.
After some research on why i could not ssh in that box, it appears that /home/vagrant on the box had 755 permissions and ssh prevent authentication to user with those permissions
extract of /var/log/secure:
Jan 28 15:11:36 server sshd[11721]: Authentication refused: bad ownership or modes for directory /home/vagrant
To fix that vm, I only have to change the permissions /home/vagrant (did a chmod 700 on it) and now i can ssh directly into my boxes
I don't knwo how to fix it directly I think you should modify your box directly
Hope this helps!
edit: I thought it was a shared folder from the host but it's /vagrant that is shared not /home/vagrant
I had this old setting at the top of ~/.ssh/config.
PubkeyAcceptedKeyTypes ssh-dss,ssh-rsa
After removing it, vagrant ssh stopped asking for password.
If you saved your Vagrantfile on an external HardDrive and use exfat because you are working cross platform like me, you will also encounter this error. Since exfat does not save permissions, ssh will always think that the private keys permission is 777 => to open.
I put together this script as a workaround which runs on powershell and bash (so compatible with Linux, Mac and Windows):
# ssh-agent # uncomment if your ssh-agent isn't running as a service
cat V:\vm\arch_template\.vagrant\machines\default\virtualbox\private_key | ssh-add -
ssh -p 2222 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no vagrant#localhost
It requieres a working ssh-agent configuration. Also pay attantion to the correct port! Vagrant changes it to a different port if 2222 isn't availabe during vagrant up.
I had the same issue, getting vagrant#127.0.0.1's password: when starting up vagrant, after inputting the supposed password [vagrant], I could connect to the VM. However, after reading through other solutions, I tried ssh-agent on the same directory where the vagrantfile that was initiated is, and vagrant-ssh, and I am able to connect to the running instance.