Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I have a VPS server and a client is asking for SSH access on their hosting account.
I can allow this through the user setup for that particular account but will they be able to admin the entire server then?
I am worried their developer might start installing modules and break my other clients' sites.
Does your VPS come with any control panel ? If so, its usually safe to allow SSH access. However, here is what I would do.
Find out why the client wants SSH access. This is not a conclusive method but would give you a chance to provide alternative solutions if you are uncomfortable enabling SSH access. Note that a lot of hosting service providers, small and large, do not allow SSH access (atleast not without making it so hard that the casual client refrains from asking).
For your mental comfort, create a SSH account for yourself and login with SSH access. Try to see what you can do beyond that specific account. If your test SSH access does not allow you any access beyond that test account, you know that the other guy cant do much either.
you can allow your client to access SSH. It will not create any problem for othersites which is in the same server. As you are giving them only the user account they can not execute root commands. However if the client want to install any modules they need the root authentication.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
I had the idea for an in-browser ssh client, but i couldnt find any detailed explanation on how to write a SSH client. I tried looking it up but i couldnt find anything(Most results were about Putty or rankings of clients).
One idea would be to write an express app on the server that just executes the command it gets by the URL paramater or something else, but
it wouldnt be very secure i guess
i got curious
I think it works similarly to a websocket. First you send a normal http request or something and then you try to "upgrade" the request to a ssh tunnel
How does http/ssh protocol work? couldnt help
Edit:
Any Keywords or links to articles about how to code your own SSH Client or server would help
Thanks
You may just tunnel your ssh connection through Web Socket.
The problems are how you build the functionality of ssh client if you want ssh connections start from local users.
To develop the client in browser(meanwhile in a site), the most works can only be done by JavaScript.
However, because of secure problems, JavaScript has lots of limits in contrast with normal local programs.
The another way you provide that execute commands on server is surely easy to do, but the problem is : how can I trust the web application and the server as I need to provide my private information?
If I can use mature ssh technology to 100% ensure my security, how do we make people believe that the ssh web application is totally safe and willing to use it?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I installed Centos7, all fine, till I want to access via SSH, I get always Access Denied.
I get it with the root user, and another new created user
I tested SSH within the LAN, so no firewall issue
For the root user "PermitRootLogin yes" is set.
SSH service is started
... till now, I have no clue what I ignored to set it right to have it working.
I got a look into the secure log. When I try to login with the root user on the LAN, I do like:
ssh root#192.168.2.11
in log I get: invalid user root#localhost from 192.168.2.108
When I try through VPN-tunnel:
ssh root#192.168.2.11
in log I get: invalid user kristoxxxxxxxx
this is my username on my OSX device. why is this one passed?
This may be due to RSA or DSA keys, os please delete or backup following files from /etc/ssh director to another one.
ssh_host_dsa_key, ssh_host_dsa_key.pub, ssh_host_key, ssh_host_key.pub, ssh_host_rsa_key , ssh_host_rsa_key.pub etc
Now restart your sshd service
service sshd restart
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I have a server that currently accepts passwordless ssh login on my desktop computer. Now I want to log into the server using my laptop. If I didn't have access to my desktop computer, how would I be able to add my laptops ssh key? In fact every time I try to ssh into the server from my laptop, it asks me for the password. I'm not sure what this is asking for, what password is it referring to? None of the passwords that I know works, it's always giving back permission denied. Is it the private ssh key I setup from my desktop computer?
Basically, how would I login to the server from the laptop?
This is on a digital ocean server. I changed the sshd_config file and allowed by uncommenting:
PasswordAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
Apparently both of the above were commented out even when my passwordless ssh worked from the desktop computer. How could this happen?
I know I can do ssh-copy-id, but doesn't that require me to be able to SSH into the server in the first place? With no access to the desktop workstation, there's no way to access the server in any way!
Your question is not very clear. Anyway:
When you login to a server, you are asked the password of the remote user on that server. This user is usually specified when doing ssh:
ssh remote_user#server
However, it is possible to login without a password or with a passphrase (i.e., a password on the local PC used to encrypt the real ssh password). This is well explained here. In practice, a ssh password is stored on your local computer and used to automatically connect to the remote server. This password is encrypted and can be protected by a passphrase.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Can anyone explain to me in layman what's SSH (Secure Shell) in a shared hosting?
I know you can access the web hosting server remotely using a command line interface using an application like Putty. But does it give you have more access to the server or it's another way of creating directories or uploading files and stuff like that? Or you can install extensions or do more advanced things?
Thanks.
Depends on the restriction the host sets, but it often lets you run command line utilities, often used for things like batch processing files, changing file permissions, etc.
In other words, SSH gives you access to do most things you'd be able to do if you were logged in to the machine locally (without root access).
It is just a security layer that encrypts all data flowing to and from the server so other people can't read it's contents. This is especially useful if you are dealing with sensitive information.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I've inherited a website to build. I've just come to realization that the website's server is not typical to what I've always worked with; EG - I usually create an FTP with the hosting account and work live at http://www.mycoolclients.com/dev/index.html
I've found that I must connect using; SSH. I have little direct server experience. I'm told I need to work with linux or download something like 'putty'. How do I connect to work live at this situation?
Use sftp instead of ftp.
Learning how to use ssh would definitely be valuable as it's widely used and extremely useful, but in the immediate you can just use sftp for anything that you previously used ftp for. sftp will give you the same interface as ftp, but connects via ssh.
You didn't mention what ftp software you use, but many also support connecting via sftp.