Developer Blog - Inventic.eu
  • Skipper - The ORM Designer
  • VsBuilds - Parallel building
  • Pulpo - Free Skipper CLI

Tag: #ssh

Using ssh as proxy/tunnel between Mac OS and Linux

How to connect to remote computer with private key by using ssh:

#register private key<br />
ssh-add ~/dev/Private/ludek_vodicka_dsa.openssh</p>
<p>#connect to computer and forward local port to remote computer and remote port<br />
ssh my-computer.com -p PORT -lUSER -L LOCAL_PORT:REMOTE_COMPUTER:REMOTE_PORT</p>
<p>#connect to computer and create SOCKS proxy on port SOCKS_PORT<br />
ssh my-computer.com -p PORT -lUSER -D SOCKS_PORT<br />

Note:

If your private key was created for Windows, it will probably not work on linux/mac. It's necessary to convert it by using puttygen (on mac or windows). You need to open it by puttygen and choose "Save as openssh" from menu.

Additional resources

07 Feb 2014

Posted by: ludek.vodicka

Linux Mac OS #ssh #tunnel #port-forwarding

Why I am not using phpMyAdmin on production servers

Even though I find phpMyAdmin and similar tools useful I don't like them on production servers. When I spent a lot of my time protecting website against SQL injection I don't want to leave opened doors to access the database through phpMyAdmin. Many phpMyAdmin installations are not protected with HTTPS and just one login on a public or attacked wifi can lead to a lot of troubles. So I recommend to delete the phpMyAdmin installation from the server and start with a more comfortable and secured way to do the task.

SSH tunnel will give you the security you're looking for. Start your Putty, load the session and configure tunnel:

Putty tunnel screenshot

I've selected port 3366 to be used on my local machine so it avoids conflict with my other installation. Now I can connect from any tool to MySQL database at localhost:3366. I prefer Netbeans IDE and MySQL Workbench which is also really great for server/user configuration.

28 Aug 2013

Posted by: ludek.vodicka

Programming Linux #Linux #ssh

Secure SSH with RSA/DSA key

We are using SSH a lot to deploy our projects and to do common maintenance tasks. If you are accessing your server many times a day you might find frustrating typing the password all the time. You can use private key instead. Here are some detailed articles about adding RSA key and configuring SSH daemon. Bellow is a summary of the basic steps for Windows users.

Putty which is a great alternative to the Linux tools. To generate private/public key you should use PuttyGen.exe. Run the application, click generate and follow the instructions. It's a good idea to put your name into the key comment so you could easily recognize your public key in configuration files. You should also protect your key with a password.

PuttyGen screenshot

Copy the public key which is located in the big text field above Key fingerprint field. Append the public key into /root/.ssh/authorized_keys file (if you want to login as root). You might need to create this file if it doesn't exist already. Click on Save private key button and save the key to a secured place. You can now use this private key to login with putty to the remote server. To make things more comfortable you can use an agent to store unlocked private keys in the memory while you are logged into your computer. Run this command after you login:

pageant.exe john_doe.ppk

Without any further settings you should now be able to login to the remote SSH without password. If everything worked as expected you can now disable password authenticated access to make your server more secure:

# /etc/ssh/sshd_config
PasswordAuthentication no

To load you key after you login to a Linux box (useful for deployment) insert:


# ~/.bash_profile
# include .bashrc if it exists
if [ -f ~/.bashrc ]; then
 . ~/.bashrc
fi

keychain --clear id_rsa
. ~/.keychain/$HOSTNAME-sh

ssh-add

Now we have a little bit more secured but more comfortable way to use SSH.

28 Aug 2013

Posted by: ludek.vodicka

Programming Linux #Linux #ssh #rsa/dsa key

How to change Ubuntu computer network name and setup SSH access

To change computer network use following commands:

sudo nano /etc/hostname
sudo reboot

To check host name:

hostname

To setup SSH access use:

sudo apt-get install ssh
sudo apt-get install openssh-server
08 Sep 2012

Posted by: ludek.vodicka

Linux #Linux #network #ssh