TL;DR: Why does the ssh client for OpenSSH 6.x send the string "OpenSSH_6.2p2" immediately when connecting, and OpenSSH 5.x client does not send anything?
I am trying to get an ssh tunnel working via an HTTP/S proxy. I can get a TCP connection which is properly tunneled, using an http CONNECT request. It works correctly with the SSH client on my Mac OSX 10.9, but does not work with an older Mac running an older OSX.
This led to the following oddity which I am at lost to explain. (This may be a foolish question to someone familiar with the SSH protocol, but after searching for a bit I cannot find a simple explanation of what that protocol is supposed to look like, and am hoping to not have to read the entire RFC in order to debug this; thus this post.)
On Mac OSX 10.9 with OpenSSH_6.2p2:
Terminal 1:
nc -l 127.0.0.1 5000
Terminal 2:
ssh test#127.0.0.1 -p 5000
Terminal 1 then outputs:
OpenSSH_6.2p2
So this newer client transmitted that string upon connection.
On CentOS 6.3 with OpenSSH_5.3p1:
Terminal 1 and 2 commands exactly the same as above.
But terminal 1 does not output anything. Looks like this older client didn't send anything upon connection.
The TCP connection itself it working correctly from everything I can tell. It seems to be a protocol difference. But these are both apparently using SSH "version 2" protocol.
These two machines seems to be able to SSH to each other without trouble. However there is something odd happening with my tunnel, and I'm trying to understand what the protocol is looking for so I can debug.
Does anyone understand what is going on here? Or perhaps know where there is a simple 1,2,3 type explanation of which side sends what for this protocol and any info on version differences?
It's covered here: https://www.rfc-editor.org/rfc/rfc4253#section-4.2
Both the client and the server are supposed to send their version strings upon connection. However it appears that in the earlier versions the client is waiting for the server before sending it's string - which seems like an implementation detail that is technically a bug (presumably fixed in SSH 6.x) but doesn't normally create a problem in practice.
If anyone is interested, here is what I was trying to solve: https://github.com/bradleypeabody/proxyman/blob/master/README.md
Related
First of all, a rookie, related to VPN/Security issues, so really
forgive me for whatever error I make while describing my problem,
and hope I'm able to make it clear.
Our contractors changed AVIATRIX-OKTA VPN for AWS-VPN with OKTA
Authentication, they send as an .ovpn file, that works ok for
Windows/MAC using AWS-Vpn-Client application software, but a
couple of us using Linux boxes (Ubuntu specifically) run the
described method in AWS which is: openvn config-file.ovpn,
and it does not work.
It simply asks for usr/pwd an then it fails with auth error (we use our OKTA credentials)
, seems nothing is configured to go to OKTA, open a browser or whatever it needs to do.
As an aside note, we can connect without any trouble to our k8s cluster using OKTA
client libraries, no sure is this is useful or not, just in case.
The .ovpn file looks like this
client
dev tun
proto tcp
remote random.cvpn-endpoint-xxxxxx.yyy.clientvpn.us-west-2.amazonaws.com 443
remote-random-hostname
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
verb 5
<ca>
....
....
....
</ca>
auth-user-pass
auth-federate
auth-retry interact
auth-nocache
reneg-sec 0
An interesting thing to notice is that openvpn complains about auth-federate
seems not to recognize it, so I started using gnome network-manager which seems
to accept this configuration, but getting Auth error too.
After this I tried openvpn3 which didn't complain about configuration,
but still getting the same error.
I also tried adding TOPT token to password and the same problem
Any help on how to configure it, or just know if it is possible, will be greatly welcome
, seems there is very little information around this in the net
and we are really stuck on this, we are willing not to change OS or machines as they
are asking to, or using VM just to connect.
Thanks in advance,
We have tried the solution mentioned in the following URL and it worked for us:
https://github.com/samm-git/aws-vpn-client/blob/master/aws-connect.sh
The detailed working of this solution is explained in :https://github.com/samm-git/aws-vpn-client/blob/master/aws-connect.sh.
