I thought I was sshing into an old server, but it turns out to be a VM into which I ssh'd. I don't know the credentials of the host machine and would like to get this to connect to it directly. Is there a way I can find this through the VM?
EDIT:
Suppose I just want whatever I can get - in this case, perhaps just the IP, as robmathers notes.
dmidecode | egrep -i 'system-product-name'
gives me "VMware Virtual Platform".
No. Passwords in Linux are stored in encrypted form and you can't read them. But if you can change the password by mounting the virtual hard drive and modifying /etc/shadow (unless the drive is encrypted). There are many guides how to do that.
Related
I looked and looked but probably overlooked . I have a vsphere cloud with over 300 virtual machines. Each machine name as it appears in the vsphere client is actually the hostname of each machine (I have done this manually). Those machines sometimes have to change their hostname. At this time I hope there is a way to obtain/get/read the guest machine name from the machine itself, and then if there is a mismatch, then I'll know and modify the machine name when needed.
So, vmware-toolbox-cmd or other tool (from the linux open-vm-tools) can retrieve that info, the machine name ?
I don't normally use the ESXi host directly to retrieve information about the guest VMs, but you should be able to do something like: vmware-toolbox-cmd config get guestinfo hostname
This is sourced from the API docs for GuestInfo
I am maintaining a Virtual Machine on a Cloud Service with Linux (SLES) operating system. At some point, someone logged in, did some major things (e.g. chmod 777 on ALL files, etc) and, with some other things that he did, messed up the system.
It would be no surprise if he actually hacked it, but...
The vm is hosted inside a VPN (unreachable from outside the VPN), and last root command specifies a user connected through tty1 (!!!), with no IP address, while all my connections, root and user are pts/X.
My thoughts (not like I am an expert) are concluding on one thing, this user must have physical (?) access to cloud service, since tty is reachable locally.
Which means, that if that is true, the "attacker" must be someone from inside the Cloud-Service hosting company.
Question:
Is there ANY way you can connect remotely to a server/cloud service virtual machine using ttyX?
Correct me at any point you see wrong; as I mentioned I am not an expert but I am more than willing to learn.
Depending on the hypevisor, it provides a remote console, so, it is kind of local console connected from a remote place. Also, there is a ipmi protocol that can connected to the hypervisor and use the sol (serial-over-lan) command.
Other than that, the user might be connecting using a VNC, that would also be shown as a tty connection
IPMI SOL: http://www.alleft.com/sysadmin/ipmi-sol-inexpensive-remote-console/
Remote qemu guest console: How to switch to qemu monitor console when running with "-curses"
VNC on guests: https://askubuntu.com/questions/262700/qemu-kvm-vnc-support
I was curious as DigitalOcean provide us with root password reset option, as I have been working towards virtualization about 3 months and never came across direct way to do so.
Like openstack offers such option only for xen, where as if I am not wrong Digital Ocean provides for KVM. Also proxmox and other stacks do not provide this option.
So I need to know how these guys managed to do so.
One thing I know is that if I can access the file system then I can edit the shadow file but, In virtual environment Machine is in templete form not in Open File system state.
I was wondering if there is any root backdoor in OS itself provided by DO using which they change password on request ?
Thanks
If you turn off your virtal machine, all you have is the whole "virtual hard drive" file on "real hard drive" in a real machine. It's a common file system that can be parsed and managed from outside with no problem (unless it is encrypted).
So there's no reason for you to NOT be able to access the filesystem of the virtual machine, including the shadow file.
This is typically done using cloudinit... No hackery involved
It's easy to simply scp from another computer to the local one or vice versa. However, how to do it when you already sshed into another computer?
user#anothercomp:~/$ssh ~/path/file (how to specify local computer?):~/localpath/file
Note that my computer is a personal laptop instead of a server, so answers here Download files to local drive when sshed do not apply since it requires to specify the domain name, and my laptop is no server.
So what's the correct way to specify my local computer? (Please don't say exit ssh and then scp, since it will possibly lose temporary data when working)
You don't need to exit ssh, you can run scp from another virtual terminal in your laptop.
For convenience, you may want to try connection sharing, to avoid the need to enter passwords again; you may either use ssh -M or modify ~/.ssh/config. See man ssh and man ssh_config for details.
By SSH'ing into the second machine you lose the context of your first. For the purpose of transferring files the second machine would need to scp the files to the first, or could use a different (yet similar) approach such as sshfs.
If the issue is that the second machine does not have network access to the first, then tunneling is the likely solution. However, this just enabled scp or sshfs to connect--it doesn't let your ssh session access paths or variables from your local machine.
While your computer does not have a domain name, it still has an IP address, so you can connect to the IP address. You can retrieve the address from the SSH_CLIENT variable. See How to get the IP address from $SSH_CLIENT.
Obviously to ssh or scp to your computer, you need to be running an SSH server there. What is not common, if you are running Windows, in particular.
i am a newbie to linux(Centos 6.3) . Please forgive me for this simple question.
in my localhost i'll get the cpuinfo by using this cat /proc/cpuinfo.
if i want to get the remote system which is connected in my network.
Is it possible to get with out ssh ???
if not, how can i do that with out password for ssh. I red some posts, generating rsa keys in remote machines and copying to my localhost. With out these, is it possible to get cpuinfo and meminfo of remotely connected machines.
Because i want to display the info in Php. That's why i m afraid of ssh. Because if the user change password, again i need to generate keys and copying them to my .ssh folder...
is there any easy way to do that ??
I used to use staf for this purpose http://staf.sourceforge.net/, all you need to do is set trust between machines, nothing to worry about authentication. alternatively you can write a daemon (program) which just push the cpuinfo and meminfo to clients on request.