Tag Archives: ssh

SSH link encountered error [remote host identification has changed!]

When using vscode to connect to docker development environment, the following error occurred in SSH connection:

REMOTE HOST IDENTIFICATION HAS CHANGED!

At first, I thought that the environment sshd in docker was not started, or the host port was occupied, but after troubleshooting, no problem was found. Baidu later found a solution

Cause of problem:

ssh connection will store the public key in ~/.ssh/known_hosts, when connecting to the same host ssh will check the public key, if the public key is not the same then it will report an error, because
My development environment is in docker, and the host name is the same because of the mapped port, so I deleted the record of the host in the file and reconnected.
It's OK!

Solution:

Delete the information about the connected hosts in ~/.ssh/known_hosts and you're done!

SSH Error: write failed: broken pipe [Three Methods to Solve]

Problem scenario

Server environment: cloud Linux CentOS host

Client: Mac OSX terminal

Problem phenomenon

After connecting to the server with SSH command, if you do not operate for a period of time, you will not respond for a period of time when entering terminal again, and then an error prompt will appear:

Write failed: Broken pipe

You can only reconnect with the SSH command.

Solution:

Method 1: if you have multiple servers and do not want to set them on each server, just add the config file in the ~ /. SSH/folder of the client and add the following configuration:

ServerAliveInterval 60

Method 2: if you have more than one person managing the server, you don’t want to set it on each client, just set it on/etc/SSH/sshd of the server_ Add the following configuration to config:

ClientAliveInterval 60

Method 3: if you only want to keep the current SSH connected, you can use the following command:

$ ssh -o ServerAliveInterval=60 [email protected]

Summary of SSH error reporting and solution records

SSH key signing failed

scenario: When Using SSH key to verify identity
error reported:

sign_and_send_pubkey: signing failed: agent refused operation

Environment: Debian 9.7 (Stretch)
Solution:

1) Confirm the problem

Add “SSH_AUTH_SOCK=0” before the SSH command:

SSH_AUTH_SOCK=0 ssh <username>@<server>

If you can log in normally, the variable SSH is displayed_AUTH_Output when sock content:

echo $SSH_AUTH_SOCK
/run/user/1000/keyring/ssh

Then we can determine that the key signature failure is caused by the SSH agent with Gnome keying Gnome keying SSH agent does not always handle SSH keys in all formats correctly. However, it tries to process all SSH keys, resulting in an error( The typical one doesn’t have diamond and has to do this porcelain work)

If you still cannot log in normally, it means that SSH agent does not exist or exists but the key is not found. You can refer to here and solve it with a few commands

 

2) problem solving

As mentioned earlier, if SSH is added before the SSH command_AUTH_You can log in normally after sock = 0 , which means that the Gnome keying SSH agent is trying to process the SSH key encoding method that it may not be able to handle. There are two solutions: disable the Gnome keying SSH agent self startup, or use SSH keygen to regenerate and upload the public-private key pair generated by the coding method that Gnome keying SSH agent can handle

The second method is mentioned in this blog post. The advantage of this method is that it does not need to change the local system settings. The disadvantage is that it needs to update the public keys of all servers. For those who upload the public keys to multiple services (such as GitHub, gitlab, digitalocean, etc.), it needs to do a lot of repetitive operations, which is troublesome

The first method will change the system settings, but it is only a minimum change (only disable SSH agent startup under Gnome keying ), almost does not affect the system functions. Therefore, Gnome keying SSH agent can be completely replaced by SSH agent of openssh
the specific methods are as follows:

 

Open the search bar, search for startup applications applications and run them (if they are not installed, they will be prompted for installation)

In the pop-up window, find SSH key agent Gnome keying: SSH agent , and turn off auto start

Restart the system

SSH login error: no common Kex alg [How to Solve]

ssh login to solaris10 with error.

Jan 19 11:02:51 node1 sshd[7489]: fatal: no common kex alg: client ‘diffie-hellman-group1-sha1’, server ‘gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==’

This problem is caused by the ssh key, you need to regenerate the rsa and dsa key.

[email protected] :/etc/ssh #> ls -ltr
total 194
-rwxr–r–   1 root     sys          861 Jan 22  2005 ssh_config
-rwxr–r–   1 root     sys        88301 Jan 22  2005 moduli
-rwxr–r–   1 root     root         887 Nov  7  2010 ssh_host_rsa_key
-rwxr–r–   1 root     root         227 Nov  7  2010 ssh_host_rsa_key.pub
-rwxr–r–   1 root     root         668 Nov  7  2010 ssh_host_dsa_key
-rwxr–r–   1 root     root         607 Nov  7  2010 ssh_host_dsa_key.pub
-rwxr–r–   1 root     sys         5026 Nov  7  2010 sshd_config

Delete the original key
[email protected] :/etc/ssh #> rm -rf ssh_host_*

Generate a new key
[email protected] :/etc/ssh #> /lib/svc/method/sshd -c
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair

Restart ssh service
[email protected] :/etc/ssh #> svcadm restart ssh

 

Could not create directory ‘/ /. SSH’ when installing Git

Website content quality is poor, distribution efficiency is too low how to do?Huawei engineers offer 5 unique skills>>>

After installing git in window, generate SSH key in CMD. Use SSH keygen

During the command, I was prompted with the error of “could not create directory ‘/ /. SSH”. My colleague said that he had encountered the same error before, which was caused by the lack of system variables. At that time, he helped me add the variables, but I didn’t see which variable was added. Today, I looked up the information on the Internet and found out that the environment variable of home was added. My job is to add home = C/users. Then skills are generated automatically. Excerpt【

Digression: because it’s a Windows environment, it may have been affected when cygwin was installed a few days ago

In addition, in the actual use process, we found that although cygwin imitates the Linux environment under windows, in many cases, there will be obscure problems, and there is no error prompt. For example, this time, using the command line of cygwin and git, everything else is normal, but when submitting the code, it will lose its response (not stuck, but after entering, it will not submit the code and there is no output) and there is no error prompt. Finally, it’s done with the built-in CMD of windows

)】

In addition, the note I learned is the misunderstanding of GIT. I used to think that Git is GitHub, but I learned that they are different concepts through video learning. Git is actually more like a technology, and GitHub is a platform to provide the use of this technology

Environment: Windows 7 ultimate

Install a docker container in centos7 that can log in SSH

Recently, I’ve been working on docker, which really excited me for a few days. Let’s share the installation process

Because docker requires a higher version of Linux kernel, I installed centos7 in VBox. As for how to install CentOS 7, I don’t need to worry about it. Here is the minimal installation

First, configure the network card to ensure that the virtual machine can access the network normally, because the installation of docker requires networking. I am usually used to setting up two network cards when installing virtual machine. One uses NAT to connect and is responsible for surfing the Internet; A host only connection is used to connect the host to the virtual machine. Then enable the two network cards, the simplest way is to enter dhclient mode, the system will automatically assign IP to the network card

First of all, the command to install docker:
is used

#yum-yinstalldocker

After the installation, you can use the following command to view the available images:

#dockerimages
REPOSITORYTAGIMAGEIDCREATEDVIRTUALSIZE

At this time, no image is available and the container cannot be started, so we need to download the image. In this step, we can choose to download images of different systems. Here, we still choose the most familiar CentOS. In this step, docker will download image files online

#dockerpullcentos

Wait until the image download is completed, and then use the docker images command to see several CentOS images:

#dockerimages
REPOSITORYTAGIMAGEIDCREATEDVIRTUALSIZE

 

First, build a docker container that can be accessed through SSH

1. Start a docker container:

#dockerrun-i-tcentos/bin/bash

This creates a new docker container and enters the bash of the container

2. Install sshd:

#yum-yinstallopenssh-server

3. Start sshd. Use absolute path here. To view the path of a command, use where is or which:

#/usr/sbin/sshd-D

The following error occurs when starting sshd under centos.

Could not load host key: /etc/ssh/ssh_host_rsa_key

Could not load host key: /etc/ssh/ssh_host_dsa_key

Simply execute the following commands in sequence.

ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key #just enter

ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key #just enter

ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N “”

Press and start the sshd service again, it should be fine. 4.

4. After finishing, edit the sshd_config configuration file, find the paragraph UsePAM yes, change it to UsePAM no

#UsePAMno
UsePAMyes
to
UsePAMno
#UsePAMyes

If you don’t modify this paragraph, you will exit immediately when you log in to the container using SSH

5. Install passwd and change the password of root

#yum-yinstallpasswd
#passwroot
Changingpasswordforuserroot.
Newpassword:

6. After changing the password, execute the exit command to exit. At this time, you will return to the shell of the host machine and execute the following command to submit the container to the image:

#dockercommitcontaineridimagename

Here, containerid is the ID of the container, and imagename is the name of the image at the time of submission. It’s better to use a new name when submitting for the first time, instead of covering the original clean CentOS image

The container ID can be viewed through the docker PS – L command. After starting the container, the default host name is actually the container ID

7. Start a new container through docker run. The parameter – D means running in the background and – P means mapping the docker to the host port

#dockerrun-d-p10022:22imagename/usr/sbin/sshd-D

If there is no problem starting, you can log in to the container:

#[email protected]

After logging in, we can install all kinds of software and build all kinds of environments

When using SSH to log in to MySQL, Navicat reported an error: expected key exchange group packet from server

1、 Navicat SSH connection mode

Because the company uses alicloud’s RDS, it needs to connect to the database through the intranet (it does not provide direct public network access). At this time, you can use the SSH method of Navicat to connect to the RDS through a springboard machine

2、 Connection error and solution

Error: SSH: expected key exchange group packet from server

Solution:

1. Upgrade Navicat

2. Modifying the configuration of sshd

[[email protected] ~]#vim /etc/ssh/sshd_config  #Edit the sshd configuration file and add at the end
KexAlgorithms [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1

 

Repair of SSH startup failure after Ubuntu 16.04 update

After chopping hands, the fraud call came before the express delivery was received. How to improve the privacy and security of e-commerce>>>

On the first day after the festival, the virtual machine was updated. After restarting, SSH could not be accessed. I quickly logged in to the manufacturer’s control panel to have a look. I could only use the provided online shell to enter the system to find problems. First, I manually restarted the SSH service

Failed to start OpenBSD Secure Shell server

Hurry to Baidu, use systemctl status ssh.service to check, refer to two articles, and carefully check/etc/SSH/sshd_ Finally, it runs

sshd -T

Create directory MKDIR/var/run/sshd

Finally, restart the SSH service and check the status. You can also log in locally