We have made few changes in the configuration files to make it work.
Removed the following lines in vpn.conf.
auth-user-pass
auth-federate
Made the following change in line 38 in the script aws-connect.sh.
open "$URL"
to
xdg-open "$URL"
Finally I got an answer from AWS people:
If the Client VPN endpoint is configured using SAML-based
authentication (such as Okta), then you have to use the AWS-provided
client to connect:
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html#saml-requirements
And the promise to update del client documentation with a WARNING about
this.
I am trying to ssh into my server at work (CentOS) from my laptop (Ubuntu). When I am at home, I do it by running the following script on the server (I start it while I am physically at work):
ssh -R (port #):localhost:22 (name#home ip)
I do this because it doesn't accept connections from external IPs. Then, I can ssh into the specified port on my laptop, and it works fine.
However, when I am actually at work, I cant ssh to the server. The other people in my office can. They do this very simple command (only works while they are at work, since they need an IP from inside the system):
ssh (username)#(work ip)
And they are automatically logged in. When I do that, I get no response; no public key denial, no wrong username, no response at all. Eventually it times out. But I know the server has ssh running, because everyone else can do it.
Additionally, if I do this on my laptop, while at work:
ping (work ip)
I do get response packets, with no loss, almost no lag. But ssh doesn't work.
I can ssh to other places from my laptop, both while I am at home and at work. So my laptop is properly configured to ssh to things, it just doesn't reach the work server for some reason. I talked to the guy who set it up and he insists there is no whitelist; the only security from internal IPs (and I am physically on site, so I have an internal IP, so there should be no need to do the ssh -r like I do at home) is the private/public RSA key system, and I know the keys must be already set up, because it works when I do the ssh -R from home. Plus, if the keys were not set up, I would get a public key denial, instead of no response at all, right?
If I do ssh -vv, this is the last line before it times out:
debug1: Connecting to ccny6 [work ip] port 22.
I see other people have posted similar questions, but the responses they seem to generally be "is the server running the ssh service" etc, which I know it is as other people can ssh to do (as can I if I'm using the ssh -r tunnel), so none of those responses did me much good, unfortunately.
Summary: I can ssh to a server from OFF site via a ssh tunnel, but can't ssh to it while I am right next to it using direct ssh, even though I can ping it, and others can ssh to it.
The most possible reason for the same is your ISP. I too had this issue few months back. They had closed ssh ports. Ask them and get it released.
Just a confirmation, try to do ssh to other IP's as well. It wont work either if your ISP has blocked it.
So in a controlled environment I used evilgrade, a payload I had created, etter, and then netcat to do a mitm to get my target device to install my created payload as an "update" and it worked. I got my target device to successfully do this and so I began writing a python script to automate this process rather than memorize the commands and now it does not work. As stated before everything worked flawlessly the first time through, but after I had established a connection to the target device, I cannot replicate it. I have tried uninstalling/purging all of the applications (except ettercap) and doing a fresh install as well as returning all config files like etter.dns and etter.conf to their defaults before trying to replicate.
The evilgrade CLI shows this:
start
evilgrade>
[3/5/2017:9:40:33] - [WEBSERVER] - Webserver ready. Waiting for connections ...
evilgrade>
[3/5/2017:9:40:33] - [DNSSERVER] - DNS Server Ready. Waiting for Connections ...
evilgrade>
The netcat CLI shows this:
root#oxYMmCIZ:~# nc -l -p 444 -v
Listening on [0.0.0.0] (family 0, port 444)
The first time netcat ran I saw what looked like something encrypted going across the CLI (I assume showing that traffic was indeed coming through) but I did not use -v that time so I did not see anything but the squares.
This is my first questions here and I feel like I should state that I am self taught so if I misuse any terms feel free to let me know. I know how to make stuff work, not explain it by the books' terms :)
what is the Linux command to connect to another server using host name and port number?
how to connect to another server using only host name and port number then check if an existing process is running? the only way i see it working is to log in to the server and run the PS command. but is there a way to do it without logging in directly to the other server and connect only with host name and port number and check the running process?
If you just want to try an arbitrary connection to a given host/port combination, you could try one nmap, telnet or nc (netcat).
Note that you can't necessarily determine whether or not a process is running remotely - it might be running on that port, but simply ignore anything it sees over the port. To really be sure, you will need to run ps or netstat or etc. via ssh or etc.
If you want to use SSH from e.g. a script or, more generally, without typing in login information, then you will want to use public key authentication. Ubuntu has some good documentation on how to set this up, and it's very much applicable to other distrobutions as well: https://help.ubuntu.com/community/SSH/OpenSSH/Keys.
If you have no access to the server you're trying to list processes on at all, then I'm afraid there isn't a way to list running processes remotely (besides remote tools like nmap and so on, as mentioned earlier - you can always probe public ports without authentication [although you might make people angry if you do this to servers you don't own]). This is a feature, not a problem.
telnet connects to most of services. With it you can ensure that port is open and see hello message (if any). Also nc is more low level.
eri#eri-macro ~ $ telnet smtp.yandex.ru 25
Trying 87.250.250.38...
Connected to smtp.yandex.ru.
Escape character is '^]'.
220 smtp16.mail.yandex.net ESMTP (Want to use Yandex.Mail for your domain? Visit http://pdd.yandex.ru)
helo
501 5.5.4 HELO requires domain address.
HELO ya.ru
250 smtp16.mail.yandex.net
MAILĀ FROM: <someusername#somecompany.ru>
502 5.5.2 Syntax error, command unrecognized.
If there is plain text protocol you cat talk with service by keyboard. If connection is secured try openssl.
openssl s_client -quiet -connect www.google.com:443
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
GET /
<HTML><HEAD>
If protocol is not known you may see much of hieroglyphs or just Connected to ... message.
Try this :
ssh <YOUR_HOST_NAME> 'ps auxwww'
Like Dark Falcon said in the comments, you need a protocol to communicate with the server, a port alone is useless in this case.
By default on unix (and unix like) servers, ssh is the way to go.
Remote Shell with this command. Example is cat a file on the remote machine.
rsh host port 'cat remotefile' >> localfile
host and port self explainitory
remotefile: name of some file on the machine remote logging to in home directory
localfile: name of file cat information to.
Use monitoring software (like Nagios). It looks at your processes, sensors, load and thatever you configured to watch. It continuously stores log. It alerts you by email\sms\jabber if something fails. You can access it with browser or by HTTP API.
I have an issue where i have connected my linux server to a serial port. There is a continous flow of data from serial port which comes through epabx.
In Minicom i get first call's data and from second call it goes offline.
I dont see any data.
Can some one help me on this.
Thanks for all the help given by you. Finally i have got the error solved.
God knows how i started getting the data.
But still i am listing the steps i performed to get correct data.
Sometimes data from serial port wont be capturing in the processing form application.
It may be because of the following issues.
1.Serial port not connected properly.
2.Serial port cable not working.
3.Some pins on serial port are damaged or connection lost.
Note: For above all reasons contact the client person or person in charge of epabx systems.
4.Data not getting displayed on hypertiminal.
This is a common issue in linux which uses minicom as hyperterminal.
Sol: Check the version of the minicom before running it on linux. If the version is minocom 2.1 then some process would be blocking the incoming data.
Uninstall minicom 2.1 and reinstall minicom 2.0
It is said that gate 8 process would block the incoming data.
minicom may be responding to control characters in your data. I'd recommend something simple but effective like
od -t x1 -t a /dev/ttySomething
to dump your data in both hex and as text.
You should also check that your port settings are correct i.e. bitrate, parity, stop bits, flow-control. Sometimes, when your settings are not correct, you will end up with weird results. Also, you need to check that your protocol is only sending texts as Carl mentioned